
Zoek.exe v5.0.0.0 Updated 08-September-2014
Tool run by eurosys on do 18/09/2014 at  0:29:34,40.

Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\eurosys\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

Failed to create System Restore Point

==== Empty Folders Check ======================

C:\PROGRA~2\FirstRowSportApp.com deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\eurosys\AppData\Roaming\TP deleted successfully
C:\Users\eurosys\AppData\Local\Conduit deleted successfully
C:\Users\eurosys\AppData\Local\PackageAware deleted successfully
C:\Users\eurosys\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully
HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
"mobilegeni daemon"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Mobogenie deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\eurosys\AppData\Local\Temp ====
2014-09-17 22:14:06	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\eurosys\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-09-11 09:46:16	297EF1AB73B8FCE76BCA1365C2E49AFC	440320	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-09-11 09:46:15	E3D7B3F64C30994409BDF8E48048A854	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 09:46:15	6DD476318F524D2DCB73AFEB2EE27B4A	61952	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 09:46:14	D603AC77E17E5B9583E382F2EE0381A7	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 09:46:14	CC8F34B345DA638D77BB48C035DA628D	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-09-11 09:46:14	84E96F4AF8A7748A3DE7C3EBBC6768E5	365056	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 09:46:14	4F2EDC301EC63F803C0FDB6CC87EDA24	454656	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-09-11 09:46:14	42F6F28D4885505F687CAF0459FF9F90	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 09:46:14	13C2C87C35E52AAB1B439FB2E26DF2DE	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 09:46:14	074646C5A979DE79133DE4A8530A9C5D	603136	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 09:46:14	010DFAF3EF93994B805BAA1493D47973	243200	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 09:46:13	AA595171932ACC79DA9851067DCBDABF	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-09-11 09:46:13	8D4FCAB2643DFEF68040B70F1EDCCBC5	327872	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 09:46:13	7C3D593AB1E2F5E5687D97772EF99AC7	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-09-11 09:46:13	77F79126444896B5867E6761490735B8	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 09:46:13	2E2E40E5D92EEA979548E307C5781038	597504	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 09:46:11	88EBB8526981D03C5777AB0A4AEBA8B4	1068032	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 09:46:11	5074835337862817DB3726558D0908DE	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 09:46:11	1D8C086A39B9794D7131384586811B25	678400	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 09:46:09	FD96C05DE700F5FD26273D6DDB6495A7	2185728	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-09-11 09:46:08	D58988722C72D265B51A54103DFC2C6F	1812992	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-09-11 09:46:08	77B7DDF91F3ED2CDB6CF60224EE13433	4232704	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-09-11 09:46:08	41010A88B70A2168F801DC19EBD4CB4F	1190400	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-09-11 09:46:07	6A3A809CA7A8F40C89E6F1D301898A66	2014208	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 09:46:06	7BF1CE9240CB9DD27C3E30733176EB8E	17455104	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-09-11 09:46:05	A3560FAFC1686D5EE9830B33B5C74B66	11769856	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-09-11 09:35:58	2413D2216D08FAF7D7178D9E0B481AEB	2285056	----a-w-	C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 10:46:16	A8DDB7ACB122FC36FF0D7C9B3099A380	793600	----a-w-	C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 10:46:07	79896A78039C9A63C56197843CFBAD0B	1987584	----a-w-	C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 10:45:55	B094390B6B2D0456821384771020870B	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-09-10 10:45:55	1B85FA0D0A93C011B76678733F39DB6C	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-09-10 10:45:55	10826DA2FC073702AEAB93AF3D73B066	