Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by HP on za 17-05-2014 at 19:45:14.04.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\HP\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

17-5-2014 19:50:26 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\AVG deleted successfully
C:\Program Files\Mio deleted successfully
C:\Program Files\Movies Toolbar deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Panda Security deleted successfully
C:\PROGRA~2\eSafe deleted successfully
C:\PROGRA~2\Panda Security deleted successfully
C:\PROGRA~2\Wincert deleted successfully
C:\PROGRA~2\WinZipEC deleted successfully
C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\HP\AppData\Roaming\NFI-DC deleted successfully
C:\Users\HP\AppData\Roaming\Nico Mak Computing deleted successfully
C:\Users\HP\AppData\Roaming\OptiFlasher deleted successfully
C:\Users\HP\AppData\Roaming\Panda Security deleted successfully
C:\Users\HP\AppData\Roaming\SendSpace deleted successfully
C:\Users\HP\AppData\Roaming\Systweak deleted successfully
C:\Users\HP\AppData\Local\Bundled software uninstaller deleted successfully
C:\Users\HP\AppData\Local\Downloaded Installations deleted successfully
C:\Users\HP\AppData\Local\genienext deleted successfully
C:\Users\HP\AppData\Local\GHISLER deleted successfully
C:\Users\HP\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default

user.js not found
---- Lines WebSearch removed from prefs.js ----
user_pref("browser.search.defaulturl", "http://websearch.toolksearchbook.info/?pid=34&r=2014/01/19&hid=15782698513346681117&lg=EN&cc=BE&unqvl=46&l=1&q
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
---- Lines Lyric removed from prefs.js ----
user_pref("extensions.Lyrics@LyricsContainer.co.install-event-fired", true);
---- Lines CertifiedToolbar removed from prefs.js ----
user_pref("CertifiedToolbar_2938.global.ClearSearchHistoryOnClose", "false");
user_pref("CertifiedToolbar_2938.global.CurrentLanguageSelection", "English");
user_pref("CertifiedToolbar_2938.global.CurrentNavigationSelection", "Current window");
user_pref("CertifiedToolbar_2938.global.CurrentSearchEngineSelection", "US: United States of America");
user_pref("CertifiedToolbar_2938.global.DisplayRecentSearches", "true");
user_pref("CertifiedToolbar_2938.global.setupExtension", "true");
user_pref("CertifiedToolbar_2938.global.ShowButtonText2", "true");
user_pref("CertifiedToolbar_2938.global.UpdateTime", "1374413838210");
user_pref("CertifiedToolbar_2938.global.userEnable", true);
user_pref("CertifiedToolbar_2938.global.userID", "3b007902606582b63c529d262c0284db");
---- Lines Customized removed from prefs.js ----
user_pref("extensions.testpilot.alreadyCustomizedToolbar", true);
---- Lines crossrider removed from prefs.js ----
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.value", "%7B%2219x19.p
---- Lines helperbar removed from prefs.js ----
user_pref("extensions.helperbar.DockingPositionDown", false);
user_pref("extensions.helperbar.keepAliveLastevent", "1398837326");
user_pref("extensions.helperbar.lastExternalJsUpdate", "1398790751968");
user_pref("extensions.helperbar.SmartbarDisabled", false);
user_pref("extensions.helperbar.SmartbarStateMinimaized", false);
user_pref("extensions.helperbar.Visibility", false);
---- Lines defaulttab removed from prefs.js ----
user_pref("extensions.defaulttab.installdate", 1379155077);
user_pref("extensions.defaulttab.lastNetSeerDownload", 1381559563);
user_pref("extensions.defaulttab.lastUsed", 1379013394);
user_pref("extensions.defaulttab.useNewTabWhiteList", false);
---- Lines a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559 removed from prefs.js ----
user_pref("browser.uiCustomization.state", "{\"placements\":{\"PanelUI-contents\":[\"edit-controls\",\"zoom-controls\",\"new-window-button\",\"private
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a6
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.active", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbar", "NA");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.addressbarenhanced", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb.was_copied", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncdb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb.was_copied", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.asyncinternaldb_dbWasSet_FF25_FIX", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.backgroundver", 16);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.certdomaininstaller", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.changeprevious", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallationTime.value", "%221398837702%2
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.expiration", "Fri Feb 01 
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.description", "Apps Hat is the cool new Android 
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.domain", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.enablesearch", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.homepage", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.iframe", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationThankYouPage", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.InstallationTime", 1398837702);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.__defualt_browser__.value", "%22ff%22
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_last_executable_r
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_appVer.value", "77");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_lastVersion.value", "5");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_meta.expiration", "Fri Feb 
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.expiration", "Tue
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.expiration
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_remote_resources.value", "%
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.expiration"
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.internaldb.Resources_resource_485550.value", "%2
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastDailyReport", "1399962354604");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.lastUpdate", "1399962353753");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.manifesturl", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.name", "Apps Hat");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.newtab", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.opensearch", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsurl", "http://js.clientstaticserv.com/plu
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.pluginsversion", 53);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.publisher", "Nero");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.searchstatus", 0);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.setnewtab", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.thankyou", "");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.updateinterval", 360);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.48559.ver", 77);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.apps", "48559");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.bic", "141cb805be5d2d0f5d16f004b8c7b326");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.cid", 48559);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.FilesValidatorDueTime", "1399962400330");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.firstrun", false);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.hadappinstalled", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.installationdate", 1398838526);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.modetype", "production");
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.reportInstall", true);
user_pref("extensions.a39ed7c16185d4f88b976666d4928ba01fe4550c17a4f4a62ad1c45e0afdf81a4com48559.statsDailyCounter", 30);
---- FireFox user.js and prefs.js backups ---- 

