
Zoek.exe v5.0.0.0 Updated 27-01-2015
Tool run by Berre on wo 28/01/2015 at 19:15:36,37.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Berre\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

28/01/2015 19:18:20 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\MSECACHE deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Sony deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\DAEMON Tools Lite deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted successfully
C:\Users\Berre\AppData\Roaming\DAEMON Tools Lite deleted successfully
C:\Users\Berre\AppData\Roaming\Vso deleted successfully
C:\Users\Berre\AppData\Roaming\WebTest deleted successfully
C:\Users\Berre\AppData\Local\cache deleted successfully
C:\Users\Berre\AppData\Local\Trend Micro deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-543984391-606257222-1702330859-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_USERS\S-1-5-21-543984391-606257222-1702330859-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AB3B9296-7231-4708-BFF9-713B15E0D3D3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Installed Programs ======================

Adobe Flash Player 16 ActiveX  
Adobe Flash Player 16 NPAPI  
Adobe Reader XI (11.0.10) - Nederlands  
Adobe Refresh Manager  
Avast Free Antivirus  
CCleaner  
Dropbox  
Garmin City Navigator Europe NT 2015.20  
Google Chrome  
Google Update Helper  
Intel(R) Rapid Storage Technology  
Intel(R) Turbo Boost Technology Driver  
IObit Uninstaller  
Java 8 Update 31  
Java Auto Updater  
Logitech SetPoint 6.65  
Microsoft .NET Framework 4.5.2  
Microsoft .NET Framework 4.5.2 (Nederlands)  
Microsoft .NET Framework 4.5.2 (NLD)  
Microsoft Application Error Reporting  
Microsoft Choice Guard  
Microsoft Office Professional Plus 2013 - nl-nl  
Microsoft Silverlight  
Microsoft SQL Server 2005 Compact Edition [ENU]  
Microsoft Visual C++ 2005 Redistributable  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17  
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161  
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005  
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005  
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005  
Microsoft Works  
MyFreeCodec  
NVIDIA-configuratiescherm 340.52  
NVIDIA Drivers  
NVIDIA Install Application  
NVIDIA PhysX  
Office 15 Click-to-Run Extensibility Component  
Office 15 Click-to-Run Licensing Component  
Office 15 Click-to-Run Localization Component  
QuickPar 0.9  
Realtek High Definition Audio Driver  
S Agent  
SAMSUNG USB Driver for Mobile Phones  
SkypeT 6.18  
Smart Defrag 3  
Spybot - Search & Destroy  
Stuurprogrammapakket voor Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201)  
Stuurprogrammapakket voor Windows - Fedict SmartCard  (09/23/2013 4.0.6.0)  
Stuurprogrammapakket voor Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB  (02/06/2007 3.1)  
Windows Driver Package - Broadcom Bluetooth  (07/30/2009 6.2.0.9405)  
Windows Driver Package - Broadcom Bluetooth  (09/11/2009 6.2.0.9407)  
Windows Driver Package - Broadcom HIDClass  (07/28/2009 6.2.0.9800)  
Windows Driver Package - Garmin (grmnusb) GARMIN Devices  (04/19/2012 2.3.1.0)  
Windows Live - Hulpprogramma voor uploaden  
Windows Live aanmeldhulp  
Windows Live Call  
Windows Live Communications Platform  
Windows Live Essentials  
Windows Live Family Safety  
Windows Live Mail  
Windows Live Messenger  
Windows Live Movie Maker  
Windows Live Photo Gallery  
Windows Live Sync  
Windows Live Writer  
WinRAR 5.20 (64-bit)  

==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe
C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
C:\windows\SysWOW64\Rezip.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Users\Berre\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Users\Berre\Desktop\zoek.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdvancedSystemCareService6 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\AdvancedSystemCareService6 deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 

