
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Speedy on ma 28/04/2014 at 10:13:40,21.
Microsoft Windows 8 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Speedy\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

28/04/2014 10:16:35 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Speedy\AppData\Local\HP Quick Start deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511111108} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110511111108} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\SearchScopes\{50F20C28-1474-4037-88DD-92C3AA539FB1} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b} deleted successfully
HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511111108} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511111108} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511111108}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46735dee-f862-49d1-876d-6382794dc625}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] 

==== Deleting Files \ Folders ======================

C:\ProgramData\Wincert deleted
C:\Program Files (x86)\Settings Manager deleted
C:\ProgramData\systemk deleted
C:\PROGRA~2\PHPNukeDU deleted
C:\Users\Speedy\AppData\Roaming\systweak deleted
C:\PROGRA~3\SoundResearch deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Speedy\AppData\LocalLow\DataMngr deleted
C:\Windows\tasks\Plus-HD-8.1-validator.job deleted
C:\windows\SysNative\tasks\Plus-HD-8.1-validator deleted
"C:\Program Files (x86)\Plus-HD-8.1\Plus-HD-8.1-bg.exe" deleted
"C:\PROGRA~2\Plus-HD-8.1\Plus-HD-8.1-bg.exe" deleted
"C:\Program Files (x86)\Plus-HD-8.1" deleted
"C:\PROGRA~2\Plus-HD-8.1" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Speedy\AppData\Local\Temp ====
2014-04-27 05:55:08	BBCDAE65D58D68F1D7719876078D24F7	55168	----a-w-	C:\Users\Speedy\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\Interop.TaskScheduler.dll
2014-04-27 05:55:08	701C65A8DF4B7663FFA4A1032598DFE9	1586392	----a-w-	C:\Users\Speedy\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\HPWarrantyChecker.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-04-23 07:17:19	FA15B8EC5D74FCBEAD5D400D95DD67B3	44032	----a-w-	C:\Windows\SysWOW64\UXInit.dll
2014-04-23 07:17:19	BFDD0C5F3E435596F197F003609989C4	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-04-23 07:17:19	87B775A458A73BB7381E5B67B5652496	39424	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-04-23 07:17:19	717DBE5465A62674DCB3FD3706D2B3E6	1140736	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-04-23 07:17:19	2CD665EF1353721341B789B78E25B3AC	534528	----a-w-	C:\Windows\SysWOW64\uxtheme.dll
2014-04-23 07:17:18	D48A2A3D69423F0B80375783F971F235	13760512	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-04-23 07:17:18	CC0063D95273352BD705EC5C80025051	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-04-23 07:17:18	89986727E56709064C219C8B47A20F82	1766400	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-04-23 07:17:18	517011B4E624200765091E10DE1E3056	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-04-23 07:17:18	3FA7F736B877B46EDF1EE6BE6051848D	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-04-23 07:17:17	ADE7AE4478D5B2095FDE6FAB86B300E6	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-04-23 07:17:17	A7CFDA703AF9AD409DAA521487E0CB53	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2014-04-23 07:17:15	D94B2EFA21F535968DB084A06AD69184	177664	----a-w-	C:\Windows\SysWOW64\WPApi.dll
2014-04-23 07:17:15	9B0768591A8899BE67E05B598E945AB5	153568	----a-w-	C:\Windows\SysWOW64\PavTrc.dll
2014-04-23 07:17:06	4F8C8721C6B80B4921C5F0514D2AC5C4	2049536	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-04-23 07:17:06	07DC124F157B4C07B4E693EB63ED1050	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2014-04-23 07:17:05	831ABFFC06225911BD847E08335D9F9D	2877952	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-04-23 07:17:02	DA90FBE37A73383BD12B472452C543EE	14357504	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-04-23 07:16:49	184272AA46BEAA9C990700051BE869A1	17561088	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-04-23 07:16:42	C9CA8652D3659A7B387BAB2C591CCAE1	485888	----a-w-	C:\Windows\SysWOW64\WSDApi.dll