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-11 09:46:16	9EFF09364ABDC86770FA0B1BCC9CA3C3	596480	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-09-11 09:46:15	EF79F0B9E0F277F5797C475DF4248B97	83968	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-09-11 09:46:15	A0600300428AB73664050659E738F11F	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-09-11 09:46:15	305D5395A65D00C74A94AEA40E9909E9	758272	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-09-11 09:46:15	1BE1D1942825BE2146941DA274D2B92F	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-09-11 09:46:15	0113777A28BEC88A50C2566F346E4B58	72704	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-09-11 09:46:14	EE6B22396FA99639A163B1B7E9736669	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-09-11 09:46:14	E76C23C71345ACBC65ED8F6E87AD01D1	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-09-11 09:46:14	C07D636B0237172345E68AE8B70A2984	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-09-11 09:46:14	C067D863FCD53B91A5BF78AE1CE88E54	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-09-11 09:46:14	786ECD92C9D77F571134283E0FABAF1A	289280	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-09-11 09:46:14	641068C626DE3AD348871D0D7931A3FA	547328	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-09-11 09:46:14	4CF33E458BAEDA917CAE9F2E8338479C	446464	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-09-11 09:46:14	2D95BDB699FA1D531B642EA18464FE05	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-09-11 09:46:13	A1BB4CFB25F7CE1D4F67DD71111823AA	374968	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-09-11 09:46:13	68B0077C0D09D1B669A260F2921FD6B9	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-09-11 09:46:13	33BAC6F66DB5FE5F7E20D41B025F490E	707072	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-09-11 09:46:13	2AEFBA4339A34C8EF021B49D23D1F1DF	727040	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-09-11 09:46:11	920BD93A0B64657A20CA66C2EBB167EA	23591424	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-09-11 09:46:11	698C19E198F832E071778A1427E942C8	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-09-11 09:46:11	4C8838D7C13E9080AF4B548CA791896B	1249280	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-09-11 09:46:11	227303FC6E95547EA274F4337BBC7278	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-09-11 09:46:11	1439630B47D717960D59423958754394	775168	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-09-11 09:46:10	5A0C72B9D3CCA42D8AB74890C19443B2	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-09-11 09:46:09	75498A52C2AE248DEE5BDF5209768963	2793984	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-09-11 09:46:09	39EBB9708453036A74C30C9A294023FF	2310656	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-09-11 09:46:08	FECA80905D551074E1A9298BD98103B7	1447424	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-09-11 09:46:08	F6304AACC5744016770C8C797CAA2AF7	5833728	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-09-11 09:46:07	97752927B6E2401011A96E0D6082E403	2104832	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-09-11 09:46:05	BA56C68CCB912C4C08C97DD32C47AD31	13588480	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-09-11 09:35:58	3469B9FAE899139FEE7356E91693376A	2777088	----a-w-	C:\Windows\Sysnative\msmpeg2vdec.dll
2014-09-10 10:46:16	EFF3FF9D9E5BFD2A05390D959A1C3AD0	1031168	----a-w-	C:\Windows\Sysnative\TSWorkspace.dll
2014-09-10 10:46:08	224C2EEBAAF39CD93DE5332DBE5E5A95	2565120	----a-w-	C:\Windows\Sysnative\d3d10warp.dll
2014-09-10 10:45:55	EE4B105F1DBE1E864AFC72E7F0315432	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-09-10 10:45:55	33EF550DCCC58C93F5B65FD75BAD9832	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-09-10 10:45:47	E2BCB58869598B392D6A78953F61A2D9	578048	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-09-10 10:45:47	88BC88D0BDFB6BBE5765D5ABB233C110	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-09-16 23:55:22	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-08-19 17:44:10	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
2014-09-17 22:22:04	3E9CDB6CF7A267F2E38150BBF1CD3518	3544	------w-	C:\bootsqm.dat
====== C:\Users\eurosys\AppData\Roaming ======
====== C:\Users\eurosys ======
