
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Jip on wo 30-04-2014 at 12:34:43,94.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Jip\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2013-08-29-194222.log	19410 bytes
C:\zoek-results29-08-2013-1604.log	2573 bytes
C:\zoek-results29-08-2013-2022.log	36994 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\AVS4YOU deleted successfully
C:\PROGRA~2\PokerStars deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Jip\AppData\Roaming\hpqLog deleted successfully
C:\Users\Jip\AppData\Roaming\QuickScan deleted successfully
C:\Users\Jip\AppData\Local\PokerStars deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2585756026-642255270-3478008076-1000\Software\Microsoft\Internet Explorer\SearchScopes\{00380013-E1E5-4BCD-BF3F-876F155171FC} deleted successfully
HKEY_USERS\S-1-5-21-2585756026-642255270-3478008076-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511421153} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{11111111-1111-1111-1111-110511421153} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421153} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421153} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BackupStack deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Wpm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginService deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421153}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421146}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511421153}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"WebCake Desktop"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"ApnTBMon"=- 
"fst_nl_39"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce] 
"upfst_nl_39.exe"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Users\Jip\AppData\Roaming\Betcat not found
C:\Program Files (x86)\PokerStars not found
"C:\Users\Jip\Desktop\PartyCasino.lnk" not found
C:\Program Files (x86)\MediaPlayerplus deleted
C:\Program Files (x86)\Freeven pro 1.2 deleted
C:\Program Files (x86)\SupTab deleted
C:\Program Files (x86)\SearchProtect deleted
C:\Users\Jip\AppData\Roaming\Optimizer Elite Max deleted
C:\ProgramData\IePluginService deleted
C:\ProgramData\WPM deleted
C:\Program Files (x86)\AnyProtectEx deleted
C:\Users\Jip\AppData\Roaming\webssearches deleted
C:\PROGRA~2\Shareaza Applications deleted
C:\extensions deleted
C:\found.000 deleted
C:\found.001 deleted
C:\Users\Jip\AppData\Roaming\SupTab deleted
C:\PROGRA~3\AskPartnerNetwork deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\WinterSoft deleted
C:\Users\Jip\AppData\Local\nsi707B.tmp deleted
C:\Users\Jip\AppData\Local\SearchProtect deleted
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk deleted
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Users\Jip\Downloads\Breaking Bad S05 Season 5 COMPLETE 720p HDTV x264-PublicHD.exe deleted
"C:\Windows\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-1.job" deleted
"C:\Windows\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-3.job" deleted
"C:\Windows\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-4.job" deleted
"C:\Windows\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-5.job" deleted
"C:\Windows\tasks\APSnotifierPP1.job" deleted
"C:\Windows\tasks\APSnotifierPP2.job" deleted
"C:\Windows\tasks\APSnotifierPP3.job" deleted
"C:\Windows\tasks\b0625433-0826-4d86-9af6-bc28310b6329-1.job" deleted
"C:\Windows\tasks\b0625433-0826-4d86-9af6-bc28310b6329-2.job" deleted
"C:\Windows\tasks\b0625433-0826-4d86-9af6-bc28310b6329-3.job" deleted
"C:\Windows\tasks\b0625433-0826-4d86-9af6-bc28310b6329-4.job" deleted
"C:\Windows\tasks\b0625433-0826-4d86-9af6-bc28310b6329-5.job" deleted
"C:\Windows\tasks\Norton Security Scan for Jip.job" deleted
"C:\Windows\tasks\schedule!451760640.job" deleted
"C:\Program Files (x86)\fst_nl_39\fst_nl_39.exe" deleted
"C:\Users\Jip\AppData\Local\fst_nl_39\upfst_nl_39.exe" deleted
"C:\Program Files (x86)\MyPC Backup\AWSSDK.dll" deleted
"C:\Program Files (x86)\MyPC Backup\GetText.dll" deleted
"C:\Program Files (x86)\MyPC Backup\MPCBClient.dll" deleted
