
Zoek.exe v5.0.0.0 Updated 22-05-2014
Tool run by ( on do 29/05/2014 at 23:32:37.55.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\(\Downloads\Programs\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

29/05/2014 23:35:30 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\FlashGet deleted successfully
C:\PROGRA~2\Lavasoft deleted successfully
C:\PROGRA~2\SiteLookup deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Soluto deleted successfully
C:\Users\(\AppData\Roaming\FlashGet deleted successfully
C:\Users\(\AppData\Roaming\Soluto deleted successfully
C:\Users\(\AppData\Roaming\Spotify deleted successfully
C:\Users\(\AppData\Roaming\UpdateStar Drivers deleted successfully
C:\Users\(\AppData\Local\HP MediaSmart Video deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\(\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\ProgramData\cm-lock" not deleted
"C:\PROGRA~2\Internet Download Manager\IDMan.exe" deleted
"C:\PROGRA~2\Internet Download Manager\idmbrbtn64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\idmfsa.dll" deleted
"C:\PROGRA~2\Internet Download Manager\idmftype.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMNetMon64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMShellExt64.dll" deleted
"C:\PROGRA~2\Internet Download Manager" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\(\AppData\Local\Temp ====
====== Java Cache =====
2014-05-19 09:09:04	86C47CA21A599230CA54E8F5EBDB6A07	124	----a-w-	C:\Users\(\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6619ee07-6a59155a
2014-05-19 09:09:04	86C47CA21A599230CA54E8F5EBDB6A07	124	----a-w-	C:\Users\(\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\6619ee07-6a59155a
====== C:\Windows\SysWOW64 =====
2014-05-29 06:25:36	CEE4C9E092168CEBD187491AF6FDA8FB	264616	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-05-29 06:25:32	ECB3AB701D6E26F5E54C58957E34E719	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-05-29 06:25:32	8C7C6D494D86307CDCF63E0478767C16	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-05-29 06:25:32	2251971694E17BAC4E344DC2B7CD7ADD	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-05-24 12:16:30	0DC5AF80D059DEC792B665ED598C6567	536576	----a-w-	C:\Windows\SysWOW64\sqlite3.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-05-15 10:36:53	353009DEDF918B2A51414F330CF72DEC	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2014-05-15 10:36:53	1C2D8E18AA8FD50CD04C15CC27F7F5AB	155072	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-05-29 06:25:44	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-05-28 06:54:05	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2014-05-22 16:59:19	--------	d-----w-	C:\PROGRA~2\freshney.org
2014-05-15 18:48:58	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2014-05-12 07:18:33	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\(\AppData\Roaming ======
2014-05-22 16:59:27	--------	d-----w-	C:\Users\(\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xinorbis6
2014-05-22 16:59:27	--------	d-----w-	C:\Users\(\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Xinorbis6
2014-05-12 07:18:38	--------	d-----w-	C:\Users\(\AppData\Local\Skype
2014-05-12 07:18:38	--------	d-----w-	C:\Users\(\AppData\Local\Skype
2014-05-11 17:02:22	--------	d-sh--w-	C:\Users\(\AppData\Locallow\EmieUserList
2014-05-11 17:02:22	--------	d-sh--w-	C:\Users\(\AppData\Locallow\EmieUserList
2014-05-11 17:01:44	--------	d-sh--w-	C:\Users\(\AppData\Local\EmieUserList
2014-05-11 17:01:44	--------	d-sh--w-	C:\Users\(\AppData\Local\EmieUserList
2014-05-11 17:01:44	--------	d-sh--w-	C:\Users\(\AppData\Local\EmieSiteList
2014-05-11 17:01:44	--------	d-sh--w-	C:\Users\(\AppData\Local\EmieSiteList
2014-05-11 17:00:46	--------	d-sh--w-	C:\Users\(\AppData\Locallow\EmieSiteList
2014-05-11 17:00:46	--------	d-sh--w-	C:\Users\(\AppData\Locallow\EmieSiteList
====== C:\Users\( ======
2014-05-29 17:13:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\(\Downloads\RSITx64(1).exe
2014-05-29 17:13:28	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\(\Downloads\RSITx64(1).exe
2014-05-29 06:25:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-05-29 06:23:41	B8D51D13AA9516ECB78AB0EB9217CB2E	918952	----a-w-	C:\Users\(\Downloads\jxpiinstall.exe
2014-05-29 06:23:41	B8D51D13AA9516ECB78AB0EB9217CB2E	918952	----a-w-	C:\Users\(\Downloads\jxpiinstall.exe
2014-05-29 06:06:27	!HASH: COULD NOT OPEN FILE !!!!!	0	----a-w-	C:\ProgramData\cm-lock
2014-05-24 12:15:39	70F851F7A524071E13F17DC401A21906	1326389	----a-w-	C:\Users\(\Downloads\adwcleaner_3.210.exe
2014-05-24 12:15:39	70F851F7A524071E13F17DC401A21906	1326389	----a-w-	C:\Users\(\Downloads\adwcleaner_3.210.exe
2014-05-22 16:59:43	--------	d-----w-	C:\Users\(\xinorbis
2014-05-22 16:59:43	--------	d-----w-	C:\Users\(\xinorbis
