
Zoek.exe v5.0.0.0 Updated 22-07-2014
Tool run by ria on do 24/07/2014 at  7:04:17,74.
Microsoft Windows 7 Starter  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\ria\Downloads\zoek (1).exe    [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

24/07/2014 7:10:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Babylon deleted successfully
C:\Users\ria\AppData\Roaming\DefaultTab deleted successfully
C:\Users\ria\AppData\Roaming\Intelli-studio deleted successfully
C:\Users\ria\AppData\Roaming\rightbackup deleted successfully
C:\Users\ria\AppData\Roaming\Software Inspection Library deleted successfully
C:\Users\ria\AppData\Roaming\TP deleted successfully
C:\Users\ria\AppData\Local\Conduit deleted successfully
C:\Users\ria\AppData\Local\CrashDumps deleted successfully
C:\Users\ria\AppData\Local\FSP deleted successfully
C:\Users\ria\AppData\Local\Lollipop deleted successfully
C:\Users\ria\AppData\Local\photoOptimizeHistoryDataBase deleted successfully
C:\Users\ria\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2152331709-2662505945-1457567460-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully
HKEY_USERS\S-1-5-21-2152331709-2662505945-1457567460-1000\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_USERS\S-1-5-21-2152331709-2662505945-1457567460-1000\Software\Microsoft\Internet Explorer\SearchScopes\{D51F4EAD-7F89-4004-8A9E-FDC6639941CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\ria\AppData\Roaming\Mozilla\Firefox\Profiles\h44h1dfn.default

---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.order.1", "Ask.com");
---- Lines blabbers modified from prefs.js ----

user_pref("extensions.enabledAddons", "%7B140A2D0E-85CC-4ed3-9BA5-8FA35DA7FABA%7D:3.0.0.0,bbrs_002%40blabbers.com:1.0.5,%7B972ce4c6-7e08-4474-a285-320
user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"descriptor\":\"C:\\\\Program
---- FireFox user.js and prefs.js backups ---- 

user_20142407_0729_.backup
prefs_20142407_0729_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ApnUpdater] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser companion helper] 