"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe" deleted
"C:\Program Files (x86)\MyPC Backup\ObjectListView.dll" deleted
"C:\Program Files (x86)\MyPC Backup\Shared Stack.dll" deleted
"C:\Users\Jip\AppData\Roaming\VOPackage\VOsrv.exe" deleted
"C:\PROGRA~2\MyPC Backup\AWSSDK.dll" deleted
"C:\PROGRA~2\MyPC Backup\GetText.dll" deleted
"C:\PROGRA~2\MyPC Backup\MPCBClient.dll" deleted
"C:\PROGRA~2\MyPC Backup\MyPC Backup.exe" deleted
"C:\PROGRA~2\MyPC Backup\ObjectListView.dll" deleted
"C:\PROGRA~2\MyPC Backup\Shared Stack.dll" deleted
"C:\PROGRA~2\fst_nl_39\fst_nl_39.exe" deleted
"C:\Users\Jip\AppData\Roaming\VOPackage\VOsrv.exe" deleted
"C:\Users\Jip\AppData\Local\fst_nl_39\upfst_nl_39.exe" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\Program Files (x86)\MyPC Backup\x64\System.Data.SQLite.dll" deleted
"C:\PROGRA~2\MyPC Backup\x64\System.Data.SQLite.dll" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\Program Files (x86)\AskPartnerNetwork" deleted
"C:\Program Files (x86)\fst_nl_39" deleted
"C:\Users\Jip\AppData\Local\fst_nl_39" deleted
"C:\Program Files (x86)\MyPC Backup" not deleted
"C:\Users\Jip\AppData\Roaming\VOPackage" not deleted
"C:\PROGRA~2\MyPC Backup" not deleted
"C:\PROGRA~2\fst_nl_39" deleted
"C:\PROGRA~2\AskPartnerNetwork" deleted
"C:\Users\Jip\AppData\Roaming\VOPackage" not deleted
"C:\Users\Jip\AppData\Local\fst_nl_39" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted
"C:\Program Files (x86)\MyPC Backup\Database" not deleted
"C:\Program Files (x86)\MyPC Backup\x64" not deleted
"C:\PROGRA~2\MyPC Backup\Database" not deleted
"C:\PROGRA~2\MyPC Backup\x64" not deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Jip\AppData\Local\Temp ====
2014-04-29 12:58:14	3E780C7EE3F0074BAE3070CF08128159	1727816	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\59734149_stp\AnyProtectScannerSetup.exe
2014-04-28 11:44:32	E5575149A477DC94AF527FC7D751A407	6379728	----a-w-	C:\Users\Jip\AppData\Local\Temp\nsh5EC\SpSetup.exe
2014-04-27 12:37:29	FEF851E857E8A4567DA072EDF2E0CC6E	18335744	----a-w-	C:\Users\Jip\AppData\Local\Temp\flashsetup.msi
2014-04-27 12:35:33	84026901679D193AAD34BE6E8FC47512	6244928	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\mediaplayerpluuss.exe
2014-04-27 12:35:25	771403A16386A06AB7D76449ED2919B8	296161	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\VOPackage.exe
2014-04-27 12:35:23	F057FF0DAC049C919DC13152FEDC31BC	73808	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\Cloud_Backup_Setup.exe
2014-04-27 12:35:16	AC1E1FE274C2BA03427C4003C196D7F9	208848	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\DesktopWeatherAlertsSetup.exe
2014-04-27 12:35:16	9590F245024EE416100C6D9F4F6561A1	3269344	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\Freesofttoday.exe
2014-04-27 12:35:09	21FA18E01E7DB523DBF3DF0A57FAABE7	6275208	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\freeven-prox-1-22.exe
2014-04-27 12:35:05	816083D5B5E67C66604B3021C24B4C81	596120	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\lly_webssearches.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\8819988_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\250804_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\2028657_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\1956281_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\1943918_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\12227365_stp\AnyProtectScannerSetup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-04-30 09:57:47	AA12D7A960DB78DD9690AB5B5DAE6586	440832	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-04-30 09:57:09	CE6921D33682C6C3DB8A45853CC69402	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-04-30 09:56:51	A127D17C354B473B0F4C6265538F5A2C	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-04-30 09:56:38	7E9FE7DB43BC204E44F159F843E35C15	367616	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-04-30 09:56:37	EDACA6C44D9CE200F899B7DB0F201DFF	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-04-30 09:56:37	EBC35FE64056910A84485BEEB6DCCAC6	524288	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-04-30 09:56:37	