2014-05-22 16:59:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Xinorbis6
2014-05-18 08:25:53	--------	d-----w-	C:\Users\(\Nieuwe map
2014-05-18 08:25:53	--------	d-----w-	C:\Users\(\Nieuwe map
2014-05-14 07:41:18	--------	d-----r-	C:\Users\(\Saved Games
2014-05-14 07:41:18	--------	d-----r-	C:\Users\(\Saved Games
2014-05-14 05:47:29	--------	d-----w-	C:\ProgramData\Sony
2014-05-12 07:18:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2014-05-29 10:03:13	BACBCBDDB9BAB05D1D50F294EBBAC59E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2780795746-2943123703-1752905818-1001\$IJF6IA9.exe
2014-05-29 06:25:27	F9DE7324BDF83F5AFE174354F47C2AE0	16808	----a-w-	C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-05-29 06:25:27	ECB3AB701D6E26F5E54C58957E34E719	175528	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-05-29 06:25:27	E87885A59FDC241B6575943A75E495D9	182696	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-05-29 06:25:27	E2C8F178A57D011518785CF75044CD69	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-05-29 06:25:27	E0FE8B7BE802F8C4A71317AC35E44B00	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-05-29 06:25:27	CEE4C9E092168CEBD187491AF6FDA8FB	264616	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-05-29 06:25:27	C7C5FF4B0E83702EFBC0C886D87E9743	145832	----a-w-	C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-05-29 06:25:27	B5C9699AA60F74F144DB5A566F6E58F8	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-05-29 06:25:27	AEA4E94FC2A2F88FA5EC7FB6BC349E1B	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-05-29 06:25:27	96777405AB93AF8FCF6C9B6F5C3F1E51	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-05-29 06:25:27	84FB0EC0581C996F445433BD2379A5CC	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-05-29 06:25:27	82517DE5984F3EA3A49E0B5C8825DA63	68008	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-05-29 06:25:27	8140DCC3064BA8ADC407D956BE19D764	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-05-29 06:25:27	62CA7ABA57A4FCDB3844F73A156BAE26	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-05-29 06:25:27	3427C247AFEC295CD4A20B53EE445F23	16808	----a-w-	C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-05-29 06:25:27	3002E7E937FCB8985320AA807E762845	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-05-29 06:25:27	235A2E87C34995F1837283FE76CD2E46	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-05-29 06:25:27	2251971694E17BAC4E344DC2B7CD7ADD	175528	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-05-29 06:25:27	1EFC992CA271E6D40034FBE7BCEDB724	52648	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-05-29 06:25:27	07643C3AF27179144C9800AF0819DE75	48040	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-05-29 06:25:27	0595B07F96E4F48784A4B772B887AD68	49576	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-05-28 06:54:06	C1C7FA2E0C5F44593E66490070985192	109886	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2014-05-28 06:54:05	E1B6FCAE82474FC071155263E2841D54	119408	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2014-05-27 20:53:42	7A2D9E298E5743A76A1D07466A146D63	564928	----a-w-	C:\Program Files (x86)\Common Files\Steam\SteamServiceTmp.exe
=== C: other files ==
2014-05-29 06:25:27	8E29BBCCC8D802D36701633A7842FE74	18636	----a-w-	C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2780795746-2943123703-1752905818-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TrayServer"="C:\PROGRA~2\MAGIX\VIDEO_~2\TrayServer.exe"
"LaunchHPOSIAPP"="C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DAEMON Tools Lite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="DAEMON Tools Lite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\DAEMON Tools Lite\\DTLite.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\(\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\(\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPAdvisorDock]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPAdvisorDock"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\Dock\\HPAdvisorDock.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony Ericsson PC Suite]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sony Ericsson PC Suite"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Sony Ericsson\\Sony Ericsson PC Suite\\sepcsuite.exe\" /systray /nologon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Steam]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Steam"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Steam\\Steam.exe\" -silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LightScribeService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NAUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\OMSI download service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TomTomHOMEService]


