
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by willy on di 16/06/2015 at 11:26:16,34.

Running in: Normal Mode Internet Access Detected
Launched: C:\Users\willy\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-06-10-172259.log	17446 bytes
C:\zoek-results2015-06-16-091123.log	28891 bytes
C:\zoek-results2015-06-16-092525.log	28099 bytes

==== Files Recently Created / Modified ======================

====== C:\windows ====
2015-06-01 15:57:25	D1E75542EC8D1B4851765A57AC63618E	1908	----a-w-	C:\windows\diagwrn.xml
2015-06-01 15:57:25	D1E75542EC8D1B4851765A57AC63618E	1908	----a-w-	C:\windows\diagerr.xml
====== C:\windows\TEMP ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
====== C:\windows\Tasks ======
2015-05-30 07:58:46	FAC8F59549E89FF4112A0BCBC32426AC	1060	----a-w-	C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-30 07:58:46	78244C80D5FFF4F42327E387DDBF69AB	4032	----a-w-	C:\windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2015-05-30 07:58:44	9448B315AB6A572861F2ED9D65D9FCC9	1056	----a-w-	C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-30 07:58:44	2B0DB40D894E83E44803843F8D4BD656	3796	----a-w-	C:\windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
2015-05-29 19:06:55	657889B6B95C38ED4D464E2612F1556D	316	----a-w-	C:\windows\Tasks\Start Driver Reviver for WB@willy(logon).job
2015-05-29 19:06:55	62CACDC18FF3A5F6CA0C6B6C0E36E263	2576	----a-w-	C:\windows\Sysnative\Tasks\Start Driver Reviver for WB@willy(logon)
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-06-06 11:18:55	--------	d-----w-	C:\Program Files\trend micro
2015-05-30 15:50:06	--------	d-----w-	C:\Program Files\Google
======= C:\PROGRA~2 =====
2015-06-01 09:45:08	--------	d-----w-	C:\PROGRA~2\Hp
2015-05-29 13:36:47	--------	d-----w-	C:\PROGRA~2\COMMON~1\AVG Secure Search
2015-05-28 08:37:45	--------	d-----w-	C:\PROGRA~2\MiniGet
2015-05-28 08:37:36	--------	d-----w-	C:\PROGRA~2\Opera
======= C: =====
2015-06-01 18:42:05	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Recovery.txt
====== C:\Users\willy\AppData\Roaming ======
2015-06-15 10:33:52	--------	d-----w-	C:\Users\Default\AppData\Roaming\TuneUp Software
2015-06-15 10:33:52	--------	d-----w-	C:\Users\Default User\AppData\Roaming\TuneUp Software
2015-06-13 08:47:40	--------	d-----w-	C:\Users\willy\AppData\Roaming\ParetoLogic
2015-06-13 08:47:40	--------	d-----w-	C:\Users\willy\AppData\Roaming\DriverCure
2015-06-09 20:33:38	--------	d-----w-	C:\Users\willy\AppData\Roaming\hpqLog
2015-05-30 15:56:18	--------	d-----w-	C:\Users\willy\AppData\Locallow\Adobe
2015-05-30 15:37:15	--------	d-----w-	C:\Users\willy\AppData\Local\Adobe
2015-05-29 13:37:14	--------	d-----w-	C:\Users\willy\AppData\Local\AVG Web TuneUp
2015-05-29 13:37:09	--------	d-----w-	C:\Users\willy\AppData\Locallow\AVG Web TuneUp
2015-05-29 13:36:44	--------	d-----w-	C:\windows\sysWoW64\config\systemprofile\AppData\Locallow\AVG Web TuneUp
2015-05-28 14:01:39	--------	d-----w-	C:\Users\willy_2\AppData\Locallow\MapsGalaxy_39
2015-05-28 14:00:32	--------	d-----w-	C:\Users\willy\AppData\Locallow\MapsGalaxy_39EI
2015-05-28 13:59:22	--------	d-----w-	C:\Users\willy\AppData\Local\iolo
2015-05-28 13:58:19	--------	d-----w-	C:\Users\willy_2\AppData\Locallow\SafePCRepair_89
2015-05-28 08:43:56	--------	d-----w-	C:\Users\willy\AppData\Roaming\Opera Software
2015-05-28 08:43:56	--------	d-----w-	C:\Users\willy\AppData\Local\Opera Software
2015-05-28 08:37:45	--------	d-----w-	C:\Users\willy\AppData\Roaming\MiniGet
====== C:\Users\willy ======
2015-06-14 16:54:07	24E4FC2D61475B0169D2FAD7BB9B68A1	22171408	----a-w-	C:\Users\willy\Downloads\SUPERAntiSpyware.exe
2015-06-13 08:47:33	--------	d-----w-	C:\ProgramData\ParetoLogic
2015-06-13 08:42:52	F0EE0FE6CC055FCEBE2B417D6ACAEF57	5239920	----a-w-	C:\Users\willy\Downloads\ParetoLogic PC Health Advisor_nl.exe
2015-06-11 14:38:28	--------	d-----w-	C:\ProgramData\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44}
2015-06-11 14:20:09	093D0EDD5FA559EC0C711C0B9569D673	37602760	----a-w-	C:\Users\willy\Downloads\sp68201 (1).exe
2015-06-09 20:18:07	093D0EDD5FA559EC0C711C0B9569D673	37602760	----a-w-	C:\Users\willy\Downloads\sp68201.exe
2015-06-06 16:33:36	E034F21EF1927EFE6984A1DC5CE3B3A2	3542768	----a-w-	C:\Users\willy\Downloads\wzdu24.exe
2015-06-06 11:53:38	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\willy\Downloads\RSITx64.exe
2015-05-30 15:49:52	--------	d-----w-	C:\ProgramData\Google
2015-05-30 15:48:34	--------	d-----w-	C:\ProgramData\Adobe
2015-05-30 08:05:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-29 13:36:48	--------	d-----w-	C:\ProgramData\AVG Secure Search
2015-05-29 13:36:44	--------	d-----w-	C:\ProgramData\AVG Web TuneUp
2015-05-28 13:59:22	--------	d-----w-	C:\ProgramData\iolo
2015-05-28 10:26:53	8E1B08222F20E45A3E8DB04C569F9CB7	8	--sha-r-	C:\ProgramData\ntuser.pol