prefs_17-05-2014_2045_.backup

ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_17-05-2014_2045_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Users\HP\AppData\Roaming\Systweak not found
C:\ProgramData\Systweak not found
C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
"C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job" not found
"C:\Windows\tasks\ASO-OneClickCare.job" not found
"C:\Windows\tasks\ASOService.job" not found
"C:\Windows\system32\sasnative32.exe" not found
C:\Program Files\Common Files\DVDVideoSoft deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\staged deleted
C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} deleted
C:\Users\HP\daemonprocess.txt deleted
C:\Users\HP\.android deleted
C:\Program Files\Mobogenie deleted
C:\Users\HP\AppData\Roaming\HoolappForAndroid deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\Package Cache deleted
C:\PROGRA~2\House Of Soft deleted
C:\Users\HP\AppData\Local\CRE deleted
C:\Users\HP\AppData\Local\avgchrome deleted
C:\Users\HP\AppData\Local\Mobogenie deleted
C:\Users\HP\AppData\Local\cache deleted
C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\HP\AppData\LocalLow\ilividmoviestoolbar181 deleted
C:\Users\HP\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Nation toolbar deleted
C:\END deleted
C:\Windows\Launcher.exe deleted
C:\Windows\system32\RegistryHelperLM.ocx deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\HP\Documents\Mobogenie deleted
"C:\Program Files\IObit\IObit Uninstaller\UninstallMenuRight32.dll" deleted
"C:\Program Files\IObit\IObit Uninstaller" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-04-29 14:43:18	E185BDA84E5F03F4E1D8DCA30E209277	1912	----a-w-	C:\Windows\epplauncher.mif
====== C:\Users\HP\AppData\Local\Temp ====
2014-05-14 18:36:13	B6F30625972B2B23418D478E6E2B7688	10432512	----a-w-	C:\Users\HP\AppData\Local\Temp\SkypeToolbars.msi
2014-05-14 18:35:10	3CC41B144C1B5AEA09094E170E6C102D	26222592	----a-w-	C:\Users\HP\AppData\Local\Temp\Skype.msi
2014-05-13 11:53:43	F7B53B4BD50C13D17F5C54F82CDE7836	82944	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DismHost.exe
2014-05-13 11:53:43	E8204977BC6E3688C230997A3439D9C9	50688	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DismCorePS.dll
2014-05-13 11:53:43	E2F5147A72BFAD06DD4FCAA87B0D5E19	347648	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\TransmogProvider.dll
2014-05-13 11:53:43	D63E6549994AA674244DF0D865CB3E18	230912	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DismCore.dll
2014-05-13 11:53:43	D4325A0D58442D54E9EC1AFDAEFE42A7	242688	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\UnattendProvider.dll
2014-05-13 11:53:43	CC0BDDF6D62624EDA518314145085E0A	318464	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DmiProvider.dll
2014-05-13 11:53:43	C1A9CAFB63831DB7C752E3E34798D713	345600	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\WimProvider.dll
2014-05-13 11:53:43	BC72ACDF946DCEBF708F2CE12E2E2F68	159744	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\MsiProvider.dll
2014-05-13 11:53:43	A399514D3B28C9A3453A486BBAAFF1C7	189952	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\wdscore.dll
