
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by di on di 08-07-2014 at 16:35:46,97.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\di\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

==== Empty Folders Check ======================

C:\Program Files\AOL deleted successfully
C:\Program Files\AVS4YOU deleted successfully
C:\Program Files\CompuClever deleted successfully
C:\Program Files\Ejqnszwbifkrota deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\PROGRA~2\4shared Desktop deleted successfully
C:\PROGRA~2\Canon IJ Network Tool deleted successfully
C:\PROGRA~2\IDM deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\di\AppData\Roaming\Abvent deleted successfully
C:\Users\di\AppData\Roaming\DMCache deleted successfully
C:\Users\di\AppData\Roaming\SUPERAntiSpyware.com deleted successfully
C:\Users\di\AppData\Roaming\TP deleted successfully
C:\Users\di\AppData\Roaming\WinRAR deleted successfully
C:\Users\di\AppData\Local\Pando deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
""=- 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"fsm"=- 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Software Informer] 

==== Deleting Files \ Folders ======================

C:\ProgramData\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~2\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
"C:\Windows\AutoKMS.exe" not found
C:\Users\di\AppData\LocalLow\{D232C893-B08E-5F23-B8AA-71906E243E16} deleted
C:\Users\di\.android deleted
C:\Program Files\Common Files\DVDVideoSoft\bin deleted
C:\Program Files\Yahoo! deleted
C:\found.000 deleted
C:\found.001 deleted
C:\found.002 deleted
C:\Users\di\AppData\Roaming\SimpleFiles deleted
C:\PROGRA~2\BM1a634d12.txt deleted
C:\PROGRA~2\ProductData deleted
C:\PROGRA~2\InstallMate deleted
C:\Users\di\AppData\Local\cache deleted
C:\Users\di\Searches deleted
C:\Users\di\Downloads\FreeYouTubeToMp3Converter.exe deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\config\systemprofile\Searches deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Windows\tasks\AutoKMSDaily.job" deleted
"C:\Windows\Installer\18e64d.msi" deleted
"C:\Users\di\AppData\Roaming\.googlewebacchosts" deleted
"C:\PROGRA~2\9d90009c50a52e65\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~2\9d90009c50a52e65\{497C131E-2032-051B-B32A-C69A960FBB13}" deleted
"C:\PROGRA~2\9d90009c50a52e65\{497C131E-2032-051B-B32A-C69A960FBB13}.old" deleted
"C:\PROGRA~2\9d90009c50a52e65\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~2\9d90009c50a52e65" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-07-07 08:52:53	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2014-07-07 08:52:53	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2014-07-07 08:52:53	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2014-07-07 08:52:53	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
2014-07-07 08:52:53	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
====== C:\Users\di\AppData\Local\Temp ====
2014-07-08 14:09:14	5634C601025C31032A0AF1590B4C0CA6	43008	----a-w-	C:\Users\di\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpr1mbk0.dll
2014-07-07 09:41:40	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
====== Java Cache =====
====== C:\Windows\system32 =====
2014-07-07 07:07:56	0DC5AF80D059DEC792B665ED598C6567	536576	----a-w-	C:\Windows\System32\sqlite3.dll
====== C:\Windows\system32\drivers =====
2014-07-04 23:11:06	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_Kernel_SynTP_01009.Wdf
2014-06-19 20:57:32	9F967A6DB0E6E0E01F898C26FEDD418B	71680	----a-w-	C:\Windows\System32\drivers\nhcDriver.sys
2014-06-19 17:01:55	D79B8B7BED8D30387C22663B24E8C191	256904	----a-w-	C:\Windows\System32\drivers\tmcomm.sys
