
Zoek.exe v5.0.0.0 Updated 15-08-2014
Tool run by Philip on zo 17/08/2014 at 22:17:44,84.
Microsoft Windows 8 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Philip\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

17/08/2014 22:19:48 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~3\Oracle deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{02FDE093-E780-4EE8-B43C-16C4AA84E847} deleted successfully
HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6EDE9C61-657A-4E23-8A06-C9F5FE1579AB} deleted successfully
HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8B430454-E0DB-4416-A598-1E59E34E990C} deleted successfully
HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DA26AED6-4BAD-41AC-943B-DF04FCDBF55A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\p2ml3kfd.default-1399798840765

---- Lines conduit removed from prefs.js ----
user_pref("plugin.state.npconduitfirefoxplugin", 0);
---- Lines conduit removed from user.js ----

user_pref("plugin.state.npconduitfirefoxplugin", 0);
user_pref("plugin.state.npconduitfirefoxplugin", 0);

---- FireFox user.js and prefs.js backups ---- 

user_20141708_2226_.backup
prefs_20141708_2226_.backup

==== Deleting Files \ Folders ======================

C:\Users\Philip\AppData\Roaming\Optimizer Pro deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2 deleted
C:\Users\Philip\Searches deleted
C:\Windows\wininit.ini deleted
C:\windows\SysNative\tasks\Optimizer Pro Schedule deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Philip\Documents\Optimizer Pro deleted
C:\Users\Philip\Desktop\Optimizer Pro.lnk deleted
"C:\DelFix.txt" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCall.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla2.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla21.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla31.exe" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla32.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla33.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla34.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla36.dll" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseCustomCalla36.exe" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP\WiseData.ini" deleted
"C:\Windows\1F7E4FF9D2E542589AE1E16E6CB3252A.TMP" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Philip\AppData\Local\Temp ====
2014-08-06 15:48:25	42EC539D183CB43BCFF89E72585902D5	384485	----a-w-	C:\Users\Philip\AppData\Local\Temp\Quarantine.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-08-14 23:01:34	38045850ACB96313A1983A8803302906	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 14:01:08	9C464C1D692BADC68A56F103B228B9D9	1023488	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2014-08-14 14:00:46	59519C658518AA899B76AEEFA7719112	14371328	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-08-14 14:00:38	DDB6F474132BDF69835C2EA520C27727	13757440	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-08-14 14:00:37	7672B85494FCB5349DC6CACA32E87F9C	2054656	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-08-14 14:00:37	2046CAAF97A0FB7D7F7A799A320C9266	1180672	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-08-14 14:00:36	7951C75E6B680204BD624A0C3CE2C573	1766400	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-08-14 14:00:36	791868870510413B81F7FFD62912B883	2861568	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-08-14 14:00:33	F9A7AF5CEB19DC16C093D7D3C95997A8	1440768	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-08-14 14:00:33	44EB410A565D7DD5910C2AC9D7AD6A58	80384	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-08-14 14:00:33	3DE90B458BC31E029A7009F51F4B0F6A	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2014-08-14 14:00:33	1DD42CA0D3338A1A97DFFBC2DA05333D	226816	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-08-14 14:00:33	02389BD2FA7CBAB52BFB5BDA68782043	357888	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-08-14 14:00:32	DC7056A6F354D67916BE4AEA79D9C24C	534528	----a-w-	C:\Windows\SysWOW64\uxtheme.dll
