
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Wijna on vr 05-02-2016 at 22:45:55,42.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Wijna\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

5-2-2016 22:49:04 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\Users\Wijna\AppData\Local\CutePDF Writer deleted successfully
C:\Users\Wijna\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Popcorn Time deleted
C:\extensions deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Wijna\AppData\Local\Software deleted
C:\Users\Wijna\AppData\LocalLow\Unity deleted
C:\Windows\wininit.ini deleted
"C:\Users\Wijna\AppData\Roaming\Kodi" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-02-03 16:06:11	9A4721C52C4746019879D9F8033DCA00	52184	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Wijna\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-02-05 21:40:38	2DBF8994FEB3884119B44095477FE080	97888	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-02-03 16:06:37	CBE6A51D10DA701BAFF2729EAD1BAC6B	398152	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2016-02-03 16:07:17	AECE9E699CAC76DC993BB988652B5AD8	37144	----a-w-	C:\Windows\Sysnative\drivers\aswKbd.sys
2016-02-03 16:07:17	2F6ABF6376803BAB4E9F4E7D8E2FF84F	154024	----a-w-	C:\Windows\Sysnative\drivers\ngvss.sys
====== C:\Windows\Tasks ======
2016-02-03 17:07:57	EF2FEEC16598E20C1BD747D4DE501EDC	3048	----a-w-	C:\Windows\Sysnative\Tasks\SafeZone scheduled Autoupdate 1454519276
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2016-02-05 21:41:22	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Wijna\AppData\Roaming ======
====== C:\Users\Wijna ======
2016-02-05 21:40:36	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-05 21:25:35	FFF4F6F8511D34CF5C2D0F9086C44A46	735328	----a-w-	C:\Users\Wijna\Downloads\jxpiinstall.exe
2016-02-05 06:50:48	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wijna\Downloads\RSITx64.exe

====== C: exe-files ==
2016-02-05 21:40:39	5B98DCE4893425BA4F08C2BE134CABE5	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2016-02-05 21:40:39	249C1C8BD8AC9568E5C5A0EC2FB39018	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2016-02-05 21:40:39	2211C51BABE577798343D69F818E25AB	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2016-02-05 21:40:26	DB409F9BD2FA779E75835B1E0FE1181C	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\unpack200.exe
2016-02-05 21:40:26	C84504D069A78BE5E4444EA06AA5E102	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\orbd.exe
2016-02-05 21:40:26	B100697A0837596183F3BBD94448F68E	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\jabswitch.exe
2016-02-05 21:40:26	ABC1BAF673FA608029D45EB6C78E1D04	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\ssvagent.exe
2016-02-05 21:40:26	AB6E988F108E2437E65536F3F5550BA2	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\ktab.exe
2016-02-05 21:40:26	A3AA0A0935506C7ECA6EF2F584CD416F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\policytool.exe
2016-02-05 21:40:26	8BD1E7120713F9581645D5FDD14B8D25	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmid.exe
2016-02-05 21:40:26	876744373E18627410A9F23C348C5D9E	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\jp2launcher.exe
2016-02-05 21:40:26	6ABADA3CA8DC4AC2AFDA69A6836C362F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\pack200.exe
2016-02-05 21:40:26	66550F1F363BC66AFD9A530AD8CB6570	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\kinit.exe
2016-02-05 21:40:26	5B98DCE4893425BA4F08C2BE134CABE5	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaw.exe
2016-02-05 21:40:26	4383D5735FD7743D01AD04E9AAD1D6CF	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\keytool.exe
2016-02-05 21:40:26	3B74EE580794FCBDE389639E9D8ECEFB	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\rmiregistry.exe
2016-02-05 21:40:26	328A57535A2B74C924FA34DD29039E9D	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\java-rmi.exe
2016-02-05 21:40:26	2942578781EFB763366176C015F09ACD	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\tnameserv.exe
2016-02-05 21:40:26	249C1C8BD8AC9568E5C5A0EC2FB39018	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\java.exe
2016-02-05 21:40:26	237CDD69D6E3866533B402F321A11A4E	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\javacpl.exe
2016-02-05 21:40:26	2211C51BABE577798343D69F818E25AB	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\javaws.exe
2016-02-05 21:40:26	16E2FE80EE89DCCA1907D97E34656E19	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\jjs.exe
2016-02-05 21:40:26	0A7708846A0629D518739075A40DDD06	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\servertool.exe
2016-02-05 21:40:26	04E0265E964D9ECB07B105D456B96982	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\bin\klist.exe
2016-02-05 21:36:44	31657ADA786863B73FAC28E5BD0753AD	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\22426\AdobeARMHelper.exe
2016-02-05 21:25:35	FFF4F6F8511D34CF5C2D0F9086C44A46	735328	----a-w-	C:\Users\Wijna\Downloads\jxpiinstall.exe
2016-02-05 06:50:48	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Wijna\Downloads\RSITx64.exe
2016-02-03 23:57:55	31657ADA786863B73FAC28E5BD0753AD	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\10088\AdobeARMHelper.exe
2016-02-03 17:08:27	31657ADA786863B73FAC28E5BD0753AD	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\28163\AdobeARMHelper.exe
2016-02-01 16:16:43	31657ADA786863B73FAC28E5BD0753AD	382168	----a-w-	C:\ProgramData\Adobe\ARM\S\10791\AdobeARMHelper.exe
=== C: other files ==
2016-02-05 21:40:26	EFE4B4EBEBBF14DE84461AFCC281DA12	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_73\lib\deploy\ffjcext.zip
2016-02-04 07:13:40	F443244F0D2EB5D7AC99E0319F26FD27	132696	----a-w-	C:\Windows\System32\vbox\p8fkw9ik.sys
2016-02-04 07:13:40	EA9CF27B5E5768C0A13F7FD2987E4AA9	363440	----a-w-	C:\Windows\System32\vbox\lbp54jcm.sys
2016-02-04 07:13:40	B9718901FAD5FE634F8C9B2D61944492	156928	----a-w-	C:\Windows\System32\vbox\i22hlton.sys
2016-02-04 07:13:40	2D7B897068A84D2871A4A8B5453A3BD7	179040	----a-w-	C:\Windows\System32\vbox\a4ohnu9l.sys
2016-02-04 07:13:40	0D126A171D2BF5236F5C691BE9BE9CF7	358248	----a-w-	C:\Windows\System32\vbox\pym8l6gj.sys
2016-02-03 16:07:17	AECE9E699CAC76DC993BB988652B5AD8	37144	----a-w-	C:\Windows\System32\drivers\aswKbd.sys
2016-02-03 16:07:17	2F6ABF6376803BAB4E9F4E7D8E2FF84F	154024	----a-w-	C:\Windows\System32\drivers\ngvss.sys