34FC79C948EE2C5FD0CD699E7D7F91B7	244224	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-04-30 09:56:36	31385A6CAA31BE9D07B0B32E5AA99ABB	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-04-30 09:56:34	82287FCFFA4A2D60FD744E3FEB3192C5	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-04-30 09:56:34	21BF6759685FD193715B483F2B3F21B1	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-04-30 09:56:34	0FDC1A576A3F40420882C0F7C4A66EAD	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-04-30 09:56:28	C9CA9803299EB6AFA34CB520BAAB083D	32256	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-04-30 09:56:15	BB185D4A9362AA17CBCEC0768CDBF249	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-04-30 09:56:15	6557B48D53D653CFCCE3CB1CFA53A8E1	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-04-30 09:56:15	0F4A295516781897FFB09B4CCF2E8798	592896	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-04-30 09:56:08	05BD47136DE62FAFE9F95B40E4100144	2178048	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-04-30 09:56:07	E4E829EE073E046B0EB19B5FECB19B8C	1789440	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-04-30 09:56:05	76F58DB8F85C125E0D6B3AA42F3BF1D0	1143808	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-04-30 09:56:02	C4A383FD50FBD7E274DD41CF571DF898	1967104	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-04-30 09:55:54	2AFBB91BBD2378933B26E6D68C140D1B	11745792	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-04-30 09:55:47	EA85144F35EDE6EE25C484D4242FF2C8	17387008	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-04-30 09:55:37	8C46360D6EF9D4C563FE834C4F287DA3	4254720	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-04-27 12:37:58	52FA726F8D37412122EC4EF1DF09D80F	692616	----a-w-	C:\Windows\SysWOW64\FlashPlayerApp.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-04-30 09:57:47	7446786E7092ABE122D372F95E6ED74B	574976	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-04-30 09:57:11	FFF555C177D9F2B79B5C3146BED09FB1	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-04-30 09:56:51	6A8AA25D37F89E40B834F34950E3B89B	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-04-30 09:56:49	D6067F7EE060C5D6D79008AD591B4E3B	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-04-30 09:56:49	964C89BC8A52A260D68C90FDDEB862E2	38400	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-04-30 09:56:49	3F498856C68725717195C16568FE19D0	586240	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-04-30 09:56:48	72116CC377FF4281B0132C397026D911	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-04-30 09:56:43	3F547245C78F4847B73EDDFD4A2F7E12	752640	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-04-30 09:56:38	E0D95345D1EBB54F28E958782B9C0CE0	453120	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-04-30 09:56:38	CFBA793F678EB3855052ECF99357A9A1	296960	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-04-30 09:56:37	E7161E2C66FF9B1E87C30FC9D2497ABB	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-04-30 09:56:37	CB57E934280D346AE0A9B053DAA284C5	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-04-30 09:56:36	75AD355828187145A60E3DC7BAF7B0F3	628736	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-04-30 09:56:34	A3F9A9E46BDDBB8B20B7CF3EEDB990F2	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-04-30 09:56:34	1BF215FF4DF6DE10D2F81A2CE85157D2	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-04-30 09:56:19	37D0FB9E5E8EDA40B66FC3FB3D660261	23549440	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-04-30 09:56:15	EBAD8A4D048ED257E4A45F6356541F86	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-04-30 09:56:15	915D8A9E112C97C90C654F792B6B28B9	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-04-30 09:56:14	A3A132CBE48AF0324466469F2CAAE8A2	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-04-30 09:56:13	710FD0E362A1A5C087DB90C1BAC46411	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-04-30 09:56:07	1F8534A19A66275C863DE17645CB2A13	2767360	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-04-30 09:56:06	F220BA78AB542C70211D73AE4729B2CD	2260480	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-04-30 09:56:04	32417AE8280276968E5C551ED85D3525	1400832	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-04-30 09:56:01	1654093C8BD3342997D27B71684ACCE8	2043904	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-04-30 09:55:57	A14BB2F5F6457738AAA11367F5172A05	13551104	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-04-30 09:55:41	BF25489459C7A762DD7B3186C7E3984D	5784064	----a-w-	C:\Windows\Sysnative\jscript9.dll
