
Zoek.exe v5.0.0.0 Updated 07-October-2014
Tool run by Guy on vr 10/10/2014 at 16:35:29,26.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Guy\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-10-07-200750.log	2168 bytes
C:\zoek-results2014-10-08-150528.log	687 bytes
C:\zoek-results2014-10-09-143937.log	54753 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================


==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Guy\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-10-08 16:25:59	BBA80D3CAB22620A6AC9BB603386EE33	519680	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2014-10-08 16:25:58	C263F3E7E0523556964D661BC7CB9565	2048	----a-w-	C:\Windows\SysWOW64\tzres.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-10-08 16:25:59	8D46C7BCDF7FBAAC8666D6640ADA930E	371712	----a-w-	C:\Windows\Sysnative\qdvd.dll
2014-10-08 16:25:58	A8A87343CAE432677D82C0BCC753D905	2048	----a-w-	C:\Windows\Sysnative\tzres.dll
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-10-07 17:04:51	--------	d-----w-	C:\PROGRA~2\trend micro
2014-10-07 16:33:05	--------	d-----w-	C:\PROGRA~2\Elex-tech
======= C: =====
2014-10-08 19:54:14	E52F0CB375AC32A1B1A57FC9ECC19356	378	----a-w-	C:\Quarantine.reg
2014-10-08 19:54:14	AEC54222036155D900F2A02C7EB8079A	108	----a-w-	C:\Quarantine.lst
====== C:\Users\Guy\AppData\Roaming ======
2014-10-09 14:35:40	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2014-10-09 14:35:40	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2014-10-09 14:35:40	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2014-10-09 14:35:40	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2014-10-09 14:35:40	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2014-10-09 14:35:39	--------	d-----w-	C:\Users\Guy\AppData\Local\Temp
2014-10-09 14:24:03	--------	d-----w-	C:\Users\Guy\AppData\Local\CrashDumps
2014-10-08 16:16:03	--------	d-----w-	C:\Users\Guy\AppData\Local\Axialis
2014-10-07 16:33:02	--------	d-----w-	C:\Users\Guy\AppData\Roaming\Elex-tech
====== C:\Users\Guy ======
2014-10-09 16:18:50	3C7707013DEEA5ED7F68A29A007A7D57	321848	----a-w-	C:\Users\Guy\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-09 16:15:46	8D59D62A93A0B0A7C5DC817B2B5ED215	17291728	----a-w-	C:\Users\Guy\Downloads\mbam-setup-majorgeeks-2.0.2.1012.exe
2014-09-18 15:43:16	--------	d-----w-	C:\ProgramData\Chemtable Software

====== C: exe-files ==
2014-10-10 14:50:44	0C6023D07A02E41C0C9296FA9ED594D7	420672	------r-	C:\ProgramData\NVIDIA\Updatus\Download\6575\updatus.18962103_RUNASUSER.exe
2014-10-09 16:20:44	7D9692F63383CD0CA09EF193D5D93989	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2165435700-71866061-3969913833-1001\$IHLMO77.exe
2014-10-09 16:20:20	B9E479EAF998121E49F1C13AEE27CEF8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2165435700-71866061-3969913833-1001\$IR847SX.exe
2014-10-09 16:18:50	3C7707013DEEA5ED7F68A29A007A7D57	321848	----a-w-	C:\Users\Guy\Downloads\mbam-clean-2.1.1.1001.exe
2014-10-09 16:15:46	8D59D62A93A0B0A7C5DC817B2B5ED215	17291728	----a-w-	C:\Users\Guy\Downloads\mbam-setup-majorgeeks-2.0.2.1012.exe
2014-10-08 16:25:58	916CEC665A9879DEB15BBDD943B7350B	49664	----a-w-	C:\Windows\servicing\GC64\tzupd.exe
=== C: other files ==
2014-10-08 16:10:36	0ACFCDB6F8DFA15AAD42371EF644F828	15609	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\tmp\351d7967adfaade7a068acb6b117c3e6_target.zip
2014-10-08 16:01:16	83EF3433BA79AB23CDAE119986A9D20D	35134	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\tmp\505C3BC2.zip
2014-10-08 14:47:31	E77759AB1BC74157D1D0E530C2D7BABD	78489	----a-w-	C:\Program Files (x86)\Elex-tech\YAC\tmp\17EA7FE0.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2165435700-71866061-3969913833-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Box Edit"="C:\\Users\\Guy\\AppData\\Local\\Box Edit\\Box Edit.exe"
"Spotify Web Helper"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""
"swg"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""