==== Deleting Files \ Folders ======================

C:\Users\ria\AppData\Roaming\rightbackup not found
C:\Users\ria\AppData\Roaming\DefaultTab not found
C:\Users\ria\AppData\Roaming\Mozilla\Firefox\Profiles\h44h1dfn.default\extensions\bbrs_002@blabbers.com deleted
C:\rbtemp deleted
C:\Users\ria\AppData\Roaming\Systweak deleted
C:\Program Files\GUT7FCA.tmp deleted
C:\Program Files\GUTCC25.tmp deleted
C:\Program Files\GUM7FAA.tmp deleted
C:\Program Files\GUMCC24.tmp deleted
C:\Program Files\Conduit deleted
C:\Program Files\MyPC Backup deleted
C:\Users\ria\AppData\Roaming\Babylon deleted
C:\Windows\system32\config\systemprofile\AppData\Roaming\Systweak deleted
C:\PROGRA~2\Systweak deleted
C:\PROGRA~2\Partner deleted
C:\Users\ria\AppData\Local\APN deleted
C:\Users\ria\AppData\Local\Babylon deleted
C:\Users\ria\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Lollipop deleted
C:\Users\ria\AppData\LocalLow\Conduit deleted
C:\Users\ria\AppData\LocalLow\conduitEngine deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AskToolbar deleted
C:\Windows\system32\tasks\Right Backup_startup deleted
C:\Windows\system32\tasks\DTReg deleted
C:\user.js deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\roboot.exe deleted
C:\Windows\System32\sho2E50.tmp deleted
C:\Windows\System32\shoB0D.tmp deleted
C:\Windows\System32\shoC254.tmp deleted
C:\Users\ria\AppData\Roaming\Mozilla\Firefox\Profiles\h44h1dfn.default\searchplugins\askcom.xml deleted
"C:\Windows\tasks\JBBOUCAUN.job" not deleted
"C:\Windows\Installer\1b840.msi" deleted
"C:\Users\ria\AppData\Local\h42oh80verm3a53mba7wvtiw37082dpxq" deleted
"C:\Users\ria\AppData\Local\wol4hsp5c07f3xry138m75s24ltob1gkmj8124av0ba" deleted
"C:\ProgramData\h42oh80verm3a53mba7wvtiw37082dpxq" deleted
"C:\ProgramData\wol4hsp5c07f3xry138m75s24ltob1gkmj8124av0ba" deleted
"C:\Program Files\Right Backup\Microsoft.SqlServer.Types.dll" deleted
"C:\Program Files\Right Backup\Microsoft.Win32.TaskScheduler.DLL" deleted
"C:\Program Files\Right Backup\RBClientService.exe" deleted
"C:\Program Files\Right Backup\RightBackup.exe" deleted
"C:\Program Files\Right Backup\STBackupclient.dll" deleted
"C:\Program Files\Right Backup\System.Data.SQLite.dll" deleted
"C:\Program Files\Right Backup\System.Threading.dll" deleted
"C:\Program Files\Right Backup\Microsoft.SqlServer.Types.dll" deleted
"C:\Program Files\Right Backup\Microsoft.Win32.TaskScheduler.DLL" deleted
"C:\Program Files\Right Backup\RBClientService.exe" deleted
"C:\Program Files\Right Backup\RightBackup.exe" deleted
"C:\Program Files\Right Backup\STBackupclient.dll" deleted
"C:\Program Files\Right Backup\System.Data.SQLite.dll" deleted
"C:\Program Files\Right Backup\System.Threading.dll" deleted
"C:\Program Files\Right Backup" not deleted
"C:\Program Files\Right Backup" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\ria\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-07-18 14:28:06	C6A991D7DF17EBD8DE4739CD1F283133	646144	----a-w-	C:\Windows\System32\osk.exe