====== C:\Windows\Sysnative\drivers =====
2014-04-09 19:50:12	96BB922A0981BC7432C8CF52B5410FE6	274880	----a-w-	C:\Windows\Sysnative\drivers\msiscsi.sys
2014-04-09 19:50:11	B3222734D80013D2C73841B0C549FA63	27584	----a-w-	C:\Windows\Sysnative\drivers\Diskdump.sys
2014-04-09 19:50:11	A3F0BC5897F9D3786A3CB695B163633A	190912	----a-w-	C:\Windows\Sysnative\drivers\storport.sys
2014-04-09 19:45:12	1A29A59A4C5BA6F8C85062A613B7E2B2	1684928	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
====== C:\Windows\Tasks ======
2014-04-27 12:38:00	D92902DEBCA8FC37B52CB2C3B6166750	3878	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2014-04-27 12:38:00	C6C22653B29AD44C29E47828AB947EFD	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-04-27 12:36:27	3820A1726BD54DCF81D329178DDA77A9	4410	----a-w-	C:\Windows\Sysnative\Tasks\400bf7fd-21d1-48b8-8278-2947ee324416-2
2014-04-27 12:36:25	463D242D81E75F77A9E840D3F6A280EA	1380	----a-w-	C:\Windows\Tasks\400bf7fd-21d1-48b8-8278-2947ee324416-2.job
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-04-28 18:01:50	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-04-27 12:35:58	--------	d-----w-	C:\PROGRA~2\MyPC Backup
======= C: =====
====== C:\Users\Jip\AppData\Roaming ======
2014-04-27 12:41:01	5BE8595D3E4668A1F8EB3D061A3F6864	5265	----a-w-	C:\Users\Jip\AppData\Roaming\callbanner.png
2014-04-27 12:38:09	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Jip\AppData\Roaming\aps.scan.results
2014-04-27 12:38:09	58744198266F0E743DDCB8A0FE9417CC	1196	----a-w-	C:\Users\Jip\AppData\Roaming\aps.scan.quick.results
2014-04-27 12:38:09	42086FAC9D7C2E2FCCD839036BE6BECA	318	----a-w-	C:\Users\Jip\AppData\Roaming\aps.uninstall.scan.results
2014-04-27 12:36:19	--------	d-----w-	C:\Users\Jip\AppData\Local\Local_Weather_LLC
2014-04-27 12:36:02	--------	d-----w-	C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-04-27 12:35:57	--------	d-----w-	C:\Users\Jip\AppData\Roaming\VOPackage
2014-04-27 12:35:51	--------	d-----w-	C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts
2014-04-27 12:35:22	--------	d-----w-	C:\Users\Jip\AppData\Local\WeatherAlerts
====== C:\Users\Jip ======
2014-04-28 18:01:30	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jip\Downloads\RSITx64.exe
2014-04-27 12:36:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max
2014-04-27 12:35:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_to_day
2014-04-27 12:33:21	653630A12FC909C8C698E66B7FB31812	502160	----a-w-	C:\Users\Jip\Downloads\Java (1).exe
2014-04-27 12:33:13	708456F0FF0278EAFA919F863C1AA2DA	502160	----a-w-	C:\Users\Jip\Downloads\Java.exe

====== C: exe-files ==
2014-04-30 10:06:47	2E2E93A9B2FB83E6EA967FE57EDF7578	605808	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WU1VQKMA\Setup[3].exe
2014-04-30 09:57:01	F972DDD19A10F53D74021DDEAC07CCA6	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-04-30 09:57:01	E0155A11B26C7D5347069AB7ACB62D02	222720	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2014-04-30 09:57:01	C5C7E33308BAE18BD9F59F9A93E85D33	482816	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-04-30 09:57:01	BEA4E0C0BA936E8A3DB24D1A37BF70BE	222720	----a-w-	C:\Program Files (x86)\Internet Explorer\ielowutil.exe
2014-04-30 09:56:04	EA8386CA87165460D39A1D29FF11080B	809680	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-04-30 09:56:03	0667ED9F8E905E1F73DB60ACCEDCBCA7	811728	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-04-29 17:42:07	52214F45AE4F8422C473DA339001AE0E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2585756026-642255270-3478008076-1000\$ITTOR60.exe
2014-04-29 12:58:14	3E780C7EE3F0074BAE3070CF08128159	1727816	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\59734149_stp\AnyProtectScannerSetup.exe