2014-06-11 19:34:56	C7B0746FCD576D7EEBA6A2530B0B2966	905664	----a-w-	C:\Windows\System32\drivers\tcpip.sys
====== C:\Windows\Tasks ======
2014-07-07 10:33:06	092D2B09EDEACC4A7E26DD2DF9236BA4	2992	----a-w-	C:\Windows\system32\Tasks\{B73EFAC8-9991-4694-B942-48F5E261C88F}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-07 10:42:43	--------	d-----w-	C:\Program Files\Speccy
2014-07-06 00:59:55	--------	d-----w-	C:\Program Files\ReviverSoft
2014-07-03 18:21:00	--------	d-----w-	C:\Program Files\ESET
2014-06-21 22:16:47	--------	d-----w-	C:\Program Files\Enigma Software Group
2014-06-18 22:32:53	--------	d-----w-	C:\Program Files\Common Files\IVA
2014-06-18 22:32:16	--------	d-----w-	C:\Program Files\Common Files\Nuance
2014-06-18 22:26:50	--------	d-----w-	C:\Program Files\Nuance
2014-06-16 20:45:11	--------	d-----w-	C:\Program Files\MiniGet
======= C: =====
====== C:\Users\di\AppData\Roaming ======
2014-07-07 10:42:53	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-07-06 01:16:20	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Local\ESET
2014-07-03 18:33:58	--------	d-----w-	C:\Users\di\AppData\Local\ESET
2014-06-22 21:00:31	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\IObit
2014-06-22 20:46:43	--------	d-----w-	C:\Users\di\AppData\Locallow\IObit
2014-06-22 20:45:26	--------	d-----w-	C:\Users\di\AppData\Roaming\IObit
2014-06-20 23:07:07	D4AD950E7FA5A00F2357760D8370453C	59	----a-w-	C:\Users\di\AppData\Local\UserProducts.xml
2014-06-19 20:57:26	--------	d-----w-	C:\Users\di\AppData\Roaming\Notebook Hardware Control
2014-06-19 17:01:51	B3A023EF443757817246C184FF595B8D	36	----a-w-	C:\Users\di\AppData\Local\housecall.guid.cache
2014-06-19 16:56:09	--------	d-----w-	C:\Users\di\AppData\Roaming\QuickScan
2014-06-18 22:52:37	--------	d-----w-	C:\Users\di\AppData\Roaming\Nuance
2014-06-18 22:37:35	--------	d-----w-	C:\Users\di\AppData\Roaming\FLEXnet
2014-06-16 20:45:13	--------	d-----w-	C:\Users\di\AppData\Roaming\MiniGet
2014-06-16 20:41:43	--------	d-----w-	C:\Users\di\AppData\Local\23513
2014-06-16 18:55:57	--------	d-----w-	C:\Users\di\AppData\Local\MaxiGet Download Manager
====== C:\Users\di ======
2014-07-07 21:53:46	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\di\Downloads\RSIT.exe
2014-07-07 10:42:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2014-07-07 10:42:02	6DC6EBDF9391271098C40F6BA7779430	4890736	----a-w-	C:\Users\di\Downloads\spsetup126.exe
2014-07-07 10:38:20	C882E29819596BB487E59B4ABD6C33B7	4812672	----a-w-	C:\Users\di\Downloads\ccsetup415.exe
2014-07-07 09:41:27	CA630DBADEB5B6101531F986ADFE46C9	1016261	----a-w-	C:\Users\di\Downloads\JRT.exe
2014-07-07 07:06:43	3F98E2E1032EB50D927DFBF82C59214B	1346519	----a-w-	C:\Users\di\Downloads\AdwCleaner.exe
2014-07-06 01:00:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft
2014-07-06 00:59:06	9B4D658E6B5FF180AB771737E4809B51	5180192	----a-w-	C:\Users\di\Desktop\Setup-Registry Reviver 3.0.1.96 + Patch.exe
2014-07-06 00:54:24	02B67F468B066B833AF80DC3BEFFCDFB	9523301	----a-w-	C:\Users\di\Desktop\Patch for (32Bit).exe
2014-07-05 23:36:30	--------	d-----w-	C:\ProgramData\RegistryReviver.exe
2014-07-05 23:35:57	--------	d-----w-	C:\ProgramData\ReviverSoft
2014-07-05 23:34:55	5224089EB75FEC7A064EE02F9F477433	5327928	----a-w-	C:\Users\di\Downloads\RegistryReviverSetup.exe
2014-07-03 18:21:00	--------	d-----w-	C:\ProgramData\ESET
2014-06-19 08:54:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dragon NaturallySpeaking 11.0
2014-06-18 22:26:51	--------	d-----w-	C:\ProgramData\FLEXnet
2014-06-18 22:26:50	--------	d-----w-	C:\ProgramData\Nuance
2014-06-16 22:25:12	--------	d--h--w-	C:\ProgramData\CanonIJMIG