==== Deleting Files \ Folders ======================

C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found
C:\PROGRA~3\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} not found
"C:\windows\Installer\5518e.msi" not found
C:\Users\Berre\.android deleted
C:\PROGRA~2\A51D1C17-72CD-45BA-8C9E-E3FCA95DEAC8 deleted
C:\Users\Berre\AppData\Roaming\temp.ini deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Berre\AppData\LocalLow\ADSRemoval deleted
C:\windows\wininit.ini deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\SET85A0.tmp deleted
C:\Users\Berre\Documents\Add-in Express deleted
"C:\DelFix.txt" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 3950 MB
CPU Info: Intel(R) Core(TM) i5 CPU       M 450  @ 2.40GHz
CPU Speed: 2424.6 MHz
Sound Card: Luidsprekers (2- Realtek High D | 
Display Adapters: NVIDIA GeForce GT 330M   | NVIDIA GeForce GT 330M   | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Bluetooth Device (Personal Area Network) #7 | Qualcomm Atheros AR9285 Wireless Network Adapter
CD / DVD Drives: 1x (E: | ) E: TSSTcorpCDDVDW TS-L633C
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  290.5GB | D:  290.5GB
Hard Disks - Free: C:  98.1GB | D:  288.3GB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 12/16/09 | SECCSD - 6222004
Time Zone: Romance (standaardtijd)
Motherboard *: SAMSUNG ELECTRONICS CO., LTD. R780
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: Spybot - Search and Destroy disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Internet Explorer Version: 11.0.9600.17501 
Google Chrome version: 40.0.2214.93
Adobe Reader version: 11.0.10.32
Sun Java version: 1.8.0_31 (32-bit) 
Sun Java version: 1.8.0_31 (64-bit) 
Flash Player version: 16.0.0.296

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\Berre\AppData\Local\Temp ====
2015-01-28 18:03:47	97511FE2CA09CC2E06C3CD6519C3494E	43008	----a-w-	C:\Users\Berre\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpajzbpn.dll
2015-01-26 16:40:47	FD8A58F4A5C4B2EEF93415D9C9581415	641448	----a-w-	C:\Users\Berre\AppData\Local\Temp\jre-8u31-windows-au.exe
====== Java Cache =====
2015-01-26 16:43:30	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Berre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-65a344fc
2015-01-26 16:43:22	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Berre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-15f5bb59
2015-01-26 16:43:22	3EF3CEF00FCCC8A31A19F46C7B624D49	424	----a-w-	C:\Users\Berre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-01-26 16:43:20	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Berre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-4d3257ba
2015-01-26 16:43:22	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Berre\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-16062bc0
====== C:\windows\SysWOW64 =====
2015-01-20 18:16:50	13D186FA6F19823C598335443CE233BC	98216	----a-w-	C:\windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
2015-01-18 14:36:15	64AEB5790901EA8854884981F104CAA6	18960	----a-w-	C:\windows\Sysnative\drivers\LNonPnP.sys
2015-01-13 20:25:11	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\windows\Sysnative\drivers\mrxdav.sys
2015-01-13 19:30:43	7D7FBC9504575D97885A858EA93684F5	5804772	----a-w-	C:\windows\Sysnative\drivers\rtvienna.dat