2014-04-28 18:01:51	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Jip.exe
2014-04-28 18:01:30	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Jip\Downloads\RSITx64.exe
2014-04-28 17:44:53	79CACA103DA5AB8EBED082503615CD37	1119448	----a-w-	C:\Users\Jip\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.131\34.0.1847.131_34.0.1847.116_chrome_updater.exe
2014-04-28 11:44:32	E5575149A477DC94AF527FC7D751A407	6379728	----a-w-	C:\Users\Jip\AppData\Local\Temp\nsh5EC\SpSetup.exe
2014-04-28 11:44:32	E5575149A477DC94AF527FC7D751A407	6379728	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W5K97PG\SPSetup[1].exe
2014-04-28 11:44:22	5E144DD2B309BD00D2BE3D7CC4DC786F	124184	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WU1VQKMA\spstub[1].exe
2014-04-27 14:50:57	DB2B773BB416F41130DAAB5BC544B550	611673	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S0CXS83C\Setup[1].exe
2014-04-27 12:36:23	A8A1A826D71DB179C0C2DEED9D94EFB7	21752320	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3W5K97PG\AnyProtect[1].exe
2014-04-27 12:36:18	1624B099ED06B0261FC02298182733DD	135299	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CSIA0M6T\ClickMeInGeneric[1].exe
2014-04-27 12:36:05	CA44D2D9125393AD447D0315696DF44A	1107768	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WU1VQKMA\Setup[2].exe
2014-04-27 12:35:51	3CAB8C3D08FA5967BBC86D7C3334D6DC	52339	----a-w-	C:\Users\Jip\AppData\Local\WeatherAlerts\uninstall.exe
2014-04-27 12:35:48	B7A4DFCDAB207AEA6795B94417107C87	240736	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CSIA0M6T\weatheralerts[1].exe
2014-04-27 12:35:33	84026901679D193AAD34BE6E8FC47512	6244928	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\mediaplayerpluuss.exe
2014-04-27 12:35:25	771403A16386A06AB7D76449ED2919B8	296161	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\VOPackage.exe
2014-04-27 12:35:23	F057FF0DAC049C919DC13152FEDC31BC	73808	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\Cloud_Backup_Setup.exe
2014-04-27 12:35:22	252AE4CDABAE46180699207C80147872	146097	----a-w-	C:\Users\Jip\AppData\Local\WeatherAlerts\DesktopWeatherAlertsuninstall.exe
2014-04-27 12:35:21	7503BB28DCFAEE54DAED5B25C5798558	482152	----a-w-	C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WU1VQKMA\DesktopWeatherAlertsSetup[1].exe
2014-04-27 12:35:16	AC1E1FE274C2BA03427C4003C196D7F9	208848	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\DesktopWeatherAlertsSetup.exe
2014-04-27 12:35:16	9590F245024EE416100C6D9F4F6561A1	3269344	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\Freesofttoday.exe
2014-04-27 12:35:09	21FA18E01E7DB523DBF3DF0A57FAABE7	6275208	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\freeven-prox-1-22.exe
2014-04-27 12:35:05	816083D5B5E67C66604B3021C24B4C81	596120	----a-w-	C:\Users\Jip\AppData\Local\Temp\cd123bbf-156e-4763-9cbb-dbfa894340d9\software\lly_webssearches.exe
2014-04-27 12:33:21	653630A12FC909C8C698E66B7FB31812	502160	----a-w-	C:\Users\Jip\Downloads\Java (1).exe
2014-04-27 12:33:13	708456F0FF0278EAFA919F863C1AA2DA	502160	----a-w-	C:\Users\Jip\Downloads\Java.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\8819988_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\250804_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\2028657_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\1956281_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\1943918_stp\AnyProtectScannerSetup.exe
2014-04-25 15:01:20	F850B725FBDE7C5D8318C3D11FFCE454	1090218	------w-	C:\Users\Jip\AppData\Local\Temp\is45637729\12227365_stp\AnyProtectScannerSetup.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2585756026-642255270-3478008076-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"Google Update"="C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"Spotify Web Helper"="C:\Users\Jip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Jip\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"upfst_nl_39.exe"="C:\Users\Jip\AppData\Local\fst_nl_39\upfst_nl_39.exe -runonce"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe"
