
Zoek.exe v5.0.0.0 Updated 31-January-2014
Tool run by Aniek on wo 05/02/2014 at 20:40:20,68.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Aniek\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

5/02/2014 20:43:17 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Square Enix deleted successfully
C:\ProgramData\Oracle deleted successfully
C:\Users\Aniek\AppData\Roaming\Media Player Classic deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\4ppd8fur.default-1384886209254

user.js not found
---- Lines crossrider removed from prefs.js ----
user_pref("extensions.crossrider.bic", "143a282c8713d4f2af94df721f35ec28");
---- Lines ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918 removed from prefs.js ----
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.active", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.addressbar", "NA");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.addressbarenhanced", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb.was_copied", "true");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb_dbWasSet", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb.was_copied", "true");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb_dbWasSet", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.backgroundver", 2);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.certdomaininstaller", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.changeprevious", false);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie._GPL_aoi.value", "%221391369913%22");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie._GPL_parent_zoneid.expiration", "Fri Feb 
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie._GPL_parent_zoneid.value", "%22509551%22"
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.iframe-exists.expiration", "Fri Feb 01 20
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.iframe-exists.value", "true");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallationTime.value", "%221390000768%2
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallerParams.expiration", "Fri Feb 01 
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.cookie.jw_token.value", "%22c3f28211-acbd-877b-e
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.description", "Turn YouTube videos to High Defin
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.domain", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.enablesearch", false);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.homepage", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.iframe", false);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.InstallationThankYouPage", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.InstallationTime", 1390000768);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__first_daily_report_run__.expiration
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__first_daily_report_run__.value", "1
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__last_daily_report__.expiration", "F
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.__last_daily_report__.value", "139155
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb._country_code_.expiration", "Fri Feb 
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb._country_code_.value", "%22BE%22");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_appVer.value", "87");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_meta.expiration", "Fri Feb 
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_nextCheck.expiration", "Wed
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_remote_resources.expiration
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.lastDailyReport", "1391610744387");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.lastUpdate", "1391610742781");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.manifesturl", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.name", "Plus-HD-4.9");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.newtab", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.opensearch", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.pluginsversion", 81);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.publisher", "Plus HD");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.searchstatus", 0);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.setnewtab", false);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.thankyou", "");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.updateinterval", 360);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.45918.ver", 87);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.apps", "45918");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.bic", "143a282c8713d4f2af94df721f35ec28");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.cid", 45918);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.FilesValidatorDueTime", "1391618238680");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.firstrun", false);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.hadappinstalled", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.installationdate", 1390000917);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.modetype", "production");
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.reportInstall", true);
user_pref("extensions.ad019febeeb2b4057a3f27def88f2c9cd1cced8ec0ffe43eab4b2fbce5de8e9a4com45918.statsDailyCounter", 39);
---- FireFox user.js and prefs.js backups ---- 

prefs_20140502_2053_.backup

ProfilePath: C:\Users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\hfgsat3o.default-1383349610972

---- FireFox user.js and prefs.js backups ---- 

user_20140502_2053_.backup
prefs_20140502_2053_.backup

==== Deleting Files \ Folders ======================

C:\Users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\4ppd8fur.default-1384886209254\extensions\d019febe-eb2b-4057-a3f2-7def88f2c9cd@1cced8ec-0ffe-43ea-b4b2-fbce5de8e9a4.com deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Aniek\AppData\Local\Temp ====
2014-02-03 16:24:37	A210F1AC135E5331C314CE5F394FB5A5	413276	----a-w-	C:\Users\Aniek\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
====== Java Cache =====
2014-01-08 18:23:19	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Aniek\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-345cad1a
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-01-15 11:40:17	FFA06EF43987ED0DD42AD59B260C0C78	7808	----a-w-	C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 11:40:17	DD253AFC3BC6CBA412342DE60C3647F3	30720	----a-w-	C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 11:40:17	DCA68B0943D6FA415F0C56C92158A83A	99840	----a-w-	C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 11:40:17	8D1196CFBB223621F2C67D45710F25BA	343040	----a-w-	C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 11:40:17	765A92D428A8DB88B960DA5A8D6089DC	25600	----a-w-	C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 11:40:17	18A85013A3E0F7E1755365D287443965	53248	----a-w-	C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 11:40:17	12FEB33791920678F8433701C822BCFD	325120	----a-w-	C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 11:40:15	3555BA97171CD153118F73FDCCC8BFDE	376768	----a-w-	C:\Windows\Sysnative\drivers\netio.sys
2014-01-10 11:24:05	2E334C10BFAB37BDF2A66F6E0D36C061	32544	----a-w-	C:\Windows\Sysnative\drivers\nvpciflt.sys
2014-01-10 11:24:05	0218E1CE8F7B5D404980192B9112D03A	12645664	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2014-01-09 00:16:41	09216A70CC364D0974F606F6F2109210	39200	----a-w-	C:\Windows\Sysnative\drivers\nvvad64v.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-01-18 00:58:20	--------	d-----w-	C:\Program Files\WinZip
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Aniek\AppData\Roaming ======
2014-01-29 21:50:35	--------	d-----w-	C:\Users\Aniek\AppData\Roaming\dvdcss
2014-01-18 00:58:54	--------	d-----w-	C:\Users\Aniek\AppData\Local\WinZip
2014-01-09 00:17:34	--------	d-----w-	C:\Users\Aniek\AppData\Local\NVIDIA Corporation
====== C:\Users\Aniek ======
2014-02-04 19:33:08	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Aniek\Downloads\RSITx64.exe
2014-01-18 21:28:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-01-18 00:58:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-01-18 00:58:22	--------	d-----w-	C:\ProgramData\WinZip