2014-07-18 14:28:06	2A58DBC1BADEA2F496099F8CB068E698	2350080	----a-w-	C:\Windows\System32\win32k.sys
2014-07-14 23:21:12	5E4EEC0A6A97D6D211D4589EFC0F24EE	404480	----a-w-	C:\Windows\System32\aepdu.dll
2014-07-14 23:21:11	E3DE0483931C257917CE70A336B9A635	302592	----a-w-	C:\Windows\System32\aeinv.dll
2014-07-14 23:20:53	BE0EA764820239F7785410CBE3880086	32256	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-07-14 23:20:53	82C8F94A8DFF5D451E1A81B88E9FB4BD	108032	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-07-14 23:20:52	448854C4FE94C0FA329CC38FF103DC74	51200	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2014-07-14 23:20:51	91CF46BBB827E461C498A1D7D1A71AD6	32768	----a-w-	C:\Windows\System32\iernonce.dll
2014-07-14 23:20:51	7115E24471C95AA89422A3625BD10FC3	646144	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-07-14 23:20:50	7C44C697BA6D0B698B91AC6516A731C3	1139200	----a-w-	C:\Windows\System32\urlmon.dll
2014-07-14 23:20:49	A9F8343A3234FC7A42DDA4569827B411	43008	----a-w-	C:\Windows\System32\jsproxy.dll
2014-07-14 23:20:49	A98E303FCB7058C6E78FD1FBBCBB5EEF	240824	----a-w-	C:\Windows\System32\iedkcs32.dll
2014-07-14 23:20:49	09CBE4B1AEF497FC05493B09EA2C1757	112128	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-07-14 23:20:48	E739AEDCA67F214F96C2520BA293B12B	526336	----a-w-	C:\Windows\System32\msfeeds.dll
2014-07-14 23:20:48	9385D7C5DF2566D01B1FB150F381D50B	367616	----a-w-	C:\Windows\System32\dxtmsft.dll
2014-07-14 23:20:48	175A663547805367C10746FC416D4605	704512	----a-w-	C:\Windows\System32\ieapfltr.dll
2014-07-14 23:20:47	42BF66A4DC35DAD3564065173372CCE9	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-07-14 23:20:46	4B774E842F268D51DB942EF9637828B9	1964544	----a-w-	C:\Windows\System32\inetcpl.cpl
2014-07-14 23:20:45	8046CF629D8AE766C22145F4A6AFFBE1	164864	----a-w-	C:\Windows\System32\msrating.dll
2014-07-14 23:20:44	CE94480E78CC3A1A17B53F2BB65639BD	61952	----a-w-	C:\Windows\System32\iesetup.dll
2014-07-14 23:20:44	3B840119F286743FCFE953C5DEF40136	595968	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-07-14 23:20:42	2D396E0D33817173E7EB7EE1B0AFCA28	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2014-07-14 23:20:41	CCC198257901BEEA2FBF8EB1E7678356	1791488	----a-w-	C:\Windows\System32\wininet.dll
2014-07-14 23:20:38	F2A99A4293CAF7956FF7801D36D5A3B2	442368	----a-w-	C:\Windows\System32\ieui.dll
2014-07-14 23:20:38	573E522A27210701EB8A6C476D36FFF6	239616	----a-w-	C:\Windows\System32\dxtrans.dll
2014-07-14 23:20:36	FC733FD7721200D5136F6F8112E97B00	11742208	----a-w-	C:\Windows\System32\ieframe.dll
2014-07-14 23:20:34	67EA1BB7F6428A10C64D5A732976F871	69632	----a-w-	C:\Windows\System32\mshtmled.dll
2014-07-14 23:20:33	FDA05E78813F543A6E9AC6B23EC696F2	1068032	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2014-07-14 23:20:32	557D60DF85D61C290A1D09E7115B294B	62464	----a-w-	C:\Windows\System32\MshtmlDac.dll
2014-07-14 23:20:30	084FB28A790685F32A6D7D003777696D	2179072	----a-w-	C:\Windows\System32\iertutil.dll
2014-07-14 23:20:27	E3065F51EE0BB099EAAE48C3FC3A25B6	592896	----a-w-	C:\Windows\System32\jscript9diag.dll
