
Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Aart on wo 08-04-2015 at 13:44:39,88.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aart\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

8-4-2015 13:47:24 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\iMesh Applications deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\Fotoservice deleted successfully
C:\Program Files\SAMSUNG deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\Users\Aart\AppData\Roaming\PerformerSoft deleted successfully
C:\Users\Aart\AppData\Roaming\SimilarSites deleted successfully
C:\Users\Aart\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Aart\AppData\Local\PackageAware deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{271FF4A7-3AA1-4DA8-B272-B10D2025C9D6} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{271FF4A7-3AA1-4DA8-B272-B10D2025C9D6} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{817F6EB1-1780-46C5-9225-6832A54AE708} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{817F6EB1-1780-46C5-9225-6832A54AE708} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{271FF4A7-3AA1-4DA8-B272-B10D2025C9D6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{271FF4A7-3AA1-4DA8-B272-B10D2025C9D6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{817F6EB1-1780-46C5-9225-6832A54AE708} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{817F6EB1-1780-46C5-9225-6832A54AE708} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WebCake Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WebCake Desktop Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Internet Enhancer Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Internet Enhancer Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fwvvijfb deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fwvvijfb deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"NextLive"=- 
""=- 
"mobilegeni daemon"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Uniblue not found
"C:\windows\SysNative\drivers\SPPD.sys" not found
"C:\windows\SysNative\drivers\fwvvijfb.sys" not found
C:\Program Files (x86)\Savings Sidekick deleted
C:\Program Files (x86)\weDownload Ltd deleted
C:\Program Files (x86)\Delta deleted
C:\Users\Aart\AppData\Roaming\newnext.me deleted
C:\Program Files (x86)\SearchProtect deleted
C:\Program Files (x86)\WajaInternetEnhance deleted
C:\Users\Aart\AppData\Roaming\Uniblue deleted
C:\Users\Aart\AppData\Roaming\OpenCandy deleted
C:\Users\Aart\AppData\Roaming\uTorrent deleted
"C:\Program Files (x86)\WBDesktop.Updater.1.0.0.16.exe" deleted
"C:\Windows\tasks\PC-Mechanic Maintenance.job" deleted
"C:\Windows\tasks\PC-Mechanic Startup.job" deleted
"C:\Windows\tasks\PC-Mechanic Subscription.job" deleted
"C:\Program Files (x86)\Mobogenie\DaemonProcess.exe" deleted
"C:\Program Files (x86)\Mobogenie\DCR.dll" deleted
"C:\Program Files (x86)\Mobogenie\Device.dll" deleted
"C:\Program Files (x86)\Mobogenie\libeay32.dll" deleted
"C:\Program Files (x86)\Mobogenie\msvcp100.dll" deleted
"C:\Program Files (x86)\Mobogenie\msvcr100.dll" deleted
"C:\Program Files (x86)\Mobogenie\QtCore4.dll" deleted
"C:\Program Files (x86)\Mobogenie\QtGui4.dll" deleted
"C:\Program Files (x86)\Mobogenie\QtNetwork4.dll" deleted
"C:\Program Files (x86)\Mobogenie\QtSql4.dll" deleted
"C:\Program Files (x86)\Mobogenie\QtWebKit4.dll" deleted
"C:\Program Files (x86)\Mobogenie\ssleay32.dll" deleted
"C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted
"C:\Program Files (x86)\Mobogenie\sqldrivers\qsqlite4.dll" deleted
"C:\Program Files (x86)\Ask.com" deleted
"C:\Program Files (x86)\Mobogenie" deleted
"C:\Program Files (x86)\Ask.com\Updater" deleted
"C:\Program Files (x86)\Mobogenie\sqldrivers" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Aart\AppData\Local\Temp ====
2015-04-08 10:37:47	C9293A7DA4406C748B27B4C14D5A0253	43008	----a-w-	C:\Users\Aart\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpprd1_r.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-03-16 14:59:03	ED6E75158D28D33A2E2A020AC5B2B59D	663552	----a-w-	C:\Windows\Sysnative\drivers\PEAuth.sys
2015-03-16 14:58:54	87BCD1034CBF33537D4D4C251D39BA26	94656	----a-w-	C:\Windows\Sysnative\drivers\mountmgr.sys
2015-03-16 14:58:46	90C53BD47979FB8814F465A08B885102	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
2015-03-16 14:57:19	8BA90F480705D7153AD0060CCA62222A	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-03-16 14:57:19	56ED3EE5FED6BF2FC1305CF872042868	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-03-16 14:57:19	27667A788130A7F7A5858DE27572E6D7	459336	----a-w-	C:\Windows\Sysnative\drivers\cng.sys
====== C:\Windows\Tasks ======
2015-04-07 18:45:14	73D0116D6D804CC2169F9F3AE22011AF	3120	----a-w-	C:\Windows\Sysnative\Tasks\{22357040-C4DD-4FFA-AFC7-765FFE9C428E}
2015-03-30 18:01:21	CA10FC445EE6CE44961390D0778FFC06	3458	----a-w-	C:\Windows\Sysnative\Tasks\avaavxvyex
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-08 10:47:23	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Aart\AppData\Roaming ======
2015-03-30 18:00:44	--------	d-----w-	C:\Users\Aart\AppData\Local\avaavxvyex
====== C:\Users\Aart ======
2015-04-08 07:14:42	C7969516D87176867BD5AE772967006F	3894696	----a-w-	C:\Users\Aart\Downloads\Setup_WinThruster_2015.exe
2015-04-07 22:34:20	9866F32F94E0450453A0094F4AB81555	5344528	----a-w-	C:\Users\Aart\Downloads\ccsetup504 (1).exe
2015-04-07 22:34:07	9866F32F94E0450453A0094F4AB81555	5344528	----a-w-	C:\Users\Aart\Downloads\ccsetup504.exe
2015-04-07 18:23:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
2015-04-07 17:36:46	--------	d-----w-	C:\ProgramData\2E3AE