2015-01-13 19:30:42	D2B1DA73B6E8769A1BE1A55693B7F1B3	4263128	----a-w-	C:\windows\Sysnative\drivers\RTKVHD64.sys
2015-01-13 19:30:40	814231B961760C39A5807A43D8ED71E1	1443340	----a-w-	C:\windows\Sysnative\drivers\RTAIODAT.DAT
2015-01-13 19:25:39	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\windows\Sysnative\drivers\Msft_Kernel_Smb_driver_Intel_01011.Wdf
2015-01-04 13:13:36	2232AE1BB51A96A7381A2CA17DF12E24	12866008	----a-w-	C:\windows\Sysnative\drivers\nvlddmkm.sys
2015-01-04 13:11:14	E366A5681C50785D4ED04FCFD65C3415	197408	----a-w-	C:\windows\Sysnative\drivers\nvhda64v.sys
2015-01-04 13:09:17	678D197CAD249F930B7FDD2AFA4C91B0	34544	----a-w-	C:\windows\Sysnative\drivers\Smb_driver_Intel.sys
2015-01-04 13:09:17	678D197CAD249F930B7FDD2AFA4C91B0	34544	----a-w-	C:\windows\Sysnative\drivers\SETF085.tmp
====== C:\windows\Tasks ======
2015-01-18 13:43:54	93AEAE8C6A063D29A01B89B9E18B529B	3842	----a-w-	C:\windows\Sysnative\Tasks\DriverNavigator Scheduled Scan
2015-01-18 13:43:54	7CF239DAA9BF511E5BE5A30EB9A6A088	436	----a-w-	C:\windows\Tasks\DriverNavigator Scheduled Scan.job
2015-01-16 18:59:22	B03E5AFD2469349CCF6042549574782D	3128	----a-w-	C:\windows\Sysnative\Tasks\{FF06AE39-23B4-4DF3-917E-99804A90B8D6}
2015-01-15 16:43:21	7731AA16ADC6DEA3F00BEC8EFE7F81E2	5060	----a-w-	C:\windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for LaptopBerre-Berre LaptopBerre
2015-01-15 16:12:46	--------	d-----w-	C:\windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
2015-01-04 13:19:37	5854DC92856A934A6DD798E19BA321F5	3042	----a-w-	C:\windows\Sysnative\Tasks\SAgent
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-01-20 18:13:23	--------	d-----w-	C:\Program Files\trend micro
2015-01-18 13:43:50	--------	d-----w-	C:\Program Files\Easeware
2015-01-15 16:09:14	--------	d-----w-	C:\Program Files\Microsoft Office 15
======= C:\PROGRA~2 =====
2015-01-26 16:42:14	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-01-21 19:25:30	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2015-01-20 18:15:49	--------	d-----w-	C:\PROGRA~2\Java
2015-01-18 14:49:23	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel Corporation
2015-01-04 13:16:34	--------	d-----w-	C:\PROGRA~2\NVIDIA Corporation
======= C: =====
2015-01-16 18:41:53	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\asc_rdflag
====== C:\Users\Berre\AppData\Roaming ======
2015-01-20 18:14:35	--------	d-----w-	C:\Users\Berre\AppData\Locallow\Sun
2015-01-18 14:48:31	--------	d-----w-	C:\Users\Berre\AppData\Roaming\Intel Corporation
2015-01-18 13:43:55	--------	d-----w-	C:\Users\Berre\AppData\Roaming\Easeware
2015-01-05 18:46:54	--------	d-----w-	C:\Users\Berre\AppData\Roaming\Leadertech
====== C:\Users\Berre ======
2015-01-20 18:17:00	--------	d-----w-	C:\ProgramData\Sun
2015-01-20 18:16:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-20 18:15:56	--------	d-----w-	C:\ProgramData\Oracle
2015-01-18 14:48:25	--------	d-----w-	C:\windows\sysWoW64\config\systemprofile\Intel
2015-01-18 14:48:20	--------	d-----w-	C:\ProgramData\Intel
2015-01-18 14:48:20	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2015-01-18 14:46:39	--------	d-----w-	C:\Users\Berre\Intel
2015-01-15 16:12:41	--------	d-----w-	C:\ProgramData\regid.1991-06.com.microsoft
2015-01-15 16:11:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013