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001UA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001UA.job --a------ [Undetermined Task]
C:\Windows\tasks\HP Photo Creations Communicator.job --a------ [Undetermined Task]
C:\Windows\tasks\HPCeeScheduleFor(.job --a------ [Undetermined Task]
C:\Windows\tasks\PCDRScheduledMaintenance.job --a------ [Undetermined Task]
C:\Windows\tasks\RegCure Pro.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\( NBAgent 5 4" ["C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe"]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Music\Kernel\CLML\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001Core" [C:\Users\(\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001UA" [C:\Users\(\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001Core" [C:\Users\(\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2780795746-2943123703-1752905818-1001UA" [C:\Users\(\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleFor(" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"]
"C:\Windows\SysNative\tasks\PCDRScheduledMaintenance" [C:\Program Files\PC-Doctor for Windows\pcdrcui.exe]
"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\RegCure Pro" [C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe]
"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [04/09/2013 17:59]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc@internetdownloadmanager.com"="C:\Users\(\AppData\Roaming\IDM\idmmzcc5" [06/03/2014 10:49]

==== Firefox Extensions ======================

ProfilePath: C:\Users\(\AppData\Roaming\TomTom\HOME\Profiles\nj1tdnin.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.351.9982@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.430.890926@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\(\AppData\Roaming\Mozilla\Firefox\Profiles\rgqr97xu.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
66640A55AEFF3819C94E0A8D40D7E0AD	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll -	Shockwave for Director / Shockwave for Director
9CB55B7CF03EE55E2E77AD5A8827148F	- C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll -	RocketLife Secure Plug-In Layer
CE3D390F8BC1FECF847ABAA6E887931E	- C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll -	Zylom Plugin
BAD62EC082FBC9BF6D54FAB91E53A35A	- C:\Program Files\Bitdefender\Bitdefender\Antispam32\npcomm.dll -	BitDefender 16


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[11/04/2014 14:15]

Google Docs - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Bitdefender Wallet - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl
Google Search - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Bitdefender Wallet - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl
Google Search - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - (\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2780795746-2943123703-1752905818-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-2780795746-2943123703-1752905818-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\(\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\(\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\(\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\(\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\(\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\(\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=123 folders=52 18673177 bytes)

==== Empty Temp Folders ======================

C:\Users\(\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\(\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\(\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\cm-lock"  not deleted
"C:\PROGRA~2\Internet Download Manager"  not found

==== EOF on do 29/05/2014 at 23:56:37.35 ======================