2014-08-14 14:00:32	C582896705A6EA678D874FDFE49E5AD8	44032	----a-w-	C:\Windows\SysWOW64\UXInit.dll
2014-08-14 14:00:32	BE7707F5514A414DB7B2639A7A00A410	226816	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-08-14 14:00:32	BDF3562108CF3EB71D50B3E47BB53717	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-08-14 14:00:32	B02AF4F75B3280E10468A7E1698DDCD1	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-08-14 14:00:32	9679A6F7708D6C894B1817EFEB62351F	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-08-14 14:00:32	6FE26E630593A71C2AF4F7222A6F7239	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-08-14 14:00:32	5C37961676E91B41E42360CB355707FA	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-08-14 14:00:32	30D7BFA0009C4D2ACFFEEBB2F5663CAB	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-08-14 14:00:32	0424E6D3747B6269963D4671040663A2	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2014-08-14 14:00:22	A1E0D8F0F686C402B1F398227A4FDD05	8857600	----a-w-	C:\Windows\SysWOW64\twinui.dll
2014-08-14 14:00:20	CD4AD60802EE2C6E6506018D42FE5236	2416128	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-08-14 14:00:17	FC55D667EDC08B5D4157536A3F6C2641	295424	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2014-08-14 14:00:17	CF11DC5D87D5FBF3EB2CDE3FC5580873	2037760	----a-w-	C:\Windows\SysWOW64\authui.dll
2014-08-14 14:00:17	05B751A750FF7CD2164A1671AC65D23C	754176	----a-w-	C:\Windows\SysWOW64\actxprxy.dll
2014-08-14 14:00:07	7C57257903BBE73B2DBBC6E7104EB867	694272	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 13:34:29	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-08-13 13:34:25	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-08-13 13:34:25	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-08-13 13:34:25	0F70F4DAF2BC5613EE75C9B2585CE67E	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-08-14 23:01:34	6DBE73C09215E281F4283641144110A5	35480	----a-w-	C:\Windows\Sysnative\TsWpfWrp.exe
2014-08-14 14:01:09	CC5B978B9A7EBFF2BB154A816554F51C	199680	----a-w-	C:\Windows\Sysnative\cdd.dll
2014-08-14 14:01:08	A5F88AEFDE2AB3C7B3215B30122754E8	1300992	----a-w-	C:\Windows\Sysnative\gdi32.dll
2014-08-14 14:01:08	67DD4FFD6AE0F380E473BAFE002728BC	4035072	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-08-14 14:00:51	90B1DA995893F25DE3438B152D29B089	19279872	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-08-14 14:00:44	D1CC29A03CC49A819031527FEF5C20E0	15399936	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-08-14 14:00:40	2DC29B4B1380BEE4412FF4BD2CFBEB7C	2655232	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-08-14 14:00:40	0F57CF6FBA7331C01EF7732902EB544C	3959296	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-08-14 14:00:37	F49B3E58C3812042D946551FA487A9FF	1407488	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-08-14 14:00:36	A56400B83371EAD36B9E62FAF0546595	2240000	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-08-14 14:00:35	4FC4D8947E40600FB0B8A3171E3F5F4B	451584	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-08-14 14:00:34	6A025A6C2D17C325B76FCFC5A9B7DE91	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2014-08-14 14:00:33	F0E9B12CB933FB1594907D05C963F3D2	281600	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-08-14 14:00:33	A15BACAC115B922F246750770D2378E3	915968	----a-w-	C:\Windows\Sysnative\uxtheme.dll
