
Zoek.exe v5.0.0.0 Updated 02-June-2014
Tool run by Dirk on ma 16/06/2014 at 11:10:36,75.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: D:\Software 2014\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

16/06/2014 11:16:10 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Trend Micro deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted
C:\Users\Dirk\Downloads\avg_free_stb_all_2014_4259_cnet.exe deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Dirk\AppData\Local\Temp ====
2014-06-16 08:47:05	5634C601025C31032A0AF1590B4C0CA6	43008	----a-w-	C:\Users\Dirk\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpyqyema.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-06-11 16:25:08	A5F833506BF6A1B5D693E1499DEE2444	626688	----a-w-	C:\Windows\SysWOW64\usp10.dll
2014-06-11 16:25:04	E227B810296AA27E6C69307A7B6456E5	1389056	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2014-06-11 16:25:04	8B8D1CEF498678CAB9DF17145D34BC64	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-06-11 16:25:04	2E673E776136354ECFB57BFD62E7EC3D	2048	----a-w-	C:\Windows\SysWOW64\msxml6r.dll
2014-06-11 16:25:04	0789F82BAE171323F74B8F175D406AB8	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2014-06-11 16:25:03	BB9BADED14F0963498855AC28446CED5	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-11 16:25:03	7E27FB6AB8976897A530FB30F5FF7691	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-06-11 16:25:03	6D8E6A9A524FFAAFA4D2F6C8EF38D0BB	592896	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-06-11 16:25:03	0AFCE8EEF3751810FE2101FD608FB8B3	1143296	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-06-11 16:25:02	D9F5B424C307B195E16A9B0A21E53BCC	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-06-11 16:25:02	D5ECBB3BFDC73A59440D9CA79AB3A342	17271296	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-06-11 16:25:02	C69FDD49AB9E8BCF2BAAC469CE0CC756	1964544	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-06-11 16:25:02	C1F5812F355D0C9495C1B2E7165DA2AF	32256	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-11 16:25:02	9EAAB4305536829D6B7D9C3A47E92861	2179072	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-06-11 16:25:02	8DF06ACA017949D37C38B6A0EF747D4E	526336	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-06-11 16:25:02	017B99D09904DCA35D5F66AD79084B5F	368128	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-06-11 16:25:01	E0EA58834CD19FDFCD1BC37B22E1D3D8	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-06-11 16:25:01	D36574C287D0764C95AC777DFF367715	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-06-11 16:25:01	814E0D53EF020BD93097F26B53B573F0	440832	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-06-11 16:25:01	688227D38A6FF6403B293D0C50B454B9	11725312	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-06-11 16:25:01	5B5815477A53ED92B89955FFE7EDCB2E	242688	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-06-11 16:25:01	4D3074AA172DCFD5D56BE764B671085A	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-06-11 16:25:00	CC0077F9C7ACD7E97707DFC763A4EA99	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 16:25:00	C58E97EEB1CB80CE91D5E7FD5E78794F	4244992	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-06-11 16:25:00	22D7FFA4B94916F18EB1F1D107B86839	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-06-11 16:25:00	0AC4E3C93D49E37D5B008ED99092115C	1068032	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-11 16:25:00	09771ABC896D2A88370F3AB8BADC242E	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-06-11 16:24:59	EB960643DC62832C88272573204B6DBA	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-06-11 16:24:59	771CDBC3D62437D6DB070820BB1EDCCF	1790976	----a-w-	C:\Windows\SysWOW64\wininet.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-06-11 16:25:08	088CF6AFCD5CDD44E40C0ACDE3C1A5E0	801280	----a-w-	C:\Windows\Sysnative\usp10.dll
2014-06-11 16:25:04	ECA6AC33BD9E441F7B47D173D715D268	1882112	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-06-11 16:25:04	3408DD8081DC22858AE2E6ABD2594C02	2048	----a-w-	C:\Windows\Sysnative\msxml6r.dll
2014-06-11 16:25:04	0E3A7EC2B9590EA7767BBB1823630DEA	2002432	----a-w-	C:\Windows\Sysnative\msxml6.dll
2014-06-11 16:25:04	0465A8CFDDB4FFDB569802A70B9443D5	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2014-06-11 16:25:03	EF2D8BBA6E077559B675513BC0EE5FC2	3178496	----a-w-	C:\Windows\Sysnative\rdpcorets.dll
2014-06-11 16:25:03	2147C5330F983D76A36B73F4A804F778	16384	----a-w-	C:\Windows\Sysnative\RdpGroupPolicyExtension.dll
2014-06-11 16:25:02	DA7AAB5D4E5F7160E906C0D2EB9A2B9F	38400	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-06-11 16:25:02	D5C446B14DC667B7B9FBB30EA1701D92	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-06-11 16:25:02	3ED5C9055F7A635399FC12892F565287	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-06-11 16:25:02	3A1AB9DE852F2BC1ECE6403BDD01B9F0	1398272	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-06-11 16:25:01	EAAA62F272858695814A1F42D5E59BD3	608768	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-06-11 16:25:01	DFD834E89B819B5ECE8E251C56B5A3CE	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-06-11 16:25:01	BFD3178735D97C858FFA467F8199700C	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-06-11 16:25:01	867DD52B23D3B0390B88F3D7AD1E600C	631808	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-06-11 16:25:01	12BA419E27DBC5DBF9262C8A885FA361	452096	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-06-11 16:25:00	B34D3F303769E65CE7EFBD4E6FB62B25	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-06-11 16:25:00	3FC3828E8820D1C93DBFBAD4BE456D85	2040832	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-06-11 16:25:00	063EF4239479F52DAF9F4849B0B304F1	2768384	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-06-11 16:24:59	CE6109C73C3A04CC2B8C6110B0F0FEF9	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-06-11 16:24:59	CB8A91074AE1B5051E240B50A328DCF5	295424	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-06-11 16:24:59	B2C037F50A02D6C057B1E0791BBF41A5	574976	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-06-11 16:24:59	790FD40601502C5FE8213D4F335DA0BD	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-06-11 16:24:59	2DBB9127794BC30BC31D26FA088F8BAB	13522944	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-06-11 16:24:58	CC603EF96BA456D4BCD9FF849ED07A2A	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-06-11 16:24:58	AB3FA3D9B1F1D0571CBC43D1487CCD6F	5782528	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-06-11 16:24:58	A4A58E3171C03A1145D1C3EC488D1B4F	1249280	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-06-11 16:24:58	9013D5BBE1B6D3A060F54B4B5BB2C3A3	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-06-11 16:24:58	770F067D833DC017CEB8A36A2A1EC942	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-06-11 16:24:58	6B9925F498D4E91FB57576CC3776D428	752640	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-06-11 16:24:58	40BFD9D6EC8E174145F012246CA73CCD	2266112	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-06-11 16:24:58	2F474D40626B0C694400589F3FBB9AA9	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-06-11 16:24:57	F343ECB3C683EBD7E3990C03AD680855	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-06-11 16:24:57	8E3C6008250A904C06943BCEA585E344	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-06-11 16:24:57	56803B20D168C1B740D12CE0BE4588F5	23414784	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-06-11 16:23:44	84A13AB118F433898B5ABA36E8D7CA91	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-06-11 16:23:44	2C053C9B2A8249F1F9B38ED1AE455771	506368	----a-w-	C:\Windows\Sysnative\aepdu.dll
====== C:\Windows\Sysnative\drivers =====
2014-06-11 16:25:06	17F685B67C74B8F7BFED4308790B71DE	288192	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-11 16:25:06	04ADD18EE5CC9FBEDAEC1DD1CD0CB45E	1903552	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
2014-06-15 09:33:10	2C0013436AC57AE73C2726613B86A005	3108	----a-w-	C:\Windows\Sysnative\Tasks\{667586B1-38C1-4774-86BF-68C933A0EBBA}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-20 08:12:40	--------	d-----w-	C:\Program Files\iTunes
2014-05-20 08:12:40	--------	d-----w-	C:\Program Files\iPod
======= C:\PROGRA~2 =====
2014-05-20 08:12:40	--------	d-----w-	C:\PROGRA~2\iTunes
======= C: =====
====== C:\Users\Dirk\AppData\Roaming ======
2014-06-16 09:01:04	--------	d-----w-	C:\Users\Dirk\AppData\Local\WinZip
2014-06-14 17:38:33	--------	d-----w-	C:\Users\Dirk\AppData\Local\Adobe
====== C:\Users\Dirk ======
2014-05-20 08:13:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