====== C: exe-files ==
2015-01-27 17:57:29	B88B8DA6B88D10319658833BF4C01CFD	62751	----a-w-	C:\Users\Berre\Downloads\Taken 3 (2015) HQ AC3 DD20 (Externe Subs)\reverse-tools-mac-win\WINDOWS\Setup.exe
2015-01-27 17:41:33	C6DD4B27BD0B72B9897F25ED2AC0F732	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-543984391-606257222-1702330859-1000\$I71CHCE.exe
2015-01-27 17:21:59	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-543984391-606257222-1702330859-1000\$R71CHCE.exe
2015-01-27 10:07:28	220A0B7B557EFEF7C399CDC1E9DBDA2D	875088	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome_updater.exe
2015-01-26 16:41:35	7479DA0BED071427A3F0017AC51CC27B	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe
2015-01-26 16:41:35	577F5DCBA4DE4C345631873670F84E79	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe
2015-01-26 16:41:34	F9D744CD9BC58F287F8FA59D32508EDD	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe
2015-01-26 16:41:34	DBB5C8AE19ACFA2857CFB90C7305AC56	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe
2015-01-26 16:41:34	DA34E76DE9CD93471F24E7BD43139958	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe
2015-01-26 16:41:34	CDB1FE0DCF2ADB755EBF65C8AEBBC871	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe
2015-01-26 16:41:34	AF82EA1498FEC5C49B8A1AE5AA0A5F6C	77224	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-01-26 16:41:34	A8884FB8246655C84F110E77DF5E1B4A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe
2015-01-26 16:41:34	8B6DF9CD28359C5E819446FD79CE3948	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-01-26 16:41:34	69BD74EE834B5629226BF89468B8020B	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe
2015-01-26 16:41:34	5F7C51E0DCA813D647F14FC12AE675F2	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe
2015-01-26 16:41:34	39685FC75B6FB2144E793595F1AB111D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe
2015-01-26 16:41:34	2F77C9862B1A2401278C4A5B932DA69D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe
2015-01-26 16:41:34	0FB2ACAC796B166F6486B593B604A3FF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe
2015-01-26 16:41:33	F5EA785B2BCC08DC28CBC2D96E05F2C1	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
2015-01-26 16:41:33	DF1C8EDDAF14D2960A06A9DF7B2D0A89	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe
2015-01-26 16:41:33	B0D46640968F989830413EB88F43E0D0	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe
2015-01-26 16:41:33	90C02BD6D01BBC1C620323F9E330E89C	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe
2015-01-26 16:41:33	52C8B9FD016E6317FDB151296FF90877	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe
2015-01-26 16:41:33	3E72E1AB196855916E2065C604674631	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe
2015-01-26 16:41:33	063A1044A451660B159426B9C5E75957	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe
2015-01-26 16:40:47	FD8A58F4A5C4B2EEF93415D9C9581415	641448	----a-w-	C:\Users\Berre\AppData\Local\Temp\jre-8u31-windows-au.exe
=== C: other files ==
2015-01-26 16:41:36	3315140254247E248C3531F159C79109	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-543984391-606257222-1702330859-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"UpdatePDRShortCut"="C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerDirector UpdateWithCreateOnce Software\CyberLink\PowerDirector\7.0"
"UpdatePPShortCut"="C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0"
"UpdatePSTShortCut"="C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"
"UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"APLangApp"="c:\program files (x86)\anypc client\aplangapp.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"command"="c:\\program files (x86)\\common files\\adobe\\arm\\1.0\\adobearm.exe"
"hkey"="HKLM"
"item"="Adobe ARM"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 7]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 7"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 7\\ASCTray.exe\" /Auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 8]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Advanced SystemCare 8"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\ASCTray.exe\" /Auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APLangApp]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"command"="c:\\program files (x86)\\common files\\ahead\\lib\\nmbgmonitor.exe"
"hkey"="HKCU"
"item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Browser Extensions]
"hkey"="HKCU"
"item"="Browser Extensions"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="c:\\program files (x86)\\cyberlink\\power2go\\clmlsvc.exe"
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"command"="c:\\program files (x86)\\garmin\\express tray\\expresstray.exe"
"hkey"="HKCU"
"item"="GarminExpressTrayApp"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"command"="c:\\program files (x86)\\samsung\\kies\\kies.exe /preload"
"hkey"="HKCU"
"item"="KiesPreload"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"command"="c:\\program files (x86)\\samsung\\kies\\kiestrayagent.exe"
"hkey"="HKLM"
"item"="KiesTrayAgent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut]
"command"="c:\\program files (x86)\\cyberlink\\powerdvd8\\language\\language.exe"
"hkey"="HKLM"
"item"="PDVD8LanguageShortcut"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8]
"command"="c:\\program files (x86)\\cyberlink\\powerdvd8\\pdvd8serv.exe"
"hkey"="HKLM"
"item"="RemoteControl8"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="c:\\program files\\realtek\\audio\\hda\\ravcpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SearchSettings]
"hkey"="HKLM"
"item"="SearchSettings"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Slick Savings]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"command"="c:\\program files (x86)\\google\\googletoolbarnotifier\\googletoolbarnotifier.exe"
"hkey"="HKCU"
"item"="swg"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"command"="%programfiles%\\synaptics\\syntp\\syntpenh.exe"
"hkey"="HKLM"
"item"="SynTPEnh"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut]
"command"="c:\\program files (x86)\\cyberlink\\labelprint\\muitransfer\\muistartmenu.exe\" \"c:\\program files (x86)\\cyberlink\\labelprint\" updatewithcreateonce \"software\\cyberlink\\labelprint\\2.5"
"hkey"="HKLM"
"item"="UpdateLBPShortCut"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut]
"command"="c:\\program files (x86)\\cyberlink\\power2go\\muitransfer\\muistartmenu.exe\" \"c:\\program files (x86)\\cyberlink\\power2go\" updatewithcreateonce \"software\\cyberlink\\power2go\\6.0"
"hkey"="HKLM"
"item"="UpdateP2GoShortCut"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
"item"="Bluetooth"
"backup"="C:\\windows\\pss\\Bluetooth.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\WIDCOMM\\BLUETO~1\\BTTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Berre^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"item"="Dropbox"
"backup"="C:\\windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Berre\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"
"path"="C:\\Users\\Berre\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"