"6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service"
"GoogleDriveSync"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"APSDaemon"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"ASUSWebStorage"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.143.296\\AsusWSPanel.exe /S"
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="6F4CEC92313F9EB14C7A270E0DA24CD485F9E5AD._service_run"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --type=service"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AmIcoSinglun64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AmIcoSinglun64"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\AmIcoSingLun\\AmIcoSinglun64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSPRP]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSPRP"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ASUS\\APRP\\APRP.EXE\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.108.222\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKMEDIA]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATKMEDIA"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Media\\DMedia.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ATKOSD2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ATKOSD2"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATKOSD2\\ATKOSD2.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonQuickMenu]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CanonQuickMenu"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Canon\\Quick Menu\\CNQMMAIN.EXE /logon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\emsisoft anti-malware]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="emsisoft anti-malware"
"hkey"="HKLM"
"command"="\"c:\\program files (x86)\\emsisoft anti-malware\\a2guard.exe\" /d=60"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ETDCtrl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ETDCtrl"
"hkey"="HKLM"
"command"="%ProgramFiles%\\Elantech\\ETDCtrl.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleDriveSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleDriveSync"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Drive\\googledrivesync.exe\" /autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HControlUser]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HControlUser"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ATK Package\\ATK Hotkey\\HControlUser.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]
"command"="C:\\ProgramData\\FLEXnet\\Connect\\11\\ISUSPM.exe -scheduler"
"hkey"="HKCU"
"item"="ISUSPM"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl10]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RemoteControl10"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Cyberlink\\PowerDVD10\\PDVD10Serv.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVBg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVBg"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVBg64.exe /SF3 "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SDTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SDTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SonicMasterTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SonicMasterTray"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\SonicMaster\\SonicMasterTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Guy\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\tomtom\\\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePSTShortCut]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="UpdatePSTShortCut"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files (x86)\\Cyberlink\\DVD Suite\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerStarter\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\VAWinAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="VAWinAgent"
"hkey"="HKLM"
"command"="C:\\ExpressGateUtil\\VAWinAgent.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
"item"="AsusVibeLauncher"
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk"
"backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^FancyStart daemon.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\FancyStart daemon.lnk"
"backup"="C:\\Windows\\pss\\FancyStart daemon.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\Installer\\{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}\\_77B5857C27147149171BE7.exe -d"
"item"="FancyStart daemon"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Guy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"item"="Dropbox"
"path"="C:\\Users\\Guy\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Guy\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Guy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3 .lnk]
"item"="OpenOffice.org 3.3 "
"path"="C:\\Users\\Guy\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.3 .lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.3 .lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Guy^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.lnk]
"item"="OpenOffice.org 3.4"
"path"="C:\\Users\\Guy\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"IntelTBRunOnce"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""
"HotKeysCmds"="C:\\Windows\\system32\\hkcmd.exe"
"Persistence"="C:\\Windows\\system32\\igfxpers.exe"
"IgfxTray"="C:\\Windows\\system32\\igfxtray.exe"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/10/2014 18:21]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/04/2012 20:15]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26/04/2012 20:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\LiveUpdate.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS Patch 10430001" [C:\Windows\AsPatch10430001.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\AsusVibeSchedule" ["C:\Program Files (x86)\Asus\AsusVibe\AsusVibeLauncher.exe"]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe]
"C:\Windows\SysNative\tasks\{1EA4F355-653D-4D2B-A6F3-05487C488BC9}" [C:\Program Files (x86)\iTunes\iTunes.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- YouTube to MP3 - %ProfilePath%\extensions\youtube2mp3@mondayx.de.xpi
- PrintPrint Preview - %ProfilePath%\extensions\{19EB90DC-A456-458b-8AAC-616D91AAFCE1}.xpi

ProfilePath: C:\Users\Guy\AppData\Roaming\Thunderbird\Profiles\u5819eqj.default
- Woordenboek Nederlands - %ProfilePath%\extensions\nl-NL@dictionaries.addons.mozilla.org

ProfilePath: C:\Users\Guy\AppData\Roaming\TomTom\HOME\Profiles\ovc1j5wf.default
- Map status indicator - C:\tomtom\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\tomtom\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Guy\AppData\Roaming\Mozilla\Firefox\Profiles\36q4e1br.default-1367777822496
DFC9460CC37E5C414DC4680B10C19E7A	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll -	Shockwave Flash
95812430959AE88CDD0301AB3A71913B	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll -	Shockwave Flash
960A9681F9F36A73BAB22C0421E42BE3	- C:\Users\Guy\AppData\Local\Box Edit\npBoxEdit.dll -	Box Edit
C548328E9DE5EB73350EF292D7140662	- c:\Picasa\Picasa3\npPicasa3.dll -	Picasa


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[15/07/2014 18:10]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
apdfllckaahabafndbhieahigkjlhalf - C:\Users\Guy\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[07/09/2014 16:55]

Google Drive - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
avast Online Security - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Bananatag for Gmail - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpbnpbfpgjkblmejlgkfkekajajhjcid
Google Wallet - Guy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\Guy\AppData\Local\Google\Chrome\User Data\Default\Preferences