====== C: exe-files ==
2014-07-08 14:33:01	C465421E5AADD03BFC7465F6AC56A49E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3015403928-906410995-3568150009-1000\$IR6U0VJ.exe
2014-07-08 14:32:34	73008F7FA073E295BE391CF5E9038EEB	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3015403928-906410995-3568150009-1000\$IN742NZ.exe
2014-07-08 14:31:50	352E8561E633B17ED22012366721FFDC	1285120	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3015403928-906410995-3568150009-1000\$RR6U0VJ.exe
2014-07-08 14:31:41	352E8561E633B17ED22012366721FFDC	1285120	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-3015403928-906410995-3568150009-1000\$RN742NZ.exe
2014-07-07 21:58:01	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\Trend Micro\di.exe
2014-07-07 21:53:46	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\di\Downloads\RSIT.exe
2014-07-07 10:42:02	6DC6EBDF9391271098C40F6BA7779430	4890736	----a-w-	C:\Users\di\Downloads\spsetup126.exe
2014-07-07 10:38:20	C882E29819596BB487E59B4ABD6C33B7	4812672	----a-w-	C:\Users\di\Downloads\ccsetup415.exe
2014-07-07 09:41:40	2E0323A94915FAAB10A25F3BABF82584	157696	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
2014-07-07 09:41:27	CA630DBADEB5B6101531F986ADFE46C9	1016261	----a-w-	C:\Users\di\Downloads\JRT.exe
2014-07-07 08:52:53	F042EE4C8D66248D9B86DCF52ABAE416	256000	----a-w-	C:\Windows\PEV.exe
2014-07-07 08:52:53	9E05A9C264C8A908A8E79450FCBFF047	80412	----a-w-	C:\Windows\grep.exe
2014-07-07 08:52:53	5E832F4FAF5F481F2EAF3B3A48F603B8	68096	----a-w-	C:\Windows\zip.exe
2014-07-07 08:52:53	0297C72529807322B152F517FDB0A9FC	406528	----a-w-	C:\Windows\SWSC.exe
2014-07-07 08:52:53	0277C027A26428DB64EF4F64F52BB4FD	208896	----a-w-	C:\Windows\MBR.exe
2014-07-07 07:06:43	3F98E2E1032EB50D927DFBF82C59214B	1346519	----a-w-	C:\Users\di\Downloads\AdwCleaner.exe
2014-07-06 13:30:33	B237D9D29FA55BEB1B4EBE5B82F76A30	2953096	----a-w-	C:\Program Files\ESET\ESET NOD32 Antivirus\speclean.exe
2014-07-06 00:59:06	9B4D658E6B5FF180AB771737E4809B51	5180192	----a-w-	C:\Users\di\Desktop\Setup-Registry Reviver 3.0.1.96 + Patch.exe
2014-07-06 00:54:24	02B67F468B066B833AF80DC3BEFFCDFB	9523301	----a-w-	C:\Users\di\Desktop\Patch for (32Bit).exe
2014-07-06 00:19:26	3433CF435F84B24965A8202118F41A7A	1322832	----a-w-	C:\Users\di\AppData\Roaming\uTorrent\updates\3.4.2_32126.exe
2014-07-05 23:34:55	5224089EB75FEC7A064EE02F9F477433	5327928	----a-w-	C:\Users\di\Downloads\RegistryReviverSetup.exe
2014-07-03 19:36:39	59900A239E2E57EA6635ED984B31FE6C	3754368	----a-w-	C:\Users\di\Desktop\Run\a2HiJackFree.exe
2014-07-03 19:36:20	3D7E47A121A58F7E1E639419E7CB28C0	1153912	----a-w-	C:\Users\di\Desktop\Run\BlitzBlank.exe
2014-07-03 19:36:17	6B74CD3C871F728CDAF887E8ECBFE8F4	1593776	----a-w-	C:\Users\di\Desktop\EMERGENCY KIT\start.exe
2014-07-03 19:36:13	FEEA011E334F5F4D07A53AE43A4F5CBD	2559344	----a-w-	C:\Users\di\Desktop\Run\a2cmd.exe
2014-07-03 19:35:57	F22883E730B32A347081BC49E51A2A6C	4981344	----a-w-	C:\Users\di\Desktop\Run\a2emergencykit.exe
=== C: other files ==
2014-07-07 09:41:39	DD1E4D974B1672ABD09EFFB225791C4A	1230	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\TDL4.bat
2014-07-07 09:41:39	AD2F52DC72B10AF331692E4A4DD80DFC	18670	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\medfos.bat
2014-07-07 09:41:39	A87CD1BAC46CAC0EEEDB571F07077032	8104	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\modules.bat
2014-07-07 09:41:39	8E6020C14F982CF11B3FE7DBB0CB8EDE	24738	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\searchlnk.bat
2014-07-07 09:41:39	86707BCE5CBB65D9B1C41E249B4423BA	152733	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\firefox.bat
2014-07-07 09:41:39	83F691D8398F0E37E71E9355BF730DB9	719	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\ev_clear.bat
2014-07-07 09:41:39	7D8282EB94B5D639B7378811C1924A8F	9516	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\runvalues.bat
2014-07-07 09:41:39	654E9FE74B930A454EE5BDE165794B65	85	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\delorphans.bat
2014-07-07 09:41:39	5B92615B0CEA08D6BA1217C08CBB1443	15919	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\get.bat
2014-07-07 09:41:39	5B71358F97544D9DE58A9A0893079506	39458	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\prelim.bat
2014-07-07 09:41:39	53B191266B30D57F2F835ABBF54C68C5	13963	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\chrome.bat
2014-07-07 09:41:39	3BC04DEBBE9027060D51901133F60101	154678	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\misc.bat
2014-07-07 09:41:39	38A0BDF322ACCC968B0A824C38D50157	29635	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\ask.bat
2014-07-07 09:41:39	335DFF8F23E5EC02B5426362F0F8509B	31401	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\iexplore.bat
2014-07-07 09:41:39	2F80D807DB405C8F6E0F3706B9FED710	10161	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\JRT.bat