2014-05-13 11:53:43	9A792DF9EC185DB78926625D538138FF	49152	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\FolderProvider.dll
2014-05-13 11:53:43	8DEA6A74055FCBC2130F870B2A13ACE8	141312	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DismProv.dll
2014-05-13 11:53:43	7E3CB248FAB83B591F4E94E8CEB0093E	141312	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\CompatProvider.dll
2014-05-13 11:53:43	66CD52C26F0EEA6FC4B6610BC271DA2C	541184	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\CbsProvider.dll
2014-05-13 11:53:43	65F53BBA060110B4D914CCBA59601A97	220160	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\SmiProvider.dll
2014-05-13 11:53:43	48FCFB47484EA1C24C32D24DEA1A64E4	250880	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\IntlProvider.dll
2014-05-13 11:53:43	4270B20EDB0BB5C22530F55912A3AF08	102912	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\OSProvider.dll
====== Java Cache =====
====== C:\Windows\system32 =====
2014-05-15 18:24:50	709381B76BE9CA90588824388AA7F4F3	4021	----a-w-	C:\Windows\System32\collectionCache.bnk
2014-05-15 10:06:12	FBCF3F01177953EBF1E735643621CCF5	69632	----a-w-	C:\Windows\System32\mshtmled.dll
2014-05-15 10:06:07	EB5347F6149D3FF25F4D609A21A3BD67	17382912	----a-w-	C:\Windows\System32\mshtml.dll
2014-05-15 10:06:07	10D531ADC7B8FB36C7361D44AF6E8AB6	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-05-15 07:56:06	1DA49BFA5B76D128851C9474C1A69B21	369664	----a-w-	C:\Windows\System32\aepdu.dll
2014-05-15 07:56:04	94CDF4D11590ABC56BD6EAD81A1017E9	302592	----a-w-	C:\Windows\System32\aeinv.dll
2014-05-15 07:55:53	4D59F470985D08139E42D15842816C47	3969984	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2014-05-15 07:55:52	9DE19EA21DF99AF15BA5A947E5317F9E	550912	----a-w-	C:\Windows\System32\kerberos.dll
2014-05-15 07:55:52	4D50D7654EB38B8385FA9EF3DA14D4BE	1059840	----a-w-	C:\Windows\System32\lsasrv.dll
2014-05-15 07:55:52	31FA2485DFC773F1E718A4D19F443FA9	3914176	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-05-15 07:55:51	ED195AC76E10F17F6DD60C49666F2A83	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2014-05-15 07:55:50	995B39A08421C7725D1DF8DACEBBFC89	538112	----a-w-	C:\Windows\System32\objsel.dll
2014-05-15 07:55:49	FD25B74DC1A18C56BF1A879BF086555A	293376	----a-w-	C:\Windows\System32\KernelBase.dll
2014-05-15 07:55:49	541BB9B4C899ADCC5D3DB89208C1F409	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2014-05-15 07:55:49	3A1ABE045A3E30799576E83A2D012B43	172032	----a-w-	C:\Windows\System32\wdigest.dll
2014-05-15 07:55:47	62C0798CC68EBF42F29C92E6CD6DC3D6	36864	----a-w-	C:\Windows\System32\dimsroam.dll
2014-05-15 07:55:46	FBC78B5D12A4F5A62D9C91E0E0E46D46	49664	----a-w-	C:\Windows\System32\adprovider.dll
2014-05-15 07:55:46	834A859BB331B0B2CCAE25BB1986F80D	47616	----a-w-	C:\Windows\System32\dpapiprovider.dll
2014-05-15 07:55:46	828185688FDAAE6C7959B884ABED1766	247808	----a-w-	C:\Windows\System32\schannel.dll
2014-05-15 07:55:46	38A30B8E4216BE24D30F766EF3BAC2C7	48128	----a-w-	C:\Windows\System32\capiprovider.dll
2014-05-15 07:55:46	335FA669FC952BC4888CEDBDB42607E2	51200	----a-w-	C:\Windows\System32\cngprovider.dll