yMLu2jHfg7Rhj50oCKcOFU7C5UAAAABGRqyuPTRDx5qQYyBYQUvri5Nil7EAq2WeCL3otfGRUQPFYWw8UIu\\/FUghFcIn3rBt0FgI7RZBwYTv9Od14O7z\\\",\\\"last_synced_time\\\":\\\"13049112812366012\\\",\\\"managed_user_shared_settings\\\":true,\\\"managed_users\\\":true,\\\"passwords\\\":true,\\\"preferences\\\":true,\\\"priority_preferences\\\":true,\\\"search_engines\\\":true,\\\"session_sync_guid\\\":\\\"session_sync9aO2mokNEKNHkBMYB24TiA==\\\",\\\"sessions\\\":true,\\\"suppress_start\\\":false,\\\"synced_notifications\\\":true,\\\"tabs\\\":true,\\\"themes\\\":true,\\\"typed_urls\\\":true},\\\"sync_promo\\\",{\\\"show_ntp_bubble\\\":false,\\\"startup_count\\\":1,\\\"user_skipped\\\":true},\\\"synced_notification\\\",{\\\"enabled_sending_services\\\":[\\\"Google+\\\"],\\\"first_run\\\":false,\\\"initialized_sending_services\\\":[\\\"Google+\\\"]},\\\"translate_accepted_count\\\",{\\\"fr\\\":0,\\\"nl\\\":0}]},\\\"translate_blocked_languages\\\":[\\\"en\\\",\\\"nl\\\"],\\\"translate_denied_count\\\":{\\\"fr\\\":3,\\\"nl\\\":2},\\\"translate_language_blacklist\\\":[\\\"nl\\\"],\\\"translate_site_blacklist\\\":[\\\"www.hln.be\\\"]}\",\"translate_whitelists\":\"homepage\",\"http:\\/\\/www.trovi.com\\/?gd=&ctid=CT3328140&octid=EB_ORIGINAL_CTID&ISID=M4C272EB9-093F-4639-8F34-A835AB4E06F5&SearchSource=55&CUI=&UM=2&UP=SP53C84613-D5EB-4B47-9E41-7782B579B60D&SSPV=\":\"homepage_is_newtabpage\",\"false\":\"intl\",\"{\\\"accept_languages\\\":\\\"en-US,en\\\"}\":\"invalidator\",\"{\\\"client_id\\\":\\\"2GQFJV48P1b3CU1VYEvROg==\\\"}\":\"media\",\"{\\\"device_id_salt\\\":\\\"Z\\\\\\/D9wRv8BhMsVrvsIvVZyQ==\\\"}\":\"net\",\"{\\\"http_server_properties\\\":{\\\"servers\\\":{\\\"ad.doubleclick.net:80\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":80,\\\"protocol_str\\\":\\\"quic\\\"}},\\\"clients2.google.com:443\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":443,\\\"protocol_str\\\":\\\"quic\\\"},\\\"settings\\\":{\\\"4\\\":100,\\\"5\\\":32,\\\"6\\\":0},\\\"supports_spdy\\\":true},\\\"clients2.googleusercontent.com:443\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":443,\\\"protocol_str\\\":\\\"quic\\\"},\\\"settings\\\":{\\\"4\\\":100,\\\"5\\\":107,\\\"6\\\":0},\\\"supports_spdy\\\":true},\\\"cm.g.doubleclick.net:80\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":80,\\\"protocol_str\\\":\\\"quic\\\"}},\\\"pubads.g.doubleclick.net:80\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":80,\\\"protocol_str\\\":\\\"quic\\\"}},\\\"www.facebook.com:443\\\":{\\\"supports_spdy\\\":true},\\\"www.google.com:443\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":443,\\\"protocol_str\\\":\\\"quic\\\"},\\\"settings\\\":{\\\"4\\\":100,\\\"5\\\":32,\\\"6\\\":0},\\\"supports_spdy\\\":true},\\\"www.googleapis.com:443\\\":{\\\"alternate_protocol\\\":{\\\"port\\\":443,\\\"protocol_str\\\":\\\"quic\\\"},\\\"settings\\\":{\\\"4\\\":100,\\\"5\\\":32,\\\"6\\\":20},\\\"supports_spdy\\\":true}},\\\"version\\\":3}}\":\"null\",\"null\":\"pinned_tabs\",\"plugins\":{\"migrated_to_pepper_flash\":true,\"plugins_list\":\"removed_old_component_pepper_flash_settings\",\"true\":\"profile\"},\"{\\\"avatar_index\\\":0,\\\"content_settings\\\":{\\\"clear_on_exit_migrated\\\":true,\\\"pattern_pairs\\\":\\\"pref_version\\\",\\\"1\\\":\\\"exit_type\\\"},\\\"Normal\\\":\\\"exited_cleanly\\\",\\\"true\\\":\\\"icon_version\\\",\\\"2\\\":\\\"managed_user_id\\\",\\\"\\\":\\\"name\\\",\\\"First user\\\":\\\"per_host_zoom_levels\\\",\\\"protection\\\":{\\\"macs\\\":{\\\"browser\\\":{\\\"show_home_button\\\":\\\"9A7A687E1EEB825533D4F8E44B7138712C8043AC7FBEDD4DE1B70B3B0C8F5BDF\\\"},\\\"default_search_provider\\\":{\\\"keyword\\\":\\\"2B07F921448241664A9C55C44306A3FCA26C59146DA8EE095F8599DAFD6C47E9\\\",\\\"name\\\":\\\"6FF398CCCDDC1BC90DC4D73A1DEF72A3498523FDB6E53F28FCBDDB1B9FA8DB50\\\",\\\"search_url\\\":\\\"A4F1A39ED51B5C9A5ADC9D529E0DE89B27E3616801B650E93293C45230A52616\\\"},\\\"default_search_provider_data\\\":{\\\"template_url_data\\\":\\\"9F0FD6EB976A5DF24A8B5D91BC8CF3799B47C2DAC21940019423582A66FA83E6\\\"},\\\"extensions\\\":{\\\"known_disabled\\\":\\\"114846CF9BC782BFA0269983EED40CC19B32E0666C0B64AC2DA601D21DE79151\\\",\\\"settings\\\":{\\\"ahfgeienlihckogmohjhadlkjgocpleb\\\":\\\"AC550681F89869527BB08ADF86C7EE712F3CD3E410182ABBC4A39706B3907371\\\",\\\"apdfllckaahabafndbhieahigkjlhalf\\\":\\\"FB016024883528C28AE48C31EC0280BD5D4683F0146C50224EF214724D81C110\\\",\\\"bepbmhgboaologfdajaanbcjmnhjmhfn\\\":\\\"D873EDB78DD8D604A7725E687BC046FA7905B0BA4A9E3EA9BC9426DCF46C58DD\\\",\\\"dnhpdliibojhegemfjheidglijccjfmc\\\":\\\"67F70DE38C6E02558C6C79B6239E010A3A756FDD1771447939C0F8B19C3516E6\\\",\\\"eemcgdkfndhakfknompkggombfjjjeno\\\":\\\"D3377DC59745FA33FA94DEFA3C5A090CE91DA61A6DD7DB3A12906C3BDD7743C0\\\",\\\"ennkphjdgehloodpbhlhldgbnhmacadg\\\":\\\"A31565B7BF1484EA57830434F430778015A4CC3FE5C350B98AD3C260C51F31E5\\\",\\\"gfdkimpbcpahaombhbimeihdjnejgicl\\\":\\\"7AC69AA5323B4866D15AE4F86E2D8F9F08BBA5AFF2CC4DC68ECEF9E051302FC2\\\",\\\"gomekmidlodglbbmalcneegieacbdmki\\\":\\\"DC1A6D0478D9045A470DDB8CE0F388ACC04BBA4243E55BE6ECA4C863512A17C2\\\",\\\"jpbnpbfpgjkblmejlgkfkekajajhjcid\\\":\\\"4EB6E386831E8B3DCD027004CDAC6D750DBDA5342AF5685F07170852305A8F82\\\",\\\"kioijmpindokaaahaeigkkkbogccljhm\\\":\\\"A7044403CFE5A22014C52932BC6B04656B9FBADD339404B4AB4A1AAE9B52AA85\\\",\\\"kmendfapggjehodndflmmgagdbamhnfd\\\":\\\"3C1E60CDBBB6DB6F232FA7A49FD53C8B288423EB23806B766BF739E90FBF7F9B\\\",\\\"mfehgcgbbipciphmccgaenjidiccnmng\\\":\\\"C357362624BCC7CC50333175AA231C893EB5CD276EB3B4BB439C72B993384132\\\",\\\"mgndgikekgjfcpckkfioiadnlibdjbkf\\\":\\\"C01A2852C9AF5C1A51C50C9E427283685D02404DEF7A6090320289D7B51740F4\\\",\\\"neajdppkdcdipfabeoofebfddakdcjhd\\\":\\\"F0A1EB6BAB3C2762733767625146A793D9945262A65527F55E5D85F351F6C7AD\\\",\\\"nkeimhogjdpnpccoofpliimaahmaaome\\\":\\\"3DE890C52ACBE44036C2F495B1C761DF1FDB9FF5A490ABA5F9E74FD27F0A1CC0\\\",\\\"nmmhkkegccagdldgiimedpiccmgmieda\\\":\\\"EB6D6B9143B94367BAE64A5C240860622D39900B7B2F9AC4970871AF8548D6A7\\\",\\\"pafkbggdmjlpgkdkcbjmhmfcdpncadgh\\\":\\\"911F5E5875358C9895C35B6081DFC803FA390548016A82279E3223453E5C0412\\\"}},\\\"google\\\":{\\\"services\\\":{\\\"last_username\\\":\\\"C168CC448492DE3EF379F5605907CDB8811CDB097176B8FB214EDAE27A57789F\\\"}},\\\"homepage\\\":\\\"0DA5A343BE728C39625F7D3AC7588B6E42D4A3A3376B58BBB12E66456A68C458\\\",\\\"homepage_is_newtabpage\\\":\\\"A6CE4FB66C372A7F49D973ACCCDB82D878D4CE8A9A4CC179ACEC2BF6C6234180\\\",\\\"pinned_tabs\\\":\\\"30AE325A68F2D8B4329E586DF333FCCD99C20625C938E63EE0DE0FAA408ED04D\\\",\\\"prefs\\\":{\\\"preference_reset_time\\\":\\\"AC835E8EFED51E17BB58CD1C24F77327667D8DCB895E6D56FBD1B32733D98A6C\\\"},\\\"profile\\\":{\\\"reset_prompt_memento\\\":\\\"007AA054E359874341FE581A9969CB3E0D4DAEA348B73BAD410C0ECBC42CC65A\\\"},\\\"safebrowsing\\\":{\\\"incident_report_sent\\\":\\\"18CEBC640E6C19246A61C6D49C8CB963448A998F8802F2D1F0442B3E84FDB17E\\\"},\\\"search_provider_overrides\\\":\\\"C66B56A34BC336A75650C3BE18BA10EE3B0E48EBA247D7BAB2D72E4A5387C4CB\\\",\\\"session\\\":{\\\"restore_on_startup\\\":\\\"062FFE3FEF31302874DDBFAE9452F21EAE3FA3F2A681999E560B195ADD4993C3\\\",\\\"startup_urls\\\":\\\"75C472846B375CE45CE4C9F00CD77076237D3CD55C586490E25E8D74265FCB6B\\\"},\\\"sync\\\":{\\\"remaining_rollback_tries\\\":\\\"FA47A9D3696972076A6AD8A89E79ABD52594A21ECFD9A294955A6DD78C977158\\\"}}}}\":\"session\",\"{\\\"restore_on_startup\\\":4,\\\"restore_on_startup_migrated\\\":true,\\\"startup_urls\\\":[\\\"http:\\\\\\/\\\\\\/www.trovi.com\\\\\\/?gd=&ctid=CT3328140&octid=EB_ORIGINAL_CTID&ISID=M4C272EB9-093F-4639-8F34-A835AB4E06F5&SearchSource=55&CUI=&UM=2&UP=SP53C84613-D5EB-4B47-9E41-7782B579B60D&SSPV=\\\"],\\\"startup_urls_migration_time\\\":\\\"13052312860885496\\\"}\":\"sync\",\"{\\\"remaining_rollback_tries\\\":0}\":\"translate_accepted_count\"}": {


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Guy\AppData\Local\Google\Chrome\User Data\Default\preferences was reset successfully
C:\Users\Guy\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Guy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=546 folders=62 108232279 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guy\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Guy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 10/10/2014 at 18:31:01,49 ======================