2014-07-14 23:20:26	DFA59840BB1220AFD261FDAE83543959	17276416	----a-w-	C:\Windows\System32\mshtml.dll
2014-07-14 23:20:20	045A91095A605BB20FF2B37546FE62B0	455168	----a-w-	C:\Windows\System32\vbscript.dll
2014-07-14 23:20:18	98C7B1AFA0A99EE3BE99EAABEFB72CA0	4254720	----a-w-	C:\Windows\System32\jscript9.dll
2014-07-14 23:19:31	492FF9C530EC0352B3C904CE9898269D	509440	----a-w-	C:\Windows\System32\qedit.dll
2014-07-14 23:19:02	EA4B76A3E19C7335A61B111E09205098	1059840	----a-w-	C:\Windows\System32\lsasrv.dll
2014-07-14 23:14:48	1A0BE0092646F564FAF204E678AF8E03	550912	----a-w-	C:\Windows\System32\kerberos.dll
2014-07-14 23:14:47	F95E1E9D97D25C11F29CA34C843A6F4D	247808	----a-w-	C:\Windows\System32\schannel.dll
2014-07-14 23:14:46	C71CC796F0E2E9BD542C87532706FCFE	172032	----a-w-	C:\Windows\System32\wdigest.dll
2014-07-14 23:14:46	C61DDFE40204F3BE3DF111981D91560E	220160	----a-w-	C:\Windows\System32\ncrypt.dll
2014-07-14 23:14:46	8BA721F76C97A219599E88722AA48875	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2014-07-14 23:14:45	6CB2616152ADCDF39F05B08E4858F476	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2014-07-14 23:14:44	E3ECF5FFE3DEDF61DC6877B6A99ACBBF	17408	----a-w-	C:\Windows\System32\credssp.dll
====== C:\Windows\system32\drivers =====
2014-07-14 23:21:20	D0B388DA1D111A34366E04EB4A5DD156	338944	----a-w-	C:\Windows\System32\drivers\afd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-23 11:09:39	--------	d-----w-	C:\Program Files\trend micro
2014-07-21 11:57:46	--------	d-----w-	C:\Program Files\Common Files\Skype
2014-07-21 11:57:45	--------	d-----r-	C:\Program Files\Skype
2014-07-20 17:44:57	--------	d-----w-	C:\Program Files\Common Files\Lavasoft
======= C: =====
====== C:\Users\ria\AppData\Roaming ======
2014-07-21 02:20:05	--------	d-sh--w-	C:\Users\ria\AppData\Local\EmieUserList
2014-07-21 02:20:04	--------	d-sh--w-	C:\Users\ria\AppData\Local\EmieSiteList
2014-07-20 18:02:18	--------	d-----w-	C:\Users\ria\AppData\Local\Skype
====== C:\Users\ria ======
2014-07-23 11:05:45	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\ria\Downloads\RSIT.exe
2014-07-21 17:39:54	--------	d-----r-	C:\Users\ria\Pictures
2014-07-21 11:57:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-07-21 02:58:41	BDCFAD262DE81C644B9B4C93F26A766E	35590240	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull(2).exe
2014-07-21 02:57:56	BDCFAD262DE81C644B9B4C93F26A766E	35590240	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull(1).exe
2014-07-20 19:25:10	D38F9FB732A78C32D6004C189BD7FF86	35594848	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull.exe
2014-07-20 18:28:15	E90BF9E1562F40140161573B79CD5720	17292760	----a-w-	C:\Users\ria\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 18:14:38	4AF4D1D156DF61FC7364D1193862A068	4862664	----a-w-	C:\Users\ria\Downloads\avast_free_antivirus_setup_online.exe
2014-07-20 17:59:41	5F4B43D5485287DCBE768DF3C804000D	1677928	----a-w-	C:\Users\ria\Downloads\SkypeSetup.exe