====== C: exe-files ==
2015-04-08 10:47:23	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Aart.exe
2015-04-08 07:14:42	C7969516D87176867BD5AE772967006F	3894696	----a-w-	C:\Users\Aart\Downloads\Setup_WinThruster_2015.exe
2015-04-08 07:07:29	DA8AC392E864489F127D64048D12E043	41460816	----a-w-	C:\Program Files (x86)\Google\Update\Install\{F2B8BF5B-82C1-465A-BDD9-EDCAEF64175F}\41.0.2272.118_chrome_installer.exe
2015-04-07 22:34:20	9866F32F94E0450453A0094F4AB81555	5344528	----a-w-	C:\Users\Aart\Downloads\ccsetup504 (1).exe
2015-04-07 22:34:07	9866F32F94E0450453A0094F4AB81555	5344528	----a-w-	C:\Users\Aart\Downloads\ccsetup504.exe
2015-04-07 18:22:00	52F5313D363B68BAD93495AF8BC771A6	18615048	----a-w-	C:\Users\Aart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LG2BP2HK\pcmechanicpm-standalone-setup[1].exe
2015-04-07 17:28:51	DA8AC392E864489F127D64048D12E043	41460816	----a-w-	C:\Program Files (x86)\Google\Update\Install\{24DE1D0F-2C79-4A51-A324-436AF99E5837}\41.0.2272.118_chrome_installer.exe
2015-04-07 17:28:48	DA8AC392E864489F127D64048D12E043	41460816	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.118\41.0.2272.118_chrome_installer.exe
2015-04-07 05:17:37	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files (x86)\Google\Update\Install\{E98DD2F6-3A22-4682-8B43-82F1D340B61B}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
2015-04-07 05:17:36	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.118\41.0.2272.118_41.0.2272.101_chrome_updater.exe
2015-04-05 12:33:30	E32AAB3E477398B78E9D8F2418D1989C	658944	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-04-05 12:33:30	A6C3E3120AC125BABE410959083A0108	459264	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-04-05 12:33:30	86345D30828786E1CC6AF12DF769D136	392704	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-04-05 12:33:30	771215B601C7D7E88D015D974AF7BEC7	393216	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-04-05 12:33:30	29038FF696BB007224872DA9645EA324	353048	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
=== C: other files ==
2015-04-08 10:42:53	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD9914.tmp.1428489773\HTA\install.1428489773.zip
2015-04-08 10:39:39	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDA026.tmp.1428489579\HTA\install.1428489579.zip
2015-04-08 10:38:52	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDEB58.tmp.1428489532\HTA\install.1428489532.zip
2015-04-08 07:22:28	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDA722.tmp.1428477748\HTA\install.1428477748.zip
2015-04-07 22:47:03	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDC707.tmp.1428446823\HTA\install.1428446823.zip
2015-04-07 22:47:00	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDBA4A.tmp.1428446820\HTA\install.1428446820.zip
2015-04-07 22:46:56	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDAA63.tmp.1428446816\HTA\install.1428446816.zip
2015-04-07 22:11:36	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD1D61.tmp.1428444696\HTA\install.1428444696.zip
2015-04-07 21:50:30	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDC8CB.tmp.1428443430\HTA\install.1428443430.zip
2015-04-07 21:48:25	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDE1C7.tmp.1428443305\HTA\install.1428443305.zip
2015-04-07 21:25:18	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDEEE1.tmp.1428441918\HTA\install.1428441918.zip
2015-04-07 21:24:35	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD495F.tmp.1428441875\HTA\install.1428441875.zip
2015-04-07 21:22:32	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD669F.tmp.1428441752\HTA\install.1428441752.zip
2015-04-07 21:22:19	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD337F.tmp.1428441739\HTA\install.1428441739.zip
2015-04-07 19:05:16	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDDA9.tmp.1428433516\HTA\install.1428433516.zip
2015-04-07 19:04:39	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD7BF5.tmp.1428433479\HTA\install.1428433479.zip
2015-04-07 19:04:34	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD67F8.tmp.1428433474\HTA\install.1428433474.zip