====== C: exe-files ==
2015-06-16 09:05:06	A4F4E39316011C59911B72B60013D88C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$IRFAGFT.exe
2015-06-16 09:05:06	9D21AE0E679047DEC92405D2F6B755F3	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$IOMY55R.exe
2015-06-16 09:05:06	735583BD48579936E78B124EE2C53C71	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$I4MV13U.exe
2015-06-16 09:05:06	3738332EECA493349E217AF416DAEF75	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$I4S67UG.exe
2015-06-16 09:04:15	7EDF56600D2100AA6E6208ACE2B1A9EF	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$IONJVGG.exe
2015-06-16 08:51:21	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$ROMY55R.exe
2015-06-16 08:04:10	7D510F7D05E0A16A1B6A0643E49213F0	507904	----a-r-	C:\$WINDOWS.~BT\Sources\dlmanifests\microsoft-windows-iasserver-migplugin\iasmigreader.exe
2015-06-16 08:03:59	9865548C043CCD1A927A6EABA257B06B	46704	----a-r-	C:\$WINDOWS.~BT\Sources\wicainventory.exe
2015-06-16 08:03:52	C64440BB360D52882CC957E39CBA75D9	6168176	----a-r-	C:\$WINDOWS.~BT\Sources\setupplatform.exe
2015-06-16 08:03:52	6F8D8FD1BF83E8452875D574E726A994	260712	----a-r-	C:\$WINDOWS.~BT\Sources\setupresume.exe
2015-06-16 08:03:48	ED9729D6CA24B4AADACD5123D1BB2067	116328	----a-r-	C:\$WINDOWS.~BT\Sources\QueryAppBlock.exe
2015-06-16 08:03:48	28F66D38E320A443C895A3FE353EDB31	257640	----a-r-	C:\$WINDOWS.~BT\Sources\PostRollback.exe
2015-06-16 08:03:46	ECF429E42C623E435DA179CA7BB361E1	280168	----a-r-	C:\$WINDOWS.~BT\Sources\mighost.exe
2015-06-16 08:03:44	6B354EBA6274926D25F30290F7950F4D	10518632	----a-r-	C:\$WINDOWS.~BT\Sources\InstallPrep.exe
2015-06-16 08:03:44	659DA8B4BC805E2AB7E6280A6CA89F2F	4928616	----a-r-	C:\$WINDOWS.~BT\Sources\Install.exe
2015-06-14 16:54:07	24E4FC2D61475B0169D2FAD7BB9B68A1	22171408	----a-w-	C:\Users\willy\Downloads\SUPERAntiSpyware.exe
2015-06-14 08:13:02	3E4DFCC923D0174878C3151FEF99195D	4608	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Quick Start\HPQuickstart.exe
2015-06-14 08:10:22	FFD052D0F464ADC243C24E71D15C9990	12344	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\UtilTask.exe
2015-06-14 08:10:22	F57DB2F9AD648E513E97B5BCA2F14F46	44760	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe
2015-06-14 08:10:22	EEF8E50E55BC6DD97ADFA816ACDB8B0B	48856	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_PCord.exe
2015-06-14 08:10:22	E71B3AB9DDB8A4561F3FC2FB5C80DEB2	28888	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowMemory.exe
2015-06-14 08:10:22	DF2AC1055C406AA66869C95C2FD84A21	17464	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACIPDetection4.exe
2015-06-14 08:10:22	D4C3B65042EEB87FC0A06A84CD520879	154424	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil.exe
2015-06-14 08:10:22	C4476BF09DBF8FF6B1A19E1C7692659F	26624	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_Ex_US.exe
2015-06-14 08:10:22	C23490916152CA356B4BDA4A87974B45	35032	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness.exe
2015-06-14 08:10:22	BC60E57D4BE2766F001E6C2B3867CB2A	125752	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtil7.exe
2015-06-14 08:10:22	B524A0FAB59C208895913DC82FB3D090	40200	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSACommander.exe