2014-04-23 07:16:41	4B27341B7B839E61503F0F99DC4D141B	365568	----a-w-	C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-04-23 07:16:41	33B9E17F3B1E6EAD7F7CCEC6B8A37BF1	5092352	----a-w-	C:\Windows\SysWOW64\mstscax.dll
2014-04-23 07:16:40	F4DFD83775C51960CAEDCEC98704E695	564736	----a-w-	C:\Windows\SysWOW64\WSShared.dll
2014-04-23 07:16:40	319959AB944F14C9D0AB38A7112F0E89	143872	----a-w-	C:\Windows\SysWOW64\Windows.ApplicationModel.Store.dll
2014-04-23 07:16:29	BCD38BCC68BAE9585576C5223421229B	974848	----a-w-	C:\Windows\SysWOW64\kernel32.dll
2014-04-23 07:16:29	2789B16FFB127BF3394093E2A1610BE9	666112	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-04-23 07:17:18	F827BD7A09F9FCDF76AB2C3E27650E71	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-04-23 07:17:18	E80F66239BCA6CDECC360CA78CECAE61	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-04-23 07:17:18	CF1B571D1395369CE94D4D5D3B679E26	1365504	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-04-23 07:17:18	AD00E5D3B748150CF1A53A1ABB52E320	53760	----a-w-	C:\Windows\Sysnative\UXInit.dll
2014-04-23 07:17:18	8DDC529CA9B78432A2B98C062E6646D9	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-04-23 07:17:18	0670CF740B9D387451C938EFA6E8DC81	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-04-23 07:17:17	A8F212959F505216737EC281509B8A4A	915968	----a-w-	C:\Windows\Sysnative\uxtheme.dll
2014-04-23 07:17:17	9BFFDF83AC4AC6B6B60F01884219BB50	15404544	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-04-23 07:17:17	547FFE0E4C267FAB1299F2334C728F59	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-04-23 07:17:17	3A417F81D4E4428B9A8B5AA6D07A8244	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-04-23 07:17:17	2B7920C7885AC45FD0E27DD860F095A1	2240000	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-04-23 07:17:16	38BEBBC4CF9FE6566262F0037DF843BF	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2014-04-23 07:17:15	94E846C2FF1876BCEB52BE4AF11D97B5	197600	----a-w-	C:\Windows\Sysnative\PavTrc64.dll
2014-04-23 07:17:15	820078B1E28673CBDCAF4C59FDE7BA29	269312	----a-w-	C:\Windows\Sysnative\WPApi64.dll
2014-04-23 07:17:15	194125E7839D4902F2490A70049E8F78	53248	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-04-23 07:17:15	0DD10F3E989E68FD23930D04965ED0E8	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2014-04-23 07:17:13	4BCADB6D3A03A690EC7F6B8AA7D3C5E4	19273216	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-04-23 07:17:06	AD5DA3B81E7E1BFCBEC52C99504736B8	3959808	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-04-23 07:17:06	06AD334AE44F5566ADF7AB4673F72D16	2648576	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-04-23 07:16:47	B4C5E797CE7E6F815D2020F739DD71F6	19752448	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-04-23 07:16:43	4A145BF2F46167C894F933E0CB9A9D9B	5979648	----a-w-	C:\Windows\Sysnative\mstscax.dll
2014-04-23 07:16:42	A892732A2216DC3B101E2B61F1F465FF	599040	----a-w-	C:\Windows\Sysnative\WSDApi.dll
2014-04-23 07:16:42	A8705398E9A28627FC6EA239DAF3CB08	523264	----a-w-	C:\Windows\Sysnative\XpsGdiConverter.dll
2014-04-23 07:16:41	282CF0FBFE300345945D63F81446B399	690688	----a-w-	C:\Windows\Sysnative\WSShared.dll
2014-04-23 07:16:40	7B5F21E78EC2B7739A9E29FDCED6BCED	209712	----a-w-	C:\Windows\Sysnative\NotificationUI.exe
2014-04-23 07:16:39	110BE5198A63D3FF3CE9C30F1DC12EC3	386722	----a-w-	C:\Windows\Sysnative\ApnDatabase.xml
2014-04-23 07:16:30	8E6F76FC4937DA47F905107757616E1B	1257984	----a-w-	C:\Windows\Sysnative\kernel32.dll
2014-04-23 07:16:30	2B89267ACA222B5BE89F7B0C013B587B	978432	----a-w-	C:\Windows\Sysnative\KernelBase.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-23 07:16:47	B23882881EFD9404B62993906BC38709	2232664	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2014-04-23 07:16:44	7BE3EDFFA3216F989A6BDCB14795DD08	1939288	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2014-04-23 07:16:40	E6530FD4F61B40F338BF4355A21B9A09	278872	----a-w-	C:\Windows\Sysnative\drivers\msiscsi.sys