2014-09-16 12:28:35	280718858A8E5A154EBECA5ACD1A3ECA	171560	----a-w-	C:\ProgramData\253DE0C.cpp
2014-08-19 17:44:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==
2014-09-17 22:24:02	7263BB03940645A599E13359C0A953EB	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3860979855-3241607315-2205122588-1000\$IL3627U.exe
2014-09-17 22:14:06	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\eurosys\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
2014-09-17 22:04:10	D51F5780C2CAC6A22F21EF15BB8EDDFE	1290240	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3860979855-3241607315-2205122588-1000\$RL3627U.exe
2014-09-16 23:55:23	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\eurosys.exe
2014-09-14 19:50:19	28026DB53EEF61CCF0101672C77CE134	277616	----a-w-	C:\Users\eurosys\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe
2014-09-12 09:43:28	81FF9D283AA8AD62601471F1DCA1DFA1	27544	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32Info.exe
2014-09-12 09:43:10	DBB9F3BC3E802D3DF781B0248CC77341	1070992	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroExt\AcroExt.exe
2014-09-12 09:43:08	E761F6E9DCD590ACD07EB0339A0EBAB5	759712	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AdobeCollabSync.exe
2014-09-12 09:43:08	E74C77DDAFD89D67E12D00A9349BD909	64920	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\wow_helper.exe
2014-09-12 09:43:08	C5B40109889CE05713F767ADDC75CDAC	268696	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroBroker.exe
2014-09-12 09:43:08	978C19F39B72D5FB695763CAD98EB6F1	128416	----a-w-	C:\Program Files (x86)\Adobe\Reader 11.0\Reader\plug_ins\pi_brokers\64BitMAPIBroker.exe
2014-09-12 09:43:08	8A6062A4E6CC7E5A8C17B7D82B07A73A	1543056	----a-w-	C:\found.000\dir0000.chk\AcroRd32.exe
2014-09-12 09:43:06	C5679E5186B2FC95BC76A8A9870D5456	64704	----a-w-	C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
2014-09-11 09:46:16	ED689CF5DA7A0374D2A8E3A8550522F7	483328	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-09-11 09:46:16	665256B575BF83E4B188BE73450C5C29	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-09-11 09:46:16	4DABFE3A9D3C67E9D9AD83C7F8FAD855	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-09-11 09:46:16	0D75A74E925F00D9F256F6A53733DAF8	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-09-11 09:46:14	42F6F28D4885505F687CAF0459FF9F90	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 09:46:14	2D95BDB699FA1D531B642EA18464FE05	139264	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-09-11 09:46:13	33BAC6F66DB5FE5F7E20D41B025F490E	707072	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-09-11 09:46:11	698C19E198F832E071778A1427E942C8	111616	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-09-11 09:46:10	5A0C72B9D3CCA42D8AB74890C19443B2	940032	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-09-11 09:46:08	EEA63B8CF19E59C4A51AD2D9A59DDA25	812216	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-09-11 09:46:08	9540F3F5489747E71101E8AC9850CC79	810168	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
=== C: other files ==
2014-09-16 15:38:12	E03BCC0D86323BEBC5A6FB6E445F2BF7	1196023	----a-w-	C:\Windows\Temp\avgdiag2\d93c5a6d-19ac-452a-ab3a-3a6428779b0e\out\d93c5a6d-19ac-452a-ab3a-3a6428779b0e[b3ee2d3d-4de6-47d6-9184-d16f6baea975].zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3860979855-3241607315-2205122588-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"Hotkey Utility"="C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe"
"MDS_Menu"="C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Acer Arcade Deluxe\MediaShow Espresso UpdateWithCreateOnce Software\CyberLink\MediaShow Espresso\5.6"
"ArcadeMovieService"="C:\Program Files (x86)\Acer Arcade Deluxe\Arcade Movie\ArcadeMovieService.exe"
"UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\3.0"
"YouCam Mirror Tray icon"="C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe /s"
"UnlockerAssistant"="C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"hpqSRMon"="C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe"
"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~3\\browse~1\\23796~1.11\\{16cdf~1\\browse~1.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE3 "
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Classic Start Menu"="C:\Program Files\Classic Shell\ClassicStartMenu.exe"