2014-05-15 07:55:44	DD17E1573651293D4ED31053795B3471	22528	----a-w-	C:\Windows\System32\lsass.exe
2014-05-15 07:55:44	CAA3039FFA0CDF8C2A9845C1609CDE00	100352	----a-w-	C:\Windows\System32\sspicli.dll
2014-05-15 07:55:44	5E11C55CC4D9330E55CCB22B1F20BB33	35328	----a-w-	C:\Windows\System32\wincredprovider.dll
2014-05-15 07:55:43	C94CE65AE7701E9FDBA889045543E27C	22016	----a-w-	C:\Windows\System32\secur32.dll
2014-05-15 07:55:43	61BC8ACDEC57469B22EC519B22FB3642	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2014-05-15 07:55:43	2A86C18CE6869C77FCEB62F3B47D4D5B	17408	----a-w-	C:\Windows\System32\credssp.dll
2014-05-15 07:54:03	E9D88493FBDB36D4B65C6F2F7F122C95	12874240	----a-w-	C:\Windows\System32\shell32.dll
====== C:\Windows\system32\drivers =====
2014-05-15 07:55:47	D3964885F0A11ACF51DA3AAA776973B2	136640	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-05-15 07:55:45	4120DA10AA42A9996F4575DB9E3E6E6E	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2014-05-13 11:15:25	661B911FA04E73FB073FF9B1C9BD2E05	107736	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-13 11:14:15	2BB23932978D623D3D395AEAB1825BF1	73432	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-13 11:14:15	18898A87CBA96DEA2074C19E140938A8	51416	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-05-13 11:14:15	0C6EA0109CFEDF441F06D031E9A8D1A9	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-17 11:17:25	--------	d-----w-	C:\Program Files\trend micro
2014-05-15 10:14:51	--------	d-----w-	C:\Program Files\Common Files\DESIGNER
2014-05-14 18:35:43	--------	d-----w-	C:\Program Files\Common Files\Skype
2014-05-14 18:35:40	--------	d-----r-	C:\Program Files\Skype
2014-04-30 05:54:52	--------	d-----w-	C:\Program Files\Kingsoft
======= C: =====
2014-04-22 16:45:17	D46D074B8BF3F42AB0820C49AD760823	426	----a-w-	C:\AVScanner.ini
====== C:\Users\HP\AppData\Roaming ======
2014-05-14 18:44:26	--------	d-----w-	C:\Users\HP\AppData\Roaming\Spotify
2014-04-30 06:11:26	--------	d-----w-	C:\Users\HP\AppData\Local\Kingsoft
2014-04-30 05:54:52	--------	d-----w-	C:\Users\HP\AppData\Roaming\Kingsoft
====== C:\Users\HP ======
2014-05-17 11:15:57	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\HP\Downloads\RSIT.exe
2014-05-17 08:32:24	38E102B043C35222A5A5632FF7366732	15067808	----a-w-	C:\Users\HP\Downloads\aso3setup_30486.exe
2014-05-14 18:43:33	EBE958F2763D550894325A98A74055DE	126112	----a-w-	C:\Users\HP\Downloads\SpotifySetup.exe
2014-05-14 18:35:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-05-14 18:19:44	548F2AFEE167495DC90C13038CBC3B6A	1677440	----a-w-	C:\Users\HP\Downloads\SkypeSetup(1).exe
2014-05-13 11:09:59	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Users\HP\Downloads\mbam-setup-2.0.1.1004.exe
2014-05-09 10:40:02	--------	d-----r-	C:\Windows\system32\config\systemprofile\Searches
2014-05-02 09:04:43	0A6BDD7C9524E9E7D445BF2F022ECDE9	434	----a-w-	C:\Users\HP\betalingen.txt
2014-04-30 05:59:43	--------	d-----w-	C:\ProgramData\Kingsoft
2014-04-21 16:12:25	7C8A3EAA8210C05EEF43EF8595E18D29	1083	----a-w-	C:\Users\HP\Documenten - Snelkoppeling.lnk