==== Startup Folders ======================

2015-01-26 17:15:15	1138	----a-w-	C:\Users\Berre\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [26/01/2015 21:32]
C:\windows\tasks\DriverNavigator Scheduled Scan.job --a------ C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe []
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000Core.job --a------ C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000UA.job --a------ C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe []
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [08/11/2013 18:22]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\advSRS4" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 4\WCScheduler.exe"]
"C:\windows\SysNative\tasks\APSchedulerC" [C:\Program Files (x86)\AnyPC Client\APLanMgrC.exe]
"C:\windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]
"C:\windows\SysNative\tasks\ASC7_SkipUac_Berre" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\windows\SysNative\tasks\avastBCLRestartS-1-5-21-543984391-606257222-1702330859-1000" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\windows\SysNative\tasks\BatteryLifeExtender" [C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\windows\SysNative\tasks\Driver Booster SkipUAC (Berre)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\windows\SysNative\tasks\Driver Booster SkipUAC (SYSTEM)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\windows\SysNative\tasks\DriverNavigator Scheduled Scan" [C:\Program Files\Easeware\DriverNavigator\DriverNavigator.exe]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000Core" [C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-543984391-606257222-1702330859-1000UA" [C:\Users\Berre\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\SAgent" ["C:\Program Files\Samsung\S Agent\CommonAgent.exe"]
"C:\windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe]
"C:\windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]
"C:\windows\SysNative\tasks\SUPBackground" ["%ProgramFiles%\Samsung\Samsung Update Plus\SUPBackground.exe"]
"C:\windows\SysNative\tasks\Uninstaller_SkipUac_Berre" [C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]
"C:\windows\SysNative\tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms" [C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Berre\AppData\Roaming\Mozilla\Firefox\Profiles\0mdgcuqz.default-1418590944946
user_pref("browser.startup.homepage", "https://www.google.be/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [18/01/2015 15:35]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dflinnddekagfkncpgojoppgnppfkbkj - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[16/11/2014 20:08]
heoldelcflnigdllmlopiefhkkobendj - No path found[]

Google Docs - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Wallet - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Berre\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
"Search Page"="https://startpage.com/do/search?query={searchTerms}&trackid=sp-001"
"Search Bar"="https://startpage.com/?trackid=sp-001"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://startpage.com/?trackid=sp-001"
"Search Page"="https://startpage.com/do/search?query={searchTerms}&trackid=sp-001"
"Search Bar"="https://startpage.com/?trackid=sp-001"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://startpage.com/?trackid=sp-001"
"Search Page"="https://startpage.com/do/search?query={searchTerms}&trackid=sp-001"
"Search Bar"="https://startpage.com/?trackid=sp-001"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{CF49125D-FBA8-47CD-B46F-628DEEE6C6B8}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SMSN_nlBE560"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"
{CF49125D-FBA8-47CD-B46F-628DEEE6C6B8} Startpage  Url="https://startpage.com/do/search?query={searchTerms}&trackid=sp-001"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\903C920E1244B01498A0032D8E8ED2C0 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\903C920E1244B01498A0032D8E8ED2C0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 7 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Advanced SystemCare 8 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APLangApp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Browser Extensions deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SearchSettings deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Slick Savings deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [UpdatePDRShortCut] "C:\Program Files (x86)\CyberLink\PowerDirector\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerDirector" UpdateWithCreateOnce "Software\CyberLink\PowerDirector\7.0"
O4 - HKLM\..\Run: [UpdatePPShortCut] "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
O4 - HKLM\..\Run: [UpdatePSTShortCut] "C:\Program Files (x86)\CyberLink\DVD Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\DVD Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\2.0"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [APLangApp] c:\program files (x86)\anypc client\aplangapp.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Dropbox.lnk = Berre\AppData\Roaming\Dropbox\bin\Dropbox.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Afbeelding verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Pagina verzenden naar &Bluetooth-apparaat... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Verzenden naar Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Verzenden naar &Bluetooth-apparaat... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: Garmin Communicator Plug-In - https://static.garmincdn.com/gcp/ie/4.1.0.0/GarminAxControl_32.CAB
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: SDWinLogon - SDWinLogon.dll (file missing)
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Core Update Service - Garmin Ltd or its subsidiaries - C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: NBService - Nero AG - C:\Program Files (x86)\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\windows\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Rezip - Unknown owner - C:\windows\SysWOW64\Rezip.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Spybot-S&D 2 Scanner Service (SDScannerService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
O23 - Service: Spybot-S&D 2 Updating Service (SDUpdateService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
O23 - Service: Spybot-S&D 2 Security Center Service (SDWSCService) - Safer-Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: Sony Digital Media Server (SOHDms) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDms.exe
O23 - Service: Sony Device Searcher (SOHDs) - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
O23 - Service: VAIO Entertainment Common Service (SpfService) - Sony Corporation - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SW Update Service (SWUpdateService) - Samsung Electronics CO., LTD. - C:\ProgramData\Samsung\SW Update Service\SWMAgent.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Berre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Berre\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Berre\AppData\Local\Mozilla\Firefox\Profiles\ijyim6b1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Berre\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1127 folders=123 85155769 bytes)

==== Empty Temp Folders ======================

C:\Users\Berre\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Berre\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 28/01/2015 at 19:44:25,74 ======================