====== C: exe-files ==
2014-06-12 08:23:07	DF61864BA778845C6E725F7BF1EAEB0E	2675280	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\35.0.1916.153\35.0.1916.153_35.0.1916.114_chrome_updater.exe
2014-06-11 16:25:03	4F2AA3E7BD7257E4937E071E3700819E	810200	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-06-11 16:25:03	4AFAE8BAF6E85311AD78395C47351A1D	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-06-11 16:25:02	60F88F6CA6303E8273AF7AAA9AAFECAC	812248	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-06-11 16:25:02	50989AAF09CDCEBC0FD8EB0FE79C2A98	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-06-11 16:25:02	4076E62E061769E42186AE860007FA08	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-06-11 16:25:01	EAAA62F272858695814A1F42D5E59BD3	608768	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-06-11 16:25:01	BFD3178735D97C858FFA467F8199700C	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-06-11 16:25:00	CC0077F9C7ACD7E97707DFC763A4EA99	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-06-11 16:25:00	159C5979C61F51EEFC84D9AB17C4E0E7	482816	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-06-11 16:24:58	770F067D833DC017CEB8A36A2A1EC942	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-06-11 16:24:57	F343ECB3C683EBD7E3990C03AD680855	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-06-11 16:23:44	EF15B0554634BD981BB718E9BF6EE891	46784	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-06-11 16:23:44	511E0519B437C263E95EA46330312B7F	172224	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
=== C: other files ==
2014-06-11 16:25:06	17F685B67C74B8F7BFED4308790B71DE	288192	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-06-11 16:25:06	04ADD18EE5CC9FBEDAEC1DD1CD0CB45E	1903552	----a-w-	C:\Windows\System32\drivers\tcpip.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"AVG-Secure-Search-Update_JUNE2013_TB"="C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe  /PROMPT /CMPID=JUNE2013_TB"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