==== Startup Folders ======================

2014-09-16 12:28:35	1035	----a-w-	C:\Users\eurosys\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\program.lnk
2011-04-04 16:56:55	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3860979855-3241607315-2205122588-1000Core.job --a------ C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe [02/02/2012 11:28]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3860979855-3241607315-2205122588-1000UA.job --a------ C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe [02/02/2012 11:28]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4975" [wscript.exe C:\Users\eurosys\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3860979855-3241607315-2205122588-1000Core" [C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3860979855-3241607315-2205122588-1000UA" [C:\Users\eurosys\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{0626B29C-89A0-43F2-9660-3B02CDE54E05}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{06FE74D1-65EF-42B5-9532-A9428A05CB63}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{0E18DD9C-9EBA-43A1-B939-F923E64BFFAF}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{166F053D-7D9B-4386-B6F7-CEBFF333369F}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{1787F25A-1D21-4D24-A12C-CB4595E39A82}" [D:\Spelletjes\Putt-Putt\PP1\PUTTZOO.EXE]
"C:\Windows\SysNative\tasks\{1A184CF1-DEBE-41EB-8FBA-23E6600E5DD6}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{24B83CDE-4FC3-42D9-B928-BACAA1FA56C8}" [D:\Spelletjes\Putt-Putt\PP1\PUTTZOO.EXE]
"C:\Windows\SysNative\tasks\{2CACB195-BF3B-4D27-9310-F8F06884EDA4}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{30F1174D-7C55-4FC5-A6CB-1138FDAF1507}" [D:\Spelletjes\Putt-Putt\PP1\PUTTZOO.EXE]
"C:\Windows\SysNative\tasks\{33875D49-C2E5-474B-BDEE-C1678902D1D3}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{5216AE0A-92A3-4B6F-B6D0-55D30706F1E1}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{711D9E00-61A1-41F5-ADD7-C264A00D03B5}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{756CCDBA-04E4-4F38-94CF-E9EA558D748D}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{7EAC1A49-7DBE-4522-9438-5C335F76C047}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{84698105-3581-4BF1-8131-3A8EFE44A23D}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{8793D80B-1B99-47B7-9509-A6A6302A0688}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{8EFC1D5D-4A89-4E20-B45E-834EB864A366}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{92B585E8-658E-4ED7-9D5A-FD9A93F779DB}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{A1607B23-2302-4F50-887C-C667E64528B9}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{C21A734A-9440-4C35-9B3D-9E05A2569A8C}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\{D2F310D0-1E82-4D64-8BB2-A6D9EC798B40}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{D634534B-2B02-45FA-B2C5-55DEF2809F1D}" [D:\Spelletjes\Freddi Fish\FREDDI2\FREDDI2.EXE]
"C:\Windows\SysNative\tasks\{EBCF4E8D-E101-4F50-A910-3B5E3CF6E0A3}" [D:\Spelletjes\Putt-Putt\PP1\PUTTZOO.EXE]
"C:\Windows\SysNative\tasks\{FDCA6BE8-0004-4FB5-9768-F59CFE46867F}" [D:\Spelletjes\Tetris\Tetris.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"zulagames@ZulaGames.com"="C:\Users\eurosys\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [06/10/2013 19:12]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"zulagames@ZulaGames.com"="C:\Users\eurosys\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [06/10/2013 19:12]

==== Firefox Extensions ======================

ProfilePath: C:\Users\eurosys\AppData\Roaming\Thunderbird\Profiles\uf97myl6.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

ExtDir: C:\Users\eurosys\AppData\Roaming\Mozilla\Extensions
- Zula Games - %ExtDir%\zulagames@ZulaGames.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\eurosys\AppData\Roaming\Mozilla\Firefox\Profiles\4ow3q7c4.default
FB5621842FDABF9F8359775573498FBC	- C:\Users\eurosys\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
221B630B26951630BA834292AE2AF79E	- C:\Users\eurosys\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll -	Unity Player
42BA7372C3A5E7EFBEC986045CD1C102	- C:\Windows\SysWoW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aanjjkgbodmfkdnkkhcjcghgnibdllak - C:\Users\eurosys\AppData\Local\CRE\aanjjkgbodmfkdnkkhcjcghgnibdllak.crx[06/12/2012 11:26]
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]
jifflliplgeajjdhmkcfnngfpgbjonjg - C:\Program Files (x86)\Perion\NewTab\NewTab.crx[10/12/2012 14:58]
pbiamblgmkgbcgbcgejjgebalncpmhnp - C:\Program Files (x86)\StartSearch plugin\vshareplg.crx[27/10/2011 22:00]
pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
aanjjkgbodmfkdnkkhcjcghgnibdllak - C:\Users\eurosys\AppData\Local\CRE\aanjjkgbodmfkdnkkhcjcghgnibdllak.crx[06/12/2012 11:26]

YouTube - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
New Tab for Chrome - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\jifflliplgeajjdhmkcfnngfpgbjonjg
Google Wallet - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
LiveVDO plugin - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbiamblgmkgbcgbcgejjgebalncpmhnp
Gmail - eurosys\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\eurosys\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "https://www.google.be/",
"startup_urls": [ "https://www.google.be/" ],


==== C:\zoek_backup content ======================

C:\zoek_backup (files=6 folders=1 3834795 bytes)

==== EOF on do 18/09/2014 at  0:38:36,08 ======================