
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Leon on do 04/02/2016 at 17:29:01,07.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: E:\Users\Leon\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

4/02/2016 17:33:25 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Probit Software deleted successfully
C:\PROGRA~2\TomTom DesktopSuite deleted successfully
C:\PROGRA~2\COMMON~1\Sony Shared deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\Common Files\Sony Shared deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Leon\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Leon\AppData\Local\EmieSiteList deleted successfully
C:\Users\Leon\AppData\Local\EmieUserList deleted successfully
C:\Users\Leon\AppData\Local\MediaShow deleted successfully
C:\Users\Leon\AppData\Local\NetworkTiles deleted successfully
C:\Users\Leon\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{827AD177-88F9-403C-A49D-724068ED64CE} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{827AD177-88F9-403C-A49D-724068ED64CE} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{827AD177-88F9-403C-A49D-724068ED64CE} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PrivoxyService deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft Windows\CurrentVersion\Run] 
""=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Probit Software not found
C:\PROGRA~2\TomTom DesktopSuite not found
C:\PROGRA~3\GJxfsf deleted
C:\PROGRA~3\TVWizard deleted
C:\PROGRA~2\Internet Download Manager deleted
C:\Program Files (x86)\Gamma Task Menager deleted
C:\PROGRA~3\{085d3974-b1e0-8aff-085d-d3974b1ee5d2} deleted
C:\PROGRA~2\DriverFinder deleted
C:\stat_log deleted
C:\PROGRA~3\Radio deleted
C:\PROGRA~3\Browser deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\WINDOWS\Tasks\SpeedUpMyPC Maintenance.job deleted
C:\WINDOWS\Tasks\SpeedUpMyPC Startup.job deleted
C:\WINDOWS\Tasks\SpeedUpMyPC Subscription.job deleted
C:\windows\SysNative\Tasks\SpeedUpMyPC Maintenance deleted
C:\windows\SysNative\Tasks\SpeedUpMyPC Startup deleted
C:\windows\SysNative\Tasks\SpeedUpMyPC Subscription deleted
C:\WINDOWS\performersoftsetup.dll deleted
C:\windows\SysNative\tasks\LaunchPreSignup deleted
C:\WINDOWS\tasks\PC-Mechanic Maintenance.job deleted
C:\WINDOWS\tasks\PC-Mechanic Startup.job deleted
C:\WINDOWS\tasks\PC-Mechanic Subscription.job deleted
C:\windows\SysNative\tasks\PC-Mechanic Maintenance deleted
C:\windows\SysNative\tasks\PC-Mechanic Startup deleted
C:\windows\SysNative\tasks\PC-Mechanic Subscription deleted
C:\windows\SysNative\tasks\Easy Driver Pro Schedule deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\Public\Desktop\Free YouTube Downloader.lnk deleted
C:\Users\Leon\Desktop\MixVideoPlayer.lnk deleted
"C:\Users\Leon\AppData\Roaming\rmi" deleted
"C:\Users\Leon\AppData\Roaming\Vso" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Leon\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2016-02-04 16:25:19	8AC18C590096372475734483A65CA748	16148	----a-w-	C:\WINDOWS\Sysnative\HP_Leon_HistoryPrediction.bin
====== C:\WINDOWS\Sysnative\drivers =====
2016-01-12 07:55:18	3701D3BF4AC12EAACB1F58847C1D32FC	23568	----a-w-	C:\WINDOWS\Sysnative\drivers\bdelam.sys
2016-01-12 07:55:17	D8FAF7CFBC81E5E15CA7A7EC8EE1B409	87912	----a-w-	C:\WINDOWS\Sysnative\drivers\bdvedisk.sys
2016-01-12 07:55:17	CCF9DED019BAD2701F39A140FC4D6C44	1600512	----a-w-	C:\WINDOWS\Sysnative\drivers\avc3.sys
2016-01-12 07:55:17	4D3ADB9A6B623D332F0D0ED39613BB04	775424	----a-w-	C:\WINDOWS\Sysnative\drivers\avckf.sys
2016-01-12 07:55:17	3FC014DABD685F8958C89EAA35D77368	282000	----a-w-	C:\WINDOWS\Sysnative\drivers\avchv.sys
2016-01-12 07:55:16	4C59075BBFB767693186FF45B83FD7F4	271808	----a-w-	C:\WINDOWS\Sysnative\drivers\ignis.sys
2016-01-12 07:54:33	06BFA49C4D999E93E214DB4E8044DE0B	160032	----a-w-	C:\WINDOWS\Sysnative\drivers\gzflt.sys
2016-01-12 07:54:32	FE3D70DE933A481284FCE7D5DB5DCE50	477272	----a-w-	C:\WINDOWS\Sysnative\drivers\trufos.sys
====== C:\WINDOWS\Tasks ======
2016-02-02 22:21:34	856A76C0DCFDA6CC36E9E55472B761E8	3390	----a-w-	C:\WINDOWS\Sysnative\Tasks\Windows Defrag
2016-01-12 07:41:08	FD8222597749CBA24B91C9C81499E7AA	3794	----a-w-	C:\WINDOWS\Sysnative\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-02-03 10:37:31	--------	d-----w-	C:\Program Files\trend micro
2016-01-12 07:54:32	--------	d-----w-	C:\Program Files\Bitdefender
2016-01-12 07:37:26	--------	d-----w-	C:\Program Files\Bitdefender Agent
======= C:\PROGRA~2 =====
2016-01-12 16:09:53	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Leon\AppData\Roaming ======
2016-01-19 15:35:45	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\CrashDumps
2016-01-19 11:09:23	--------	d-----w-	C:\Users\Leon\AppData\Temp
2016-01-12 08:13:46	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps
====== C:\Users\Leon ======
2016-01-12 16:09:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2016-01-12 07:55:45	449FE6F162ECF2A1BDD9F490534670B8	25185	----a-w-	C:\ProgramData\1452585344.bdinstall.bin
2016-01-12 07:55:43	C4005631FBBC555D927FC99EFFE4DB9E	394323	----a-w-	C:\ProgramData\1452585266.bdinstall.bin
2016-01-12 07:55:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2016
2016-01-12 07:54:33	--------	d-----w-	C:\ProgramData\Bitdefender
2016-01-12 07:37:26	--------	d-----w-	C:\ProgramData\Bitdefender Agent