[HKEY_USERS\S-1-5-21-462824799-3137052604-784381099-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"PPort12reminder"="C:\Program Files (x86)\Nuance\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\12\Config\Ereg\Ereg.ini"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s"
"TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_2008_PLUS\TrayServer.exe"
"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Facebook Update"="C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"KiesAirMessage"="C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup"
@="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run"
"KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ArcSoft Connection Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ArcSoft Connection Service"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\ArcSoft\\Connection Service\\Bin\\ACDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrStsMon00]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BrStsMon00"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Browny02\\Brother\\BrStMonW.exe /AUTORUN"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter4]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ControlCenter4"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ControlCenter4\\BrCcBoot.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndexSearch"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\IndexSearch.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PaperPort PTD"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nuance\\PaperPort\\pptd40nt.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PC Suite Tray"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDF5 Registry Controller]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDF5 Registry Controller"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\RegistryController.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDFHook]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PDFHook"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nuance\\PDF Viewer Plus\\pdfpro5hook.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SymphonyPreLoad]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SymphonyPreLoad"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IBM\\Lotus\\Symphony\\framework\\shared\\eclipse\\plugins\\com.ibm.symphony.standard.launcher.win32.x86_3.0.1.20120110-2000\\IBM Lotus Symphony\" -nogui -nosplash"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""


==== Startup Folders ======================

2013-11-05 14:07:25	1051	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-01-31 18:50:58	1300	----a-w-	C:\Users\Dirk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2013-02-28 09:22:25	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2012-07-09 17:02:42	1935	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13/06/2014 19:31]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA.job --a------ C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe [06/08/2012 19:27]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/12/2011 14:16]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03/12/2011 14:16]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002Core" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-462824799-3137052604-784381099-1002UA" [C:\Users\Dirk\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Registration Trigger IBM Lotus Symphony Task" [C:\Program Files (x86)\IBM\Lotus\Symphony\framework\rcp\rcplauncher.exe]
"C:\Windows\SysNative\tasks\{0F149FCB-27FD-47FC-922C-1532BED19E87}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{25A9E8EC-8939-4E61-86D6-1774133BC7E8}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{4666BE53-331E-40A3-A3A3-CBFE04293AD6}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{71B44408-363F-4BCB-8943-1D25D40E036A}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{9E18404F-CACC-4243-BE17-DE6F5D38E8D2}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{AC56546B-526C-4297-A8FC-9670BF7B3764}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\{B305BF8E-3081-4888-8652-590E4040904C}" [E:\SETUP.EXE]
"C:\Windows\SysNative\tasks\{D633FEBC-526C-41F1-BA76-2427BDF84EF3}" [J:\Lotus Organizer 97\Organiser Disk1 - Disk 8\INSTALL.EXE]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [28/02/2013 11:23]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 12:36]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- Bitdefender QuickScan - %ProfilePath%\extensions\{e001c731-5e37-4538-a5cb-8168736a2360}

ProfilePath: C:\Users\Dirk\AppData\Roaming\TomTom\HOME\Profiles\8iyol1o0.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Dirk\AppData\Roaming\Mozilla\Firefox\Profiles\nnehaohk.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
FF0D6F82A0EC13952E83B9439100E45D	- C:\Users\Dirk\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
F475DAA3CF6D19DA49BE7BAC0A966DB3	- C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
fheoggkfdfchfphceeifdbepaooicaho - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[17/01/2012 12:45]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{EB00FFD9-2AA4-43FA-829E-EA5EFF0C4E39} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393BE460"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Dirk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Dirk 2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Dirk\AppData\Local\Mozilla\Firefox\Profiles\nnehaohk.default\Cache will be emptied at reboot

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1780 folders=770 181392155 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Dirk\AppData\Local\Temp will be emptied at reboot
C:\Users\Dirk 2\AppData\Local\Temp emptied successfully
C:\Users\Public\AppData\Local\Temp emptied successfully
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Dirk\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Dirk\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NNCLHDJ9\cdnbakmi.kaltura.com"  not found
"C:\Users\Dirk\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\NNCLHDJ9\w.soundcloud.com"  not found

==== EOF on ma 16/06/2014 at 11:41:16,60 ======================