====== C: exe-files ==
2014-07-23 11:09:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\ria.exe
2014-07-23 11:05:45	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\ria\Downloads\RSIT.exe
2014-07-21 02:58:41	BDCFAD262DE81C644B9B4C93F26A766E	35590240	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull(2).exe
2014-07-21 02:57:56	BDCFAD262DE81C644B9B4C93F26A766E	35590240	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull(1).exe
2014-07-21 02:37:27	5CA3B9DB1F03E19C4EAD46A7322D1D3F	39749712	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_chrome_installer.exe
2014-07-20 19:25:10	D38F9FB732A78C32D6004C189BD7FF86	35594848	----a-w-	C:\Users\ria\Downloads\SkypeSetupFull.exe
2014-07-20 18:28:15	E90BF9E1562F40140161573B79CD5720	17292760	----a-w-	C:\Users\ria\Downloads\mbam-setup-2.0.2.1012.exe
2014-07-20 18:14:38	4AF4D1D156DF61FC7364D1193862A068	4862664	----a-w-	C:\Users\ria\Downloads\avast_free_antivirus_setup_online.exe
2014-07-20 17:59:41	5F4B43D5485287DCBE768DF3C804000D	1677928	----a-w-	C:\Users\ria\Downloads\SkypeSetup.exe
2014-07-20 16:37:19	C5D237A3DA4A914D19D825C73FDE4487	8848464	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.125\36.0.1985.125_35.0.1916.153_chrome_updater.exe
2014-07-18 14:28:06	C6A991D7DF17EBD8DE4739CD1F283133	646144	----a-w-	C:\Windows\System32\osk.exe
=== C: other files ==
2014-07-24 05:02:35	0BE568FD1E7D6C6D64D2272649F5C716	111	----a-w-	C:\Users\ria\AppData\Local\Temp\scripttest.vbs
2014-07-23 21:11:25	0A1AA00E41B50B1E274094D618DDA122	5627963	----a-w-	C:\Users\ria\Downloads\dcce2_150.zip
2014-07-20 18:10:11	DEE8AAD1707168082B7347873373987E	288	----a-w-	C:\Users\ria\Desktop\Internet Explorer Troubleshooting.zip
2014-07-18 14:28:06	2A58DBC1BADEA2F496099F8CB068E698	2350080	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2152331709-2662505945-1457567460-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Atheros\\Bluetooth Suite\\AthBtTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Atheros\\Bluetooth Suite\\BtvStack.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\avgnt]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="avgnt"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Avira\\AntiVir Desktop\\avgnt.exe\" /min"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FLxHCIm]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FLxHCIm"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Fresco Logic Inc\\Fresco Logic USB3.0 Host Controller\\host\\FLxHCIm.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fspuip]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="fspuip"
"hkey"="HKLM"
"command"="%ProgramFiles%\\FSP\\fspuip.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Hotkey]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Hotkey"
"hkey"="HKLM"
"command"="C:\\Program Files\\Pegatron\\Hotkey\\FastUserSwitching.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HotKeysCmds"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\hkcmd.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IgfxTray"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Persistence]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Persistence"
"hkey"="HKLM"
"command"="C:\\Windows\\system32\\igfxpers.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SUPERAntiSpyware"
"hkey"="HKCU"
"command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18/07/2014 16:57]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [17/10/2013 20:31]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\JBBOUCAUN.job --ahs---- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\JBBOUCAUN" [C:\Windows\system32\rundll32.exe "C:\Windows\system32\mciwavea.dll",Gscb]
"C:\Windows\system32\tasks\{7D7EEF77-5462-4C5B-AE1F-041D92BCE057}" ["c:\program files\google\chrome\application\chrome.exe"]
"C:\Windows\system32\tasks\{F44B455F-0A63-43A8-A26A-EE701B475419}" [C:\Program Files\Skype\\Phone\Skype.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\ria\AppData\Roaming\Mozilla\Firefox\Profiles\h44h1dfn.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\ria\AppData\Roaming\Mozilla\Firefox\Profiles\h44h1dfn.default
4390CCD3790F8D9C427C0C29590C62D7	- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll -	Shockwave Flash
FB5621842FDABF9F8359775573498FBC	- C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
1E5E8C84DE796A01D1D46E3A660690F1	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
F055C91A961601B8D50EF2976145AEE6	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
01D93217A9EE48DD37072B671378CC9C	- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll -	Silverlight Plug-In
C953747215143628D3724340FAF73BD4	- C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll -	Java Deployment Toolkit 6.0.220.4
3ED8E561044723C6039A8A20A3AE60CC	- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll -	Java(TM) Platform SE 6 U22
28986F0A2342A033345EF9E70D395E4F	- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll -	Microsoft� Silverlight


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files\BrowserCompanion\blabbers-ch.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11/04/2014 19:46]

Skype Click to Call - ria\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Google Wallet - ria\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Avira Toolbar - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj
Google Drive - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Browser Companion Helper - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej
Google Search - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clbfjfbnelcflpgpklppgplejolacbej_0.localstorage deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_clbfjfbnelcflpgpklppgplejolacbej_0.localstorage-journal deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaangaohdajkgeopjhpbnlpkehbhmbj deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage deleted successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_aaaangaohdajkgeopjhpbnlpkehbhmbj_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Search Page"="http://www.google.com"
"Default_Page_URL"="http://www.aldi.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.be/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{3D2F1BBA-85DE-4885-9834-7B6675976548}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{3D2F1BBA-85DE-4885-9834-7B6675976548} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNC_enDE393"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\avgnt deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\ria\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\ria\AppData\Local\Mozilla\Firefox\Profiles\h44h1dfn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\ria\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=617 folders=77 65546166 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\ria\AppData\Local\Temp will be emptied at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ria\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\tasks\JBBOUCAUN.job"  not deleted
"C:\Program Files\Right Backup"  not found
"C:\Program Files\Right Backup"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on do 24/07/2014 at  7:42:05,84 ======================