==== Orphaned Tasks deleted from Registry ======================

avast Emergency Update deleted
clear.fiMovieService.exe_0601130375 deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Facebook Update"="C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"BingSvc"="C:\Users\Wijna\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-21-3171778365-3289252850-328694927-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"ArcadeMovieService"="C:\Program Files (x86)\Acer\clear.fi\Movie\clear.fiMovieService.exe"
"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Facebook Update"="C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"BingSvc"="C:\Users\Wijna\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\System32\\nvinitx.dll"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Startup Folders ======================

2015-03-23 22:33:01	2337	----a-w-	C:\Users\Wijna\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\eCentral.lnk
2014-09-03 18:03:50	1245	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.exe.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20-01-2016 18:32]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001Core.job --a------ C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe [24-09-2014 09:28]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001UA.job --a------ C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe [24-09-2014 09:28]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001Core" [C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-3171778365-3289252850-328694927-1001UA" [C:\Users\Wijna\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\Windows\SysNative\tasks\SafeZone scheduled Autoupdate 1454519276" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"]
"C:\Windows\SysNative\tasks\AVAST Software\Avast settings backup" [C:\Program Files\Common Files\AV\avast Antivirus\backup.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Wijna\AppData\Roaming\Mozilla\Firefox\Profiles\ymrwxbuf.default-1438939136922
user_pref("browser.startup.homepage", "http://www.google.com/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03-02-2016 17:06]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03-02-2016 17:06]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"MFVersion"="MF39.0 (x86 nl)" []

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Wijna\AppData\Roaming\Mozilla\Firefox\Profiles\ymrwxbuf.default-1438939136922
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
A107920551356DAEE665F0884F34D2D7	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_286.dll -	Shockwave Flash
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\Wijna\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
E3B4EA121F7BDEB0F6366E2BA9608CB5	- C:\Users\Wijna\AppData\Local\Citrix\Plugins\104\npappdetector.dll -	Citrix Online Web Deployment Plugin 1.0.0.104


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[03-02-2016 17:05]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=nl-nl"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.com/?trackid=sp-006"
"Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=SL5M&ocid=SL5MDHP&osmkt=nl-nl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?FORM=SL5MDF&PC=SL5M&q={searchTerms}&src=IE-SearchBox
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wijna\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Wijna\AppData\Local\Mozilla\Firefox\Profiles\ymrwxbuf.default-1438939136922\cache2 emptied successfully
C:\Users\Wijna\AppData\Roaming\Mozilla\Firefox\Profiles\ymrwxbuf.default-1438939136922\storage\default\https+++www.pinterest.com\cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=14116 folders=1098 969560412 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Users\Wijna\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Wijna\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Wijna\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on vr 05-02-2016 at 23:28:32,73 ======================