"Google Update"="C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"Spotify Web Helper"="C:\Users\Jip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Jip\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll c:\\progra~3\\browse~2\\261519~1.190\\{c16c1~1\\browse~1.dll c:\\progra~2\\easylife\\sprote~1.dll c:\\progra~2\\browse~1\\sprote~1.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5ServiceManager\\CS5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BDAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BDAgent"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\BitDefender\\BitDefender 2011\\bdagent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitDefender Antiphishing Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BitDefender Antiphishing Helper"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\BitDefender\\BitDefender 2011\\ieshow.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Jip\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightScribe Control Panel"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MobileConnect]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MobileConnect"
"hkey"="HKLM"
"command"="%programfiles%\\Vodafone\\Vodafone Mobile Connect\\Bin\\MobileConnect.exe /silent"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /nosplash /minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\uTorrent\\uTorrent.exe\""


==== Startup Folders ======================

2014-04-27 12:35:22	1167	----a-w-	C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk
2012-02-06 13:38:43	1044	----a-w-	C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2014-04-27 12:35:51	1135	----a-w-	C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-2.job --a------ [Undetermined Task]
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [27-04-2014 14:38]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2585756026-642255270-3478008076-1000Core.job --a------ C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe [22-01-2011 22:05]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2585756026-642255270-3478008076-1000UA.job --a------ C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe [22-01-2011 22:05]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\400bf7fd-21d1-48b8-8278-2947ee324416-2" [C:\Program Files (x86)\Freeven pro 1.2\400bf7fd-21d1-48b8-8278-2947ee324416-2.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-jip01-Jip" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2585756026-642255270-3478008076-1000Core" [C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2585756026-642255270-3478008076-1000UA" [C:\Users\Jip\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{677B4A24-EE2A-4352-96B2-ABB3C38497A4}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{656E3A4F-7AE0-45A0-838D-2BE1059DB126}" ["c:\users\jip\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"FFToolbar@bitdefender.com"="C:\Program Files\BitDefender\BitDefender 2011\bdaphffext" [29-04-2011 11:22]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"FFToolbar@bitdefender.com"="C:\Program Files\BitDefender\BitDefender 2011\bdaphffext" [29-04-2011 11:22]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
pljcgbedjplidkdjahbaalanadmjfgop - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx[]

Freeven pro 1.2 - Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb
MediaPlayerplus - Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd
Google Wallet - Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Quick Start - Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma

==== Chrome Fix ======================