2014-08-14 14:00:33	2F12547498513DDAE30713753C05B728	1508864	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-08-14 14:00:33	19FD12A3AF7E0262282AF4F028504F0E	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-08-14 14:00:33	0E62277BD6441508410372DCC43A2DB5	97280	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-08-14 14:00:32	E9E4DB15809472C8F8E211F9F080FCC1	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-08-14 14:00:32	ADF4159B1C39869B46AE1E8F0E6D7F65	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-08-14 14:00:32	AC351C1ECAD2701E06F96ABFAB02B773	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2014-08-14 14:00:32	93F27C7FD64D0E3CDB7454ACF28F160B	255488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-08-14 14:00:32	8F90D2E05A51C76EA423902B5C4DD6FF	53760	----a-w-	C:\Windows\Sysnative\UXInit.dll
2014-08-14 14:00:32	334C98698434D534E82FE6C7AF8E2531	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-08-14 14:00:32	3013C41E885F370F75F297A0415611C1	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-08-14 14:00:32	283DD1D3C3E9D0B3D258BC6610540E80	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-08-14 14:00:32	21FE64FECC172DD1D159936B6C983750	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-08-14 14:00:23	4079B9196F0353E57EFBB5E16B5727C0	10116608	----a-w-	C:\Windows\Sysnative\twinui.dll
2014-08-14 14:00:20	DE5D9300DAE9279D6554E5875A079093	2146304	----a-w-	C:\Windows\Sysnative\actxprxy.dll
2014-08-14 14:00:20	60B4FDF22A85713621E6528E68CD8FC9	2885632	----a-w-	C:\Windows\Sysnative\msi.dll
2014-08-14 14:00:18	1BE70D6051837B74BCD06DCE040F102E	2306560	----a-w-	C:\Windows\Sysnative\authui.dll
2014-08-14 14:00:17	B8CDF3317BD77FCF8C798EEB9DEFC5C9	393216	----a-w-	C:\Windows\Sysnative\msihnd.dll
2014-08-14 14:00:17	65DF4D0333CFC7AE430F5D210F77F4CE	112984	----a-w-	C:\Windows\Sysnative\consent.exe
2014-08-14 14:00:10	CA887E878FB8CE16C4ACB2F0408D0F0B	712192	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-08-14 14:00:10	39680DBF9A2A8AFEFE3F745461716133	556544	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-08-14 14:00:07	F39B36FC340ED4F322E0FB41FC7307BA	1312768	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
====== C:\Windows\Sysnative\drivers =====
2014-08-14 23:03:11	58CC013EFA9893057160EDA018D8ADCE	71168	----a-w-	C:\Windows\Sysnative\drivers\hdaudbus.sys
2014-08-14 14:01:09	2BB5627EB587FA995086C3D8C21B6D3F	1453400	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
2014-08-14 14:00:05	E7E9DBFDD3F25ED0C05B99AE9FA18BDE	94552	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2014-08-14 14:00:05	05FACF485F44D1B70E35551D7BB668ED	328024	----a-w-	C:\Windows\Sysnative\drivers\Classpnp.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-31 16:53:42	--------	d-----w-	C:\Program Files\RawTherapee-4.1.40
======= C:\PROGRA~2 =====
2014-08-13 13:34:34	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Philip\AppData\Roaming ======
2014-08-12 20:22:40	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-08-12 20:22:40	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-08-12 20:22:40	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2014-08-12 20:22:40	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2014-08-12 20:22:39	--------	d-----w-	C:\Users\Philip\AppData\Local\Temp
2014-07-31 16:53:54	--------	d-----w-	C:\Users\Philip\AppData\Local\RawTherapee4.1
====== C:\Users\Philip ======
2014-08-17 09:39:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Philip\Downloads\RSITx64.exe
2014-08-16 13:26:36	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Philip\Downloads\ccsetup416.exe
2014-08-16 13:07:38	99FA9F1706DBEA2250079209B78D834C	14793488	----a-w-	C:\Users\Philip\Downloads\StartMenuX_Setup_5_25_PRO.exe
2014-08-16 13:05:18	221E997EBF036B6675D9B06C1B5AE46E	79401672	----a-w-	C:\Users\Philip\Downloads\startbutton8-setup.exe
2014-08-13 13:34:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-13 13:32:25	80B857683F79FD39875240E8E882F204	918952	----a-w-	C:\Users\Philip\Downloads\jxpiinstall(1).exe
2014-07-31 21:15:23	8DE9F588DFB1641F2C0EA05BD4B60605	218	----a-w-	C:\Users\Philip\.recently-used.xbel