2015-06-14 08:10:22	A774819972810971993515749BC9B7EC	61240	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\WarrantyObjectChecker.exe
2015-06-14 08:10:22	A024CEA792E4CD161D664116A81821A8	27352	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_WindowsOLD.exe
2015-06-14 08:10:22	883C320288DD1069132B79951B6474FB	26624	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_NSPOS.exe
2015-06-14 08:10:22	7C4B1D7284CE08D53C531651EA59444E	27352	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_NSPOS.exe
2015-06-14 08:10:22	71200A64C303FA46D5D1F0CE8C91632F	24064	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SystemRestore.exe
2015-06-14 08:10:22	6A6983390656B73226571BF79A1214AB	37176	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPResignFileLoader.exe
2015-06-14 08:10:22	661ED14E987A28B143F9AF8F442436E3	25088	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_EMEA.exe
2015-06-14 08:10:22	597C0B6A726AD7A1B30C39546106D7AF	24064	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_NSPOS.exe
2015-06-14 08:10:22	58D87CD3D31B52C204A40F19FEF6BF3D	27352	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_EMEA.exe
2015-06-14 08:10:22	4A2EC5639C9562E3B4EA517F8F95D2BF	29184	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDiscReminder_V2.exe
2015-06-14 08:10:22	1CB4CFEC665437714BE782EB881387B8	33592	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SystemRestoreCheck_V2.exe
2015-06-14 08:10:22	1059C375192D53514933CBE87E79BA64	21304	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe
2015-06-14 08:10:22	06D9888F172A8AC47959DA5DF68270DE	29400	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_LowDiskSpace_US.exe
2015-06-14 08:10:22	050BDDCD5B033D6283910ECACC513B2E	24576	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_EMEA.exe
2015-06-14 08:10:21	F9EDD8A064F0FEDEAF812CF5B5EF5E9B	33496	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AfterUpgradingToWin81.exe
2015-06-14 08:10:21	F3A2B4CA1DF34F751B9267D0A78673B6	32256	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderA.exe
2015-06-14 08:10:21	E515A156798111669821C005482FE4A4	31744	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_B.exe
2015-06-14 08:10:21	B8187379AEF2F29650239B329C3EA0DA	32256	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderB.exe
2015-06-14 08:10:21	AF0D919701B5BE372A276800084E6661	30936	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder.exe
2015-06-14 08:10:21	AC70A4D490D4D2CD6A0E63E0C66F6D04	27864	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupPasswordReminder_NSPOS.exe
2015-06-14 08:10:21	9C4F8AAFD98D999F7D5707274EE1B23F	37688	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_CoolSense.exe
2015-06-14 08:10:21	8AEFE655CDB95D2F0BD175ADBC84F16C	24064	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe
2015-06-14 08:10:21	8409673B856C3F2AF634B135EF805F50	29912	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_GettingStartedwithWindows8.exe
2015-06-14 08:10:21	7A1DC920D662880F6EF8A34E21E010B0	30424	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_US.exe
2015-06-14 08:10:21	698BA1D64B2C178B7069B2D1E0F35A7D	29400	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe
2015-06-14 08:10:21	66FB3AA3F14E3D59567FEA3D22085321	28160	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_GuestAccount_V2.exe