C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_assets.dealply.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_assets.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_img.dealply.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_img.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_servedby.dealply.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_servedby.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_servedse.dealply.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_servedse.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmgpbjjcdccinnndjdgmegndbmhbgglb deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dmgpbjjcdccinnndjdgmegndbmhbgglb_0 deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\dmgpbjjcdccinnndjdgmegndbmhbgglb deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Extensions\majjphhgppkndjjkmhhnbgafooenebhd deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0.localstorage-journal deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_majjphhgppkndjjkmhhnbgafooenebhd_0 deleted successfully
C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\majjphhgppkndjjkmhhnbgafooenebhd deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.conduit.com/?gd=&ctid=CT3320052&octid=EB_ORIGINAL_CTID&ISID=M291CA40F-DB8B-47AF-97B8-FE4ECFF0F8F9&SearchSource=55&CUI=&UM=5&UP=SP60C3541E-CC52-4014-9288-4EA264288E4B&SSPV="
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://istart.webssearches.com/?type=hp&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2&q={searchTerms}"
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2"
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://istart.webssearches.com/?type=hp&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2"
"Search Page"="http://istart.webssearches.com/web/?type=ds&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2&q={searchTerms}"
"Default_Page_URL"="http://istart.webssearches.com/?type=hp&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2"
"Default_Search_URL"="http://istart.webssearches.com/web/?type=ds&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2&q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{3A9A1EB9-CC82-42CF-A9A6-81788C79396C} Wikipedia  Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{5B4342F4-28AE-4242-A196-2C7DC156DEAF} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
{675B3CBF-EC35-AA55-1A28-4DC97D0D83B4} Web Search Url="http://search.shareazaweb.com/web?src=ieb&systemid=3&q={searchTerms}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== shortcuts on Users Desktops ======================

C:\Users\Jip\Desktop\Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\Desktop\Continue VuuPC Installation.lnk - C:\Users\Jip\AppData\Local\Temp\ICReinstall_nsd3770.tmp  /RR
C:\Users\Jip\Desktop\Dropbox.lnk - C:\Users\Jip\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
C:\Users\Jip\Desktop\Norton Installation Files.lnk - C:\Users\Public\Downloads\Norton\{NISADM-B201-4abb-B07C-C084B04B4F12} 
C:\Users\Jip\Desktop\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
C:\Users\Jip\Desktop\Play HP Games.lnk - C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe /src desktoptpd
C:\Users\Jip\Desktop\Spotify.lnk - C:\Users\Jip\AppData\Roaming\Spotify\spotify.exe 
C:\Users\Jip\Desktop\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe 
C:\Users\Jip\Desktop\Anne Marie\Artikel toets 4 Anne Marie (Autosaved).docx - Snelkoppeling.lnk - C:\Users\Jip\Documents\Anne Marie\Toets 4\Artikel toets 4 Anne Marie (Autosaved).docx 
C:\Users\Jip\Desktop\Anne Marie\Onderzoek - Snelkoppeling.lnk - F:\Onderzoek 
C:\Users\Jip\Desktop\Jip\Fontys\Stage docs\Marketing_plan_2.0%5b1%5d((Autosaved-301993853114737040)) - Snelkoppeling.lnk - C:\Users\Jip\Documents\Marketing_plan_2.0%5b1%5d((Autosaved-301993853114737040)).asd 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe 
C:\Users\Public\Desktop\avast Free Antivirus.lnk -  
C:\Users\Public\Desktop\BitDefender Antivirus 2011.lnk - C:\Program Files (x86)\BitDefender\BitDefender 2011\bdagent.exe /startui
C:\Users\Public\Desktop\deklas.nu Thuiswerken starten.lnk - C:\Windows\Installer\{EFED70E6-427C-4E00-AADF-F492B7CA342A}\_DADBB3E96439937921AB97.exe 
C:\Users\Public\Desktop\Express Burn.lnk - C:\Program Files (x86)\NCH Software\ExpressBurn\expressburn.exe 
C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\Norton Security Scan.LNK - C:\Program Files (x86)\Norton Security Scan\Engine\4.0.1.16\Nss.exe 
C:\Users\Public\Desktop\Optimizer Elite Max.lnk - C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe 
C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe 