====== C: exe-files ==
2016-02-04 09:13:12	9B4848935FD866FE7A990335A533D69C	47299200	----a-w-	C:\Users\Leon\AppData\Local\Temp\SkypeSetup.exe
2016-02-04 09:10:05	4DA42FB0A8294C9FBD52B0EF2EA9EE07	146888	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2016-02-03 17:08:13	032FF8B6462FE8188B9E36D8226253F9	604096	----a-w-	C:\Users\Leon\AppData\Local\NVIDIA\NvBackend\Packages\000085c3\CoProc update.20405770.exe
2016-02-03 17:08:09	500E8E33387214E62FFD66524D4E9C5B	7198496	----a-w-	C:\Users\Leon\AppData\Local\NVIDIA\NvBackend\Packages\000085b9\DAO.20402169.exe
2016-02-03 10:37:36	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Leon.exe
2016-02-03 08:27:56	F293B373A655686501203FBE09D4F23F	336896	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD76A5.tmp.1454488074_permissionsCopy\updates\7.9.5_41373\utorrentie.exe
2016-02-03 08:27:56	8FE478638E87F790EF1BBE01BD60D22C	1873952	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD76A5.tmp.1454488074_permissionsCopy\updates\7.9.5_41373.exe
2016-02-03 08:27:56	8FE478638E87F790EF1BBE01BD60D22C	1873952	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD76A5.tmp.1454488074_permissionsCopy\BitTorrent.exe
2016-02-03 08:25:50	C355D12FA264B22BA44FC67323EBE819	2026520	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.5_41372.exe
2016-02-03 08:25:50	808080AF2137CBDAEFD501A866335586	1739088	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.2_38913.exe
2016-02-03 08:25:50	65066A6E15E60A707E587005E4DDA398	2065944	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.5_41712.exe
2016-02-03 08:25:50	55F5FF4E4BD359CB8D44787DFD945855	335872	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.5_41712\utorrentie.exe
2016-02-03 08:25:50	432F4E8794A2EA8A64E4C75EA80B790E	1694560	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.3_40298.exe
2016-02-03 08:25:50	233B5852363BFB41D73D219FA8528AF4	336896	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\updates\3.4.5_41372\utorrentie.exe
2016-02-03 08:25:49	65066A6E15E60A707E587005E4DDA398	2065944	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947_permissionsCopy\uTorrent.exe
2016-02-02 22:22:01	B0F64A7CFE09140C7B8DD2CF768A670D	1900344	----a-w-	C:\Users\Leon\AppData\Local\Temp\C231.tmp.exe
2016-02-02 22:21:59	060ACE9C95FFFB672887D4C226E2A704	212776	----a-w-	C:\Users\Leon\AppData\Local\Temp\B975.tmp.exe
2016-02-02 22:21:34	B0F64A7CFE09140C7B8DD2CF768A670D	1900344	----a-w-	C:\Users\Leon\AppData\Local\Temp\58D8.tmp.exe
2016-02-02 22:21:32	060ACE9C95FFFB672887D4C226E2A704	212776	----a-w-	C:\Users\Leon\AppData\Local\Temp\4BA8.tmp.exe
2016-02-02 14:57:38	71FEDBB7A777B6940983B38C870769E7	630200	----a-w-	C:\Users\Leon\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2016-02-02 14:57:36	6B968E7D129D3C8FD80B02B477F3D3A2	172984	----a-w-	C:\Users\Leon\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2016-02-02 13:54:12	6C3E6E87734F76A31DB12B8942A7F1D3	601840	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
2016-02-02 01:30:46	F27D8156A819E8D1BD02815E07093A33	50605696	----a-r-	C:\Program Files (x86)\Skype\Phone\Skype.exe
=== C: other files ==
2016-02-03 08:27:57	53A02613355AFED66D9B951EDEA7E04B	2192061	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD81A2.tmp.1454488077\HTA\install.1454488077.zip
2016-02-03 08:27:54	53A02613355AFED66D9B951EDEA7E04B	2192061	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD76A5.tmp.1454488074\HTA\install.1454488074.zip
2016-02-03 08:25:51	53A02613355AFED66D9B951EDEA7E04B	2192061	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD94C6.tmp.1454487951\HTA\install.1454487951.zip
2016-02-03 08:25:47	53A02613355AFED66D9B951EDEA7E04B	2192061	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYD864F.tmp.1454487947\HTA\install.1454487947.zip
2016-02-02 22:17:36	53A02613355AFED66D9B951EDEA7E04B	2192061	----a-w-	C:\Users\Leon\AppData\Local\Temp\HYDB786.tmp.1454451456\HTA\install.1454451456.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"OneDrive"="C:\Users\Leon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe"
"AcronisTibMounterMonitor"="C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe"
"ControlCenter4"="C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun"
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"BrHelp"="C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN"
"PMBVolumeWatcher"="E:\PlayMemories Home\PMBVolumeWatcher.exe /SysAutoRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdwtxag.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"OneDrive"="C:\Users\Leon\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\HPSmplPass.exe /hideui"
"OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\windows\system32\rundll32.exe C:\windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe"
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender 2016\bdagent.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\0289101421707176mcinstcleanup]