2015-04-07 18:49:50	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDEBB7.tmp.1428432590\HTA\install.1428432590.zip
2015-04-07 18:49:43	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDD27D.tmp.1428432583\HTA\install.1428432583.zip
2015-04-07 18:48:25	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDA239.tmp.1428432505\HTA\install.1428432505.zip
2015-04-07 18:48:22	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD94E1.tmp.1428432502\HTA\install.1428432502.zip
2015-04-07 18:47:57	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD32A6.tmp.1428432477\HTA\install.1428432477.zip
2015-04-07 18:47:50	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD16FB.tmp.1428432470\HTA\install.1428432470.zip
2015-04-07 18:46:18	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDAEE6.tmp.1428432378\HTA\install.1428432378.zip
2015-04-07 18:46:10	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD8F65.tmp.1428432370\HTA\install.1428432370.zip
2015-04-07 18:45:39	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD170B.tmp.1428432339\HTA\install.1428432339.zip
2015-04-07 18:45:29	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDF123.tmp.1428432329\HTA\install.1428432329.zip
2015-04-07 18:45:03	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD8B9E.tmp.1428432303\HTA\install.1428432303.zip
2015-04-07 18:20:34	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYD2231.tmp.1428430834\HTA\install.1428430834.zip
2015-04-07 18:20:18	F2F18BC5529FFD6B9B22B18972E10202	68	----a-w-	C:\Users\Aart\AppData\Local\Temp\HYDE486.tmp.1428430818\HTA\install.1428430818.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Spotify Web Helper"="C:\Users\Aart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Aart\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe -update activex"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NTI\Packard Bell MyBackup\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"QuickTime Update Completion 0"="C:\Windows\SysWOW64\QuickTime\QuickTimeUpdateHelper.exe              -uninstallwithapps -destfullpath C:\Program Files (x86)\QuickTime\QuickTimeUpdater.exe -sourcefullpath C:\Program Files (x86)\QuickTime\TempUpdater.exe -atboottime QuickTime Update Completion 0"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"mobilegeni daemon"="C:\Program Files (x86)\Mobogenie\DaemonProcess.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Spotify Web Helper"="C:\Users\Aart\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Aart\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"="C:\Windows\system32\Macromed\Flash\FlashUtil64_11_9_900_170_ActiveX.exe -update activex"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\VC64Loader.dll"

==== Startup Folders ======================

2014-06-02 19:18:38	1059	----a-w-	C:\Users\Aart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-11-16 07:16:32	1322	----a-w-	C:\Users\Aart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
2011-09-22 20:19:06	2111	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-01-2013 17:11]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Aart-PC-Aart" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\avaavxvyex" [C:\Users\Aart\AppData\Local\avaavxvyex\avaavxvyex.exe]
"C:\Windows\SysNative\tasks\avayvxvaxc" [C:\Users\Aart\AppData\Local\avayvxvaxc\avayvxvaxc.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Scheduled Update for Ask Toolbar" [C:\Program Files (x86)\Ask.com\UpdateTask.exe]
"C:\Windows\SysNative\tasks\{31BE5AB6-CB59-4544-B7AF-5989E167AE22}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Packard Bell\Packard Bell Recovery Management\NotificationCenter\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22-09-2011 22:20]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22-09-2011 22:20]

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyOverride"="<-loopback>"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1577 folders=146 158125837 bytes)

==== EOF on wo 08-04-2015 at 13:54:55,04 ======================