====== C: exe-files ==
2014-08-17 09:39:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Philip\Downloads\RSITx64.exe
2014-08-16 13:26:36	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Philip\Downloads\ccsetup416.exe
2014-08-16 13:07:38	99FA9F1706DBEA2250079209B78D834C	14793488	----a-w-	C:\Users\Philip\Downloads\StartMenuX_Setup_5_25_PRO.exe
2014-08-16 13:05:18	221E997EBF036B6675D9B06C1B5AE46E	79401672	----a-w-	C:\Users\Philip\Downloads\startbutton8-setup.exe
2014-08-14 23:01:34	6DBE73C09215E281F4283641144110A5	35480	----a-w-	C:\Windows\System32\TsWpfWrp.exe
2014-08-14 23:01:34	38045850ACB96313A1983A8803302906	35480	----a-w-	C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 14:00:35	ADC1F0471483B9FFC40D61251DD4EAF4	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-08-14 14:00:35	9951CFD087434FA7F87E6D424080AFF5	484864	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-08-14 14:00:33	D50CB4EBA5FC732AB919AFC1F61F889B	770704	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-08-14 14:00:33	2A2F3E1CE8550B215117081CAFA3C2CE	775312	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-08-14 14:00:32	3013C41E885F370F75F297A0415611C1	51712	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-08-14 14:00:17	65DF4D0333CFC7AE430F5D210F77F4CE	112984	----a-w-	C:\Windows\System32\consent.exe
2014-08-14 14:00:10	44CABB4EE41C3EED9E1FA55D537D8C28	156672	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-08-14 12:01:47	C56CB929FDC62BA6AFA025C0DF95CA73	1836624	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\36.0.1985.143\36.0.1985.143_36.0.1985.125_chrome_updater.exe
2014-08-13 13:34:29	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-08-13 13:34:25	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-08-13 13:34:25	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-08-13 13:34:21	F69D8BDC202973592D710BC913D01919	48040	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2014-08-13 13:34:21	F67D9621616CB31217A497FEDE4913F5	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2014-08-13 13:34:21	EC4C47AADE6606AFCDEAB28E29654ECE	75688	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2014-08-13 13:34:21	CEEFA72555A8FAD52C29BA17AE3E6DEF	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2014-08-13 13:34:21	C8883F91C31CAC40890AC8B668E05F61	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2014-08-13 13:34:21	C3F55C9B02A22EC0B345E20AE9AE9B71	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\klist.exe
2014-08-13 13:34:21	BF918C9473D64BBD53C22C47045883F5	182696	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2014-08-13 13:34:21	A788E5ED0454307CBCFB95CC33E5F717	16808	----a-w-	C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2014-08-13 13:34:21	A6B7A388547C4CDF4D8F2AF55D79AC85	145832	----a-w-	C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2014-08-13 13:34:21	8B986C008892DB58928BC72483ADF7B9	16808	----a-w-	C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2014-08-13 13:34:21	8B657BA869AE7D3C6A29792C986E0DD5	68008	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2014-08-13 13:34:21	7ED5C21F9F29B5278FFF39718C667235	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2014-08-13 13:34:21	7DC9A0127F850997B4CFD9923C680D7D	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2014-08-13 13:34:21	7BDCC29DDFBB355761A018A74D4A1E8C	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2014-08-13 13:34:21	7A17013ABD895DFBD61A5AF9996D0E5E	50088	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2014-08-13 13:34:21	48442596BFEB26E56898A0E4D2596A95	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2014-08-13 13:34:21	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2014-08-13 13:34:21	34CEC403ED594B55D55DED61A3A53DAF	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2014-08-13 13:34:21	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java.exe
2014-08-13 13:34:21	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2014-08-13 13:34:21	0371CFD6228F89B5B9E20F67807987FE	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2014-08-13 13:33:53	3842C46F2FBC7522EF625F1833530804	145408	----a-w-	C:\Users\Philip\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe
2014-08-13 13:32:25	80B857683F79FD39875240E8E882F204	918952	----a-w-	C:\Users\Philip\Downloads\jxpiinstall(1).exe
=== C: other files ==
2014-08-14 23:03:11	58CC013EFA9893057160EDA018D8ADCE	71168	----a-w-	C:\Windows\System32\Drivers\hdaudbus.sys
2014-08-14 14:01:09	2BB5627EB587FA995086C3D8C21B6D3F	1453400	----a-w-	C:\Windows\System32\Drivers\dxgkrnl.sys
2014-08-14 14:01:08	67DD4FFD6AE0F380E473BAFE002728BC	4035072	----a-w-	C:\Windows\System32\win32k.sys
2014-08-14 14:00:05	E7E9DBFDD3F25ED0C05B99AE9FA18BDE	94552	----a-w-	C:\Windows\System32\Drivers\mountmgr.sys
2014-08-14 14:00:05	05FACF485F44D1B70E35551D7BB668ED	328024	----a-w-	C:\Windows\System32\Drivers\Classpnp.sys
2014-08-13 13:34:21	F3EABF8A2AF5C0D8BAE022EE6C17FD91	18650	----a-w-	C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"
"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bonjour Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\HP Support Assistant Service]


==== Startup Folders ======================

2014-01-18 12:47:18	1050	----a-w-	C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 16:18]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 16:18]
C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe]
"C:\Windows\SysNative\tasks\HP AR Program Upload - a7f5eaaa466d4fbdb516173b2728820e6a67f5c2ebd740978afbda1147be7415" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [05/06/2014 17:21]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\p2ml3kfd.default-1399798840765
4390CCD3790F8D9C427C0C29590C62D7	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll -	Shockwave Flash
78006383FEDBCDC290B8BD178903D6AB	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll -	Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 13:06]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 13:06]

GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko
Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.us.com/?guid={CAFF6CD2-CE2C-4536-BC4A-20B44760BFCC}"
"Default_Page_URL"="http://search.us.com/?guid={CAFF6CD2-CE2C-4536-BC4A-20B44760BFCC}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6EDE9C61-657A-4E23-8A06-C9F5FE1579AB}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6EDE9C61-657A-4E23-8A06-C9F5FE1579AB}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\p2ml3kfd.default-1399798840765\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=28 folders=9 1748657 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Philip\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Philip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 17/08/2014 at 22:36:13,10 ======================