====== C: exe-files ==
2014-05-17 11:17:25	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\HP.exe
2014-05-17 11:15:57	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\HP\Downloads\RSIT.exe
2014-05-17 08:32:24	38E102B043C35222A5A5632FF7366732	15067808	----a-w-	C:\Users\HP\Downloads\aso3setup_30486.exe
2014-05-15 07:56:06	53FF04461F9362482E0874EC80B8E357	135584	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-05-15 07:55:53	4D59F470985D08139E42D15842816C47	3969984	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2014-05-15 07:55:52	31FA2485DFC773F1E718A4D19F443FA9	3914176	----a-w-	C:\Windows\System32\ntoskrnl.exe
2014-05-15 07:55:44	DD17E1573651293D4ED31053795B3471	22528	----a-w-	C:\Windows\System32\lsass.exe
2014-05-14 18:45:01	3B6060D03FE2D982AC7F4C2CE1D4FD76	1176632	----a-w-	C:\Users\HP\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
2014-05-14 18:44:26	05E74AE62946582383140BB89792C17D	35004552	----a-w-	C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YNT32OX\SpotifyFullSetup[1].exe
2014-05-14 18:43:33	EBE958F2763D550894325A98A74055DE	126112	----a-w-	C:\Users\HP\Downloads\SpotifySetup.exe
2014-05-14 18:19:44	548F2AFEE167495DC90C13038CBC3B6A	1677440	----a-w-	C:\Users\HP\Downloads\SkypeSetup(1).exe
2014-05-14 14:57:40	A742CCF738AEFEF3078683BD0E803215	739808	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\34.0.1847.137\34.0.1847.137_34.0.1847.131_chrome_updater.exe
2014-05-13 11:53:43	F7B53B4BD50C13D17F5C54F82CDE7836	82944	----a-w-	C:\Users\HP\AppData\Local\Temp\AF32E50F-1CF0-42F2-A3C7-50916F9051B9\DismHost.exe
2014-05-13 11:09:59	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Users\HP\Downloads\mbam-setup-2.0.1.1004.exe
=== C: other files ==
2014-05-15 07:55:47	D3964885F0A11ACF51DA3AAA776973B2	136640	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-05-15 07:55:45	4120DA10AA42A9996F4575DB9E3E6E6E	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2014-05-13 11:15:25	661B911FA04E73FB073FF9B1C9BD2E05	107736	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-05-13 11:14:15	2BB23932978D623D3D395AEAB1825BF1	73432	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-05-13 11:14:15	18898A87CBA96DEA2074C19E140938A8	51416	----a-w-	C:\Windows\System32\drivers\mwac.sys
2014-05-13 11:14:15	0C6EA0109CFEDF441F06D031E9A8D1A9	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Monitor"="C:\Windows\PixArt\PAC207\Monitor.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files\Garmin\Express Tray\ExpressTray.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVG_UI"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\AVG\\AVG2013\\avgui.exe\" /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GarminExpressTrayApp"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Garmin\\Express Tray\\ExpressTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WebCake Desktop]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WebCake Desktop"
"hkey"="HKCU"
"command"="C:\\Users\\HP\\AppData\\Roaming\\Betcat\\WebCakeDesktop.exe"