2014-04-23 07:16:40	431141C6859990824D17F71C30A78728	118784	----a-w-	C:\Windows\Sysnative\drivers\dfsc.sys
2014-04-23 07:16:40	0EF7ABB612F7270DD5ABB7C66F1774AA	332632	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-04-23 11:10:24	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Speedy\AppData\Roaming ======
====== C:\Users\Speedy ======
2014-04-23 11:09:20	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Speedy\Downloads\RSITx64.exe

====== C: exe-files ==
2014-04-28 08:12:45	41DCE932A5B3DD428418F177681ABBE0	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-780575223-888846017-1703796463-1001\$IJ8IUBE.exe
2014-04-28 08:12:31	2ED2319F3DE13495AAA49B70A1467055	1285120	----a-w-	C:\$Recycle.Bin\S-1-5-21-780575223-888846017-1703796463-1001\$RJ8IUBE.exe
2014-04-27 05:55:08	701C65A8DF4B7663FFA4A1032598DFE9	1586392	----a-w-	C:\Users\Speedy\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\HPWarrantyChecker.exe
2014-04-23 11:10:27	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Speedy.exe
2014-04-23 11:09:20	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Speedy\Downloads\RSITx64.exe
2014-04-23 07:17:18	E4F6125ED5185F8FA37CC4F449B85526	770608	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-04-23 07:17:18	407A04BA1AC87A2F40F592191B62F3D0	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-04-23 07:17:17	A48AA87D52D2CC1D5E017A08D2409386	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-04-23 07:17:17	6554208814632C25C77EE02355EB8E95	775216	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-04-23 07:17:17	3A417F81D4E4428B9A8B5AA6D07A8244	51712	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-04-23 07:16:40	7B5F21E78EC2B7739A9E29FDCED6BCED	209712	----a-w-	C:\Windows\System32\NotificationUI.exe
2014-04-23 07:11:28	D4474A8F1545F5EA8910DF0A0BA3B2AA	840400	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2014-04-23 07:11:28	B97A94D50F797EF00614BE4F25A7A631	548536	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\MSOSQM.EXE
2014-04-23 07:11:24	847C42B6D3628881E8DF4B093631519D	78576	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
2014-04-23 07:11:24	49D6E55582897A2D7BE65248603F083E	7129304	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\CMigrate.exe
2014-04-23 07:11:23	1368F38793FD367B450B47FEAEBF2DA2	39584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\AppSharingHookController64.exe
2014-04-23 07:11:21	C8F675B4F7AC2D31A44501F9939CF80A	5297368	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2014-04-23 07:11:20	55237AB507C8351C2DE903FB42BE82A7	9597104	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\PDFREFLOW.EXE
2014-04-23 07:11:19	FEAEB800E5632437644E9D131B9D6098	871088	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2014-04-23 07:11:18	98C21A1E196BBC7DA76B35A8D1DC7B05	471784	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2014-04-23 07:11:09	06F21309A380BC51D5991D3E951DB70A	1054424	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2014-04-23 07:11:06	D7571FB88C91A05300B1EC1835200C1C	515312	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2014-04-23 07:11:06	D6628D559F16663F62D2AAA95AC730ED	496320	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOUC.EXE
2014-04-23 07:11:06	BC0035342F87B6E2B6E2EDEC540B35BF	478936	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE
2014-04-23 07:11:06	B250D11FFAFDF23DA54C717A05BC6C92	449216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\MSOSYNC.EXE
2014-04-23 07:11:06	7D36DBF0B4355C4204C94F30C3821ED0	21922464	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2014-04-23 07:11:06	527428444DDE1288A502182F6B374B17	4522688	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\GRAPH.EXE
2014-04-23 07:11:05	589AEB7287893196D585A336570F028F	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2014-04-23 07:11:05	23B85A0F237D3E439F98FA0B73EC490C	526024	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE
2014-04-23 07:10:44	F0ECAEDB879431874D2315630BD05502	578256	----a-w-	C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe
2014-04-23 07:10:22	D31FE31FD11E05A0503B59D694FB65FD	18926248	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