2015-06-14 08:10:21	5606EFA83C850AB210C38A1C3AE886AE	28888	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BeforeUpgradingToWin81.exe
2015-06-14 08:10:21	5288FEC36ADB27C8A24623F6DB8858B8	72920	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_toastNotify.exe
2015-06-14 08:10:21	19EDB8286BC6AB0229CF073036A65145	31744	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_A.exe
2015-06-13 08:42:52	F0EE0FE6CC055FCEBE2B417D6ACAEF57	5239920	----a-w-	C:\Users\willy\Downloads\ParetoLogic PC Health Advisor_nl.exe
2015-06-11 14:39:30	22A8F472D63B2851F17AAE88C7CC1FDB	130360	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\Tools\UninstallHPSA.exe
2015-06-11 14:20:09	093D0EDD5FA559EC0C711C0B9569D673	37602760	----a-w-	C:\Users\willy\Downloads\sp68201 (1).exe
2015-06-10 16:51:58	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1927741247-2299308354-3686797543-1001\$R4MV13U.exe
2015-06-09 20:35:38	41CB698F967B4D9F2580EA2A21A5A710	107320	----a-w-	C:\Windows\Temp\{C63341F2-906C-4C5A-8824-951AE32B76C9}\ISBEW64.exe
2015-06-09 20:33:52	7A79D02EDC9EB290F5BBD681D276A5E0	31616	----a-w-	C:\ProgramData\Hewlett-Packard\Resource.exe
2015-06-09 20:33:52	4541335F712FBB52BA6A9FB593F77E76	74808	----a-w-	C:\ProgramData\Hewlett-Packard\HPHelpUpdater.exe
2015-06-09 20:33:52	22A8F472D63B2851F17AAE88C7CC1FDB	130360	------w-	C:\ProgramData\Hewlett-Packard\UninstallHPSA.exe
2015-06-09 20:33:27	22A8F472D63B2851F17AAE88C7CC1FDB	130360	----a-w-	C:\Windows\Temp\UninstallHPSA.exe
2015-06-09 20:18:07	093D0EDD5FA559EC0C711C0B9569D673	37602760	----a-w-	C:\Users\willy\Downloads\sp68201.exe
=== C: other files ==
2015-06-16 08:03:48	2E04BDD813B3A18158F9916AF4210734	5120	----a-r-	C:\$WINDOWS.~BT\Sources\nxquery.sys
2015-06-14 08:12:43	F8A8F4E77399C5275713575F5676C770	133660	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\nl-NL\hcsolutions.zip
2015-06-14 08:11:55	873B20E6F65278D9953C1A1A09798F47	1305233	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guidAcheck.zip
2015-06-14 08:10:26	C8ABF9AB892A129BD0EBA621B9478564	2161702	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\resources\guid.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1927741247-2299308354-3686797543-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX410 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\Users\willy\AppData\Local\Temp\E_S4946.tmp /EF HKCU"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"OneDrive"="C:\Users\willy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BATINDICATOR"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe"
"BATINDICATORHL"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe"
"OSDTool"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe"
"FromDocToPDF EPM Support"="C:\PROGRA~2\FROMDO~2\bar\2.bin\65medint.exe T8EPMSUP.DLL,S"
"FromDocToPDF AppIntegrator 32-bit"="C:\PROGRA~2\FROMDO~2\bar\2.bin\AppIntegrator.exe"
"FromDocToPDF AppIntegrator 64-bit"="C:\PROGRA~2\FROMDO~2\bar\2.bin\AppIntegrator64.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON SX410 Series"="C:\windows\system32\spool\DRIVERS\x64\3\E_IATIFCE.EXE /FU C:\Users\willy\AppData\Local\Temp\E_S4946.tmp /EF HKCU"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"OneDrive"="C:\Users\willy\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="  "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"