[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"AS2014"=""


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [21-08-2013 15:11]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [21-08-2013 15:11]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\GarminUpdaterTask" [C:\Program Files\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [11-05-2014 08:22]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files\Common Files\DVDVideoSoft\plugins\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default
- Belgium eID - C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be
- DoNotTrackMe: Online Privacy Protection - %ProfilePath%\extensions\donottrackplus@abine.com

ProfilePath: C:\Users\HP\AppData\Roaming\Thunderbird\Profiles\xlp493qy.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\HP\AppData\Roaming\Mozilla\Firefox\Profiles\9anhn392.default
A58DE0A570148AF5FF3512B2A340D09F	- C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll -	Shockwave Flash
785105A23650755A8F7A72405EB0D923	- C:\Program Files\Google\Update\1.3.24.7\npGoogleUpdate3.dll -	Google Update
14365399E83D7BC15760E8676E890C87	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
14365399E83D7BC15760E8676E890C87	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
01D93217A9EE48DD37072B671378CC9C	- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll -	Silverlight Plug-In
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
5B92CB0A3EEE50F6B9AE036B4F9B0F0C	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
ABCB4A6EAB701C629378255ABCB308E5	- C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll -	Java(TM) Platform SE 7 U25
D7324EB1EDCB8990F8522DE0311359E9	- C:\Windows\system32\npDeployJava1.dll -	Java Deployment Toolkit 7.0.250.17
28986F0A2342A033345EF9E70D395E4F	- c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll -	Microsoft® Silverlight
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\system32\npmproxy.dll -	Microsoft® Windows® Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fjlclflgbknokloaadcdmnnibipeapok - C:\Users\HP\AppData\Local\CRE\fjlclflgbknokloaadcdmnnibipeapok.crx[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[11-04-2014 19:46]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fjlclflgbknokloaadcdmnnibipeapok - C:\Users\HP\AppData\Local\CRE\fjlclflgbknokloaadcdmnnibipeapok.crx[]
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

Vertalen.nu - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\giapagjeblcapfphboclikepoeelhgkj
DVDVideoSoft - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Google Wallet - HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.certified-toolbar.com?si=41460&st=bs&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
"Default"="www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://www.google.com"
"Default"="www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://www.google.com"
"newtab"="about:tabs"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816"
"Start Default_Page_URL"="http://search.certified-toolbar.com?si=41460&st=home&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816"
"Default_Search_URL"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
"Search Bar"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
"Search Page"="http://search.certified-toolbar.com?si=41460&st=chrome&tid=2938&ver=4.1&ts=1374413714396.000005&tguid=41460-2938-1374413714396-A72BB5194606C1E129EC8888F5238816&q="
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"CustomizeSearch"="http://www.bing.com/search?q={searchTerms}"
"SearchAssistant"="http://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Start Page"="http://www.google.com"
"Start Default_Page_URL"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Search Bar"="http://www.google.com"
"Search Page"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{006ee092-9658-4fd6-bd8e-a21a348e59f5}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"CustomizeSearch"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4057013218-24429279-960758687-1000\Software\Mozilla\Firefox\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\09047cc5-e66f-4024-a0a5-7111c6afd89d deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\24f04188-12ad-4e3d-8723-fc467c6c02b0 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fjlclflgbknokloaadcdmnnibipeapok deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\fjlclflgbknokloaadcdmnnibipeapok deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG_UI deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WebCake Desktop deleted successfully

==== Empty IE Cache ======================

C:\Users\HP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\HP\AppData\Local\Mozilla\Firefox\Profiles\9anhn392.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1999 folders=244 333305608 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\HP\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\HP\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files\IObit\IObit Uninstaller"  not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on za 17-05-2014 at 21:14:16.78 ======================