====== C: exe-files ==
2014-02-05 18:35:15	288B79850036690E024EA1334483815F	364880	----a-w-	C:\Users\Aniek\AppData\Local\NVIDIA\NvBackend\Packages\000057b6\updatus.17778707_RUNASUSER.exe
2014-02-04 19:33:08	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Aniek\Downloads\RSITx64.exe
2014-02-04 18:34:21	EFBB12554A646E87E72B65C1621E8877	3238136	----a-w-	C:\Users\Aniek\AppData\Local\NVIDIA\NvBackend\Packages\000057aa\DAO.17777837.exe
2014-01-31 18:30:14	C2F12B0F6B1BCE79CC2ACD749E80F74C	3199520	----a-w-	C:\Users\Aniek\AppData\Local\NVIDIA\NvBackend\Packages\0000578e\DAO.17749621.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2009323125-696042402-3659181839-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"uTorrent"="C:\Users\Aniek\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"
"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"Remote Control Server"="C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe"
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
"Akamai NetSession Interface"="C:\Users\Aniek\AppData\Local\Akamai\netsession_win.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HotkeyApp"="C:\Program Files (x86)\Launch Manager\HotkeyApp.exe"
"LMgrVolOSD"="C:\Program Files (x86)\Launch Manager\OSD.exe"
"Wbutton"="C:\Program Files (x86)\Launch Manager\Wbutton.exe"
"CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
"Dolby Advanced Audio v2"="C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe -autostart"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Aeria Ignite"="C:\Program Files (x86)\Aeria Games\Ignite\aeriaignite.exe silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"uTorrent"="C:\Users\Aniek\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"Xvid"="C:\Program Files (x86)\Xvid\CheckUpdate.exe"
"Pando Media Booster"="C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe"
"Remote Control Server"="C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe"
"DAEMON Tools Ultra Agent"="C:\Program Files (x86)\DAEMON Tools Ultra\DTAgent.exe -autorun"
"Akamai NetSession Interface"="C:\Users\Aniek\AppData\Local\Akamai\netsession_win.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"FAHConsole"="C:\Program Files\File Association Helper\FAHConsole.exe"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\irMonitor" [C:\Windows\system32"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [28/01/2014 12:43]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\4ppd8fur.default-1384886209254
FD6ACD9D85177259D442A0C4AC15F7B8	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll -	Shockwave Flash
517021D1BCA1962ABF09099014A7D87D	- C:\Windows\system32\npOGPPlugin.dll -	OGPlanet Game Plugin
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\system32\npmproxy.dll -	Microsoft� Windows� Operating System

Profilepath: C:\Users\Aniek\AppData\Roaming\Mozilla\Firefox\Profiles\hfgsat3o.default-1383349610972
517021D1BCA1962ABF09099014A7D87D	- C:\Windows\system32\npOGPPlugin.dll -	OGPlanet Game Plugin
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\system32\npmproxy.dll -	Microsoft� Windows� Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28/01/2014 12:42]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
"Default_Page_URL"="http://www.aldi.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6EE5917C-17A7-4AC2-BE92-82146E605680}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{6EE5917C-17A7-4AC2-BE92-82146E605680} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MDNE_enDE393"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Aniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Aniek\AppData\Local\Mozilla\Firefox\Profiles\4ppd8fur.default-1384886209254\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1965 folders=358 253475893 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Users\Aniek\AppData\Local\Temp  will be emptied at reboot
C:\Windows\Temp will be emptied at reboot