==== Startup Folders ======================

2013-03-20 18:21:38	1125	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/05/2015 09:58]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/05/2015 09:58]
C:\windows\tasks\HPCeeScheduleForwilly.job --a-------- [Undetermined Task]
C:\windows\tasks\Start Driver Reviver for WB@willy(logon).job --a-------- C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe []

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\windows\SysNative\tasks\4742" [wscript.exe C:\Users\willy\AppData\Local\Temp\launchie.vbs //B]
"C:\windows\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\windows\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\HPCeeScheduleForwilly" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\windows\SysNative\tasks\Start Driver Reviver for WB@willy(logon)" [C:\Program Files\ReviverSoft\Driver Reviver\DriverReviver.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Opt-in For HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF_Utils.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions ======================

ProfilePath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\5fi8z2ii.default
- FromDocToPDF - %ProfilePath%\extensions\65ffxtbr@FromDocToPDF_65.com
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\willy\AppData\Roaming\TomTom\HOME\Profiles\foh3thd5.default
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================

Profilepath: C:\Users\willy\AppData\Roaming\Mozilla\Firefox\Profiles\5fi8z2ii.default
3A57A288F098188E92C6B0309CBC50B2	- C:\windows\SysWOW64\npmproxy.dll -	Microsoft� Windows� Operating System


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.81

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aaaaojmikegpiepcfdkkjaplodkpfmlo - No path found[]