==== Startup Folders ======================

2016-02-03 15:39:27	1686	--sha-w-	C:\Users\Leon\AppData\Roaming\Microsoft\LastFlashConfig.wfc

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25/01/2016 06:38]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2015 10:55]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore1d0905c18dc6680.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2015 10:55]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2015 10:55]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA1d0905c19c86de3.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/04/2015 10:55]
C:\WINDOWS\tasks\HPCeeScheduleForLeon.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" [C:\Program Files\Bitdefender Agent\WatchDog.exe]
"C:\WINDOWS\SysNative\tasks\Bitdefender Update Product Data_A17FD818A96743FAB28AC221BEB4B2C8" [E:\Bitdefender\Bitdefender 2015\bdproductdata.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\WINDOWS\SysNative\tasks\CLVDLauncher" [c:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore1d0905c18dc6680" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA1d0905c19c86de3" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForLeon" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\SpyHunter4Startup" ["C:\Program Files\Enigma Software Group\SpyHunter\Spyhunter4.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{3A97AB66-9B22-4495-A10B-48179D2EECF6}" [C:\windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Windows Defrag" [C:\Users\Leon\AppData\Roaming\Windows Defrag\Windows Defrag.exe]
"C:\WINDOWS\SysNative\tasks\{368C40FD-9976-4FB5-A86F-0843F6889A21}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\{78274D75-974E-440D-A2F3-139740DBEABC}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\cquhmxf8.default-1454514663315
user_pref("browser.startup.homepage", "hln.be");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff" [16/12/2015 19:29]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"bdwteffv20@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender 2016\antispam32\bdwteff" [16/12/2015 19:29]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Leon\AppData\Roaming\TomTom\HOME\Profiles\492um0yd.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\cquhmxf8.default-1454514663315
F4C5E12008B713FE1B2F2A5990F00A43	- C:\windows\SysWOW64\Adobe\Director\np32dsw_1218158.dll -	Shockwave for Director / Shockwave for Director
A107920551356DAEE665F0884F34D2D7	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhhejlifdlcgcmogbggeomfodgklfaem - No path found[]
fabcmochhfpldjekobfaaggijgohadih - No path found[]

Google Slides - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bitdefender Wallet - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhhejlifdlcgcmogbggeomfodgklfaem
Bitdefender Wallet - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\fabcmochhfpldjekobfaaggijgohadih
Google Sheets - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
HKCU\SearchScopes "DefaultScope"="{a8177b71-ee19-4e0f-b2f9-02d533eb946D}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{a8177b71-ee19-4e0f-b2f9-02d533eb946D} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{15B851AF-A4B9-43EF-97D3-28E1B4A5DB9B} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1902485B-CE75-42C1-BA2D-57E660793D9A} deleted successfully
HKEY_USERS\S-1-5-21-2383151877-100078388-2285900834-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0DACC63-037F-46EE-AC02-E4C7B0FBFEB4} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\quick_searchff@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\sweetsearch@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\bdwteff@bitdefender.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leon\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Leon\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Leon\AppData\Local\Mozilla\Firefox\Profiles\cquhmxf8.default-1454514663315\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=82 folders=46 97230510 bytes)

==== Empty Temp Folders ======================

C:\Users\Leon\AppData\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Leon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 04/02/2016 at 18:33:37,11 ======================