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe 
C:\Users\Public\Desktop\Unibet.lnk - C:\Microgaming\Poker\unibetpokerMPP\mppoker.exe 
C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe 
C:\Users\Public\Desktop\�Torrent.lnk -  

==== shortcuts in Users Start Menu ======================

C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DesktopWeatherAlerts.lnk - C:\Users\Jip\AppData\Local\WeatherAlerts\DesktopWeatherAlertsApp.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Weather Alerts.lnk - C:\Users\Jip\AppData\Local\WeatherAlerts\WeatherAlerts.exe /restart
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage\Configure.lnk - C:\Users\Jip\AppData\Roaming\VOPackage\VOPackage.exe /deploy
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Weather Alerts\Weather Alerts.lnk - C:\Users\Jip\AppData\Local\WeatherAlerts\WeatherAlerts.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\free_soft_to_day\Freesofttoday.lnk - C:\Program Files (x86)\fst_nl_39\freeSoftToday_widget.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max\Help.lnk - C:\Program Files (x86)\Optimizer Elite Max\Help\page02.html 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max\Optimizer Elite Max.lnk - C:\Program Files (x86)\Optimizer Elite Max\Optimizer Elite Max.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Elite Max\Uninstall Optimizer Elite Max.lnk - C:\Program Files (x86)\Optimizer Elite Max\unins000.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PartyCasino.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyCasino
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\partypoker.lnk - C:\Programs\PartyGaming\PartyGaming.exe -P=PartyPoker
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Play HP Games.lnk - C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe /src desktoptpd
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Unibet.lnk - C:\Microgaming\Poker\unibetpokerMPP\mppoker.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\�Torrent.lnk -  
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Paint.lnk - C:\Windows\system32\mspaint.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe http://istart.webssearches.com/?type=sc&ts=1398602116&from=tugs&uid=ST9250410AS_5VG87RS2
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Office Word 2007.lnk - C:\Windows\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe 

==== shortcuts After Repair ======================

C:\Users\Jip\Desktop\Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Jip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Jip\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Jip\AppData\Local\Google\Chrome\Application\chrome.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\GadgetBox Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6643BEAC-57D1-D121-D8F1-A7F8D07498A7} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{90B54736-09DD-4679-A492-41FF4B5665C0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{ACE9FB2A-31A5-4285-9510-43F1636EAB21} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60873200-C636-8A31-6AA3-5D127B9A5450} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{6F2682FA-013B-14E4-60EE-CBD70981FF04} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E4D1879A-7900-55CB-5458-A6AB2DEFA014} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3F-6E62-4961-A14B-95323C512F9B}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GadgetBox deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WPM deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\conduitEngine deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Jip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Jip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=820 folders=243 255434252 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Jip\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Jip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\MyPC Backup"  not found
"C:\Users\Jip\AppData\Roaming\VOPackage"  not found
"C:\PROGRA~2\MyPC Backup"  not found
"C:\Users\Jip\AppData\Roaming\VOPackage"  not found

==== EOF on wo 30-04-2014 at 13:00:26,36 ======================