2014-04-23 07:10:21	E7910B535B3F52A0C795DA90626E28E5	1757352	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ONENOTE.EXE
2014-04-23 07:10:13	35F84DF8A5B0941D7DE5A8CE1E1D5413	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2014-04-23 07:10:11	DD76F47DFAB2AFE63B763B32636B9C60	25701024	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
2014-04-23 07:10:07	DF5AB1C45F8062054E2A9602A274A648	934056	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\FIRSTRUN.EXE
=== C: other files ==
2014-04-27 05:39:04	27F136ECD6443751CD538712584BC600	40568401	----a-w-	C:\ProgramData\Backup\BackupRepository\Backup\2014-03-21_20140427_073838_INC.zip
2014-04-25 07:05:56	DC33D0A1504F39E6F86B516AABD2E9C5	28181738	----a-w-	C:\ProgramData\Backup\BackupRepository\Backup\2014-03-21_20140425_090457_INC.zip
2014-04-23 07:48:56	3E398780A277B0AAC915B7DF1AC3FD45	40399878	----a-w-	C:\ProgramData\Backup\BackupRepository\Backup\2014-03-21_20140423_093200_TOTAL.zip
2014-04-23 07:16:47	B23882881EFD9404B62993906BC38709	2232664	----a-w-	C:\Windows\System32\Drivers\tcpip.sys
2014-04-23 07:16:44	7BE3EDFFA3216F989A6BDCB14795DD08	1939288	----a-w-	C:\Windows\System32\Drivers\ntfs.sys
2014-04-23 07:16:40	E6530FD4F61B40F338BF4355A21B9A09	278872	----a-w-	C:\Windows\System32\Drivers\msiscsi.sys
2014-04-23 07:16:40	431141C6859990824D17F71C30A78728	118784	----a-w-	C:\Windows\System32\Drivers\dfsc.sys
2014-04-23 07:16:40	0EF7ABB612F7270DD5ABB7C66F1774AA	332632	----a-w-	C:\Windows\System32\Drivers\storport.sys
2014-04-23 07:07:07	ABDBECAAD7D0D999BF196045514E7C97	1313718	----a-w-	C:\ProgramData\Adobe\CameraRaw\Adobe\AdobePatchFiles\{5459CCC0-6197-4FC0-AB3B-33E4D5BC145C}.zip
2014-04-23 07:07:02	5CF48BF2029F3C9CEA84FC61F2697F76	14539486	----a-w-	C:\Program Files\Common Files\Adobe\Adobe\AdobePatchFiles\{522D564E-7720-4A3C-AB8C-F33A0D4D2CA2}.zip
2014-04-23 07:06:59	5EC163C6C17EC3F2153B9958FF4587AC	13823802	----a-w-	C:\Program Files (x86)\Common Files\Adobe\Adobe\AdobePatchFiles\{2DA8518E-34F7-49E9-8750-46CA0AC203AD}.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"SanDiskSecureAccess_Manager.exe"="C:\Users\Speedy\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"BATINDICATOR"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe"
"BATINDICATORHL"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe"
"OSDTool"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"StartCCC"="c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"APVXDWIN"="C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\APVXDWIN.EXE /s"
"SCANINICIO"="C:\Program Files (x86)\Panda Security\Panda Global Protection 2014\Inicio.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"SanDiskSecureAccess_Manager.exe"="C:\Users\Speedy\AppData\Roaming\SanDisk\SanDiskSecureAccess_Manager.exe"
"CAHeadless"="C:\Program Files (x86)\Adobe\Elements 12 Organizer\CAHeadless\ElementsAutoAnalyzer.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~3\\Wincert\\WIN64C~1.DLL "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"BeatsOSDApp"="C:\Program Files\IDT\WDM\beats64.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2013-10-01 14:57:28	1111	----a-w-	C:\Users\Speedy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk
2013-09-05 14:28:52	2101	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\HPCeeScheduleForSpeedy.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [14/09/2010 00:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForSpeedy" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{7B220E74-0506-422E-A44B-A8412EF5A893}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Speedy\AppData\Roaming\TomTom\HOME\Profiles\5tm0nq58.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPDTDFJS"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-780575223-888846017-1703796463-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Speedy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=59 folders=16 29612895 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Speedy\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Speedy\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 28/04/2014 at 10:31:03,11 ======================