Google Slides - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Bookmark Manager - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Google Wallet - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - willy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Slides - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
AdBlock - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - willy_2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\willy\AppData\Local\Google\Chrome\User Data\Default\Preferences
F56908D4DBFD0BDA971E795049E607471B55AFAF21EB645C0487D379C"},"default_search_provider_data":{"template_url_data":"C89827DD4B9200D9519815AC3A9FC3AA70A99A992EF9DFB61EDA28A582F5B008"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"F02620A95272C6094DAB8343C70DFEA10B335F9FE58D6DDD28AAE84A54AAD328","ahfgeienlihckogmohjhadlkjgocpleb":"3288A1A8276CDE2CCD00F32767BEDA48EBAF2FEF3D830BE11B7750A2DD71EBB1","aohghmighlieiainnegkcijnfilokake":"3F6EC1C38E408897A7CF40560A4BD7C6EDD9C8645E7CA85377A36784F35CA95D","apdfllckaahabafndbhieahigkjlhalf":"0346E405ACAFC0050A758FCCF4FE75A27BD4FDB67293D2B7D02A3CABD60FEE67","bepbmhgboaologfdajaanbcjmnhjmhfn":"6CAB14DD63674DF5557FFA73DD8ECC89D898CEDC615ECF6772A57B3EBC91C460","blpcfgokakmgnkcojhhkbfbldkacnbeo":"5D76BC0D62E795A045ADC717E9876A772BC5B3BDE1C4A60708BAA33CA9AA2AA1","coobgpohoikkiipiblmjeljniedjpjpf":"B3940967379D9727943BC7EA36A7AB1A9F7180E49B5C07FD473B87FEBBCF427D","eemcgdkfndhakfknompkggombfjjjeno":"54AF2A124C1140B1F9A08E76CDEABB756BE95E9FD1E2DC21E6E0964E216FBC74","ennkphjdgehloodpbhlhldgbnhmacadg":"9931D398C85D5747B42F85FA7B1DF5105BDEA9389BBCA08B17BF5E8371696DC8","felcaaldnbdncclmgdcncolpebgiejap":"C8C687A535E9E04544DEAA1BAAD4C3000969D95F667ACD2CFF5B87B0D625995F","gfdkimpbcpahaombhbimeihdjnejgicl":"029F5A5680D08C02DA0E7174803F91723D558F26CF683ECCA8976D7A4CF84F59","gmlllbghnfkpflemihljekbapjopfjik":"D686565FCCF3E2C9A7BE71570944BE1385193DEB1AF95DA07D90119C47815DFF","kmendfapggjehodndflmmgagdbamhnfd":"3EDECE60A95975F81AE5EE51764C34BD6C151D6169A2A5D4489AA9A21A08E894","mfehgcgbbipciphmccgaenjidiccnmng":"BBE2DB3ED422652912B39AC56F4642C1156EF7D94DBFF2E2002392F042E4FB60","mgndgikekgjfcpckkfioiadnlibdjbkf":"36B321D25D7A80FC5FEB0E440CB74C69F7C2EE9918D7D67F45158EDB37A5873A","mhjfbmdgcfjbbpaeojofohoefgiehjai":"3C7B454D1E8A761174DAEF130A9E9BF4DA20AC5C8C77BB662E428A69B6E6708E","neajdppkdcdipfabeoofebfddakdcjhd":"CFF882DB26A5E519B43A018E28356056722CD1C8E73DE1BFED91902B18D0CBCB","nkeimhogjdpnpccoofpliimaahmaaome":"464066343D928ADE9BD1E6379B6637C4FECA9AF01EAD92F0074A137AA89E8084","nmmhkkegccagdldgiimedpiccmgmieda":"2567A48C351C35AA8265A2BEE9C3EBF17097C826AF21AF3D5E28BEC5A609A941","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"682E8D987C066DDA7A70A612F8BAE278B78D1809FCDBC51624206EB1FAFD0D18","pjkljhegncpnkpknbcohdijeoejaedia":"8680BB0F635CBB4C34C3A856624EED1BE6B210C8986FE710071B677FA2E9C44B"}},"google":{"services":{"last_username":"0B053509965ED52F13B639E202C71FE3498D3F4C63B7E4EA18C0C17A08FA289B","username":"49FCF71BC4570E7DA4D707F3534A1B2B5BD2D0D99843A319C77E728DDDDA0E74"}},"homepage":"8B2353889371CC41DE55B5E2228A2D477AF62AC221F705FDFB50F97C48BBCC09","homepage_is_newtabpage":"211DFB672101A11ED97C9C77715F9480C9B7D61332F9596A46D47A4756C2D60A","pinned_tabs":"2A4274C713FF135550092143B576B6118B0863C196DD4CC2518A2626FEDED9CF","prefs":{"preference_reset_time":"D863071DBA6CC6538EBE50EDF8915475E487C59B833605A43193B943282CFA13"},"profile":{"reset_prompt_memento":"A4EB37387FA0289BC5B9FF938632A2E00B2D4DF1BCB914CA817A574EDD478ECD"},"safebrowsing":{"incidents_sent":"6656D73D496969F09DF34C2F787C676D01B11F622985CCE5CB830C8DBDCE3DF4"},"search_provider_overrides":"097FB4DAD6E97FE6C003734E0E08008AAD8E3695525AD4E570D23C42BDB57809","session":{"restore_on_startup":"4F901C5DB49420C0F1E75C66DE71ED728144B75507429A571B9223460A052663","startup_urls":"E6A6359EE5016D4A15292F1E8C8BF36FD861653A525B3F748B25E4B8D8717B6F"},"software_reporter":{"prompt_reason":"2EEAB5487AB4E469C2EF8FA97A166F79CCE9CEAC32BE32D119CE4641258D7E01","prompt_seed":"EE6602658CB4481195FAA83E3A9E94A04DD2728167F446AFEFF225CD2FF824BC","prompt_version":"1F1C5916DEB5E6BE45AC36049445486EA10B214BE49ABF4C111BF50341ABF3EF"},"sync":{"remaining_rollback_tries":"C3E3E6CC86225418F09BDBCCB89487C978AE9C142FFF0BB2408712EB23908E80"}},"super_mac":"08F845643B9B9E83EFB10A96691DE510CC48EE3E2719232A410B2C8952E19CB4"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com"]}}


==== C:\zoek_backup content ======================

C:\zoek_backup (files=169 folders=31 74130740 bytes)

==== EOF on di 16/06/2015 at 11:27:48,50 ======================