2014-07-07 09:41:39	0D08FBD2E6F6C6AC6A504712C4CE6CE3	1226	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\FWPolicy.bat
2014-07-07 09:41:39	0C4649A62845AB5D5DBCC4998477FF6D	1813	----a-w-	C:\Users\di\AppData\Local\Temp\jrt\delfolders.bat
2014-07-03 19:36:40	D27A8B7BB0E15DFBFC6B4E774EE17AD9	26176	----a-w-	C:\Users\di\Desktop\Run\a2ddax64.sys
2014-07-03 19:36:35	8B5B86249D663FA50D4CA86497EC4F35	60	----a-w-	C:\Users\di\Desktop\EMERGENCY KIT\CommandlineScanner.bat
2014-07-03 19:36:20	B794DCF38C965FA2F93C45A7C3D582C5	57024	----a-w-	C:\Users\di\Desktop\Run\cleanhlp64.sys
2014-07-03 19:36:02	DBC8CDAFC84E96E894C3BAAED9B30F47	50200	----a-w-	C:\Users\di\Desktop\Run\cleanhlp32.sys
2014-07-03 19:36:01	91A5B1985EFADC296720FC36E55C7A5B	56	----a-w-	C:\Users\di\Desktop\EMERGENCY KIT\EmergencyKitScanner.bat
2014-07-03 19:35:46	B0CC0B50441372157F31C4C023D43A3E	22056	----a-w-	C:\Users\di\Desktop\Run\a2ddax86.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_USERS\S-1-5-21-3015403928-906410995-3568150009-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\di\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"SpybotSD TeaTimer"="C:\Users\TEMP\Desktop\Spybot - Search & Destroy\TeaTimer.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized"
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"GoogleChromeAutoLaunch_E072BF84D99C5EFBCC9C20BDE1D1646F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"WAWifiMessage"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe"
"UCam_Menu"="C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files\CyberLink\YouCam update Software\CyberLink\YouCam\1.0"
"SynTPStart"="C:\Program Files\Synaptics\SynTP\SynTPStart.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"SMSERIAL"="C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
"QPService"="C:\Program Files\HP\QuickPlay\QPService.exe"
"QlbCtrl"="%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"
"PCSuiteTrayApplication"="C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup"
"OnScreenDisplay"="C:\Program Files\Hewlett-Packard\HP QuickTouch\HPKBDAPP.exe"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"IJNetworkScannerSelectorEX"="C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"hpWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"HP Health Check Scheduler"="c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"
"egui"="C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe /hide /waitservice"
"DNS7reminder"="C:\Program Files\Nuance\NaturallySpeaking11\Ereg\Ereg.exe -r C:\ProgramData\Nuance\NaturallySpeaking11\Ereg.ini"
"CanonQuickMenu"="C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\di\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"SpybotSD TeaTimer"="C:\Users\TEMP\Desktop\Spybot - Search & Destroy\TeaTimer.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /nosplash /minimized"
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"
"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler"
"GoogleChromeAutoLaunch_E072BF84D99C5EFBCC9C20BDE1D1646F"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe /automount"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech Desktop Messenger.lnk]
"backup"="C:\\Windows\\pss\\Logitech Desktop Messenger.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Logitech\\DESKTO~1\\8876480\\Program\\LOGITE~1.EXE -startup"
"item"="Logitech Desktop Messenger"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Logitech SetPoint.lnk]
"backup"="C:\\Windows\\pss\\Logitech SetPoint.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Logitech\\SetPoint\\SetPoint.exe "
"item"="Logitech SetPoint"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^di^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^budgetbuddy.lnk]
"backup"="C:\\Windows\\pss\\budgetbuddy.lnk.Startup"
"backupExtension"=".Startup"
"item"="budgetbuddy"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^di^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\di\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


==== Startup Folders ======================

2014-07-07 11:59:55	948	----a-w-	C:\Users\di\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-03-2010 21:45]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13-03-2010 21:45]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\AutoKMS" [C:\Windows\AutoKMS.exe]
"C:\Windows\system32\tasks\AutoKMSDaily" [C:\Windows\AutoKMS.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HP Health Check" ["c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe"]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{17DFC528-7C2F-43D9-8905-5DCC010BB549}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\system32\tasks\{9CBA29D6-BB37-4C66-B446-35C6BBB118B0}" [C:\Program Files\Skype\Phone\Skype.exe]
"C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [07-06-2014 02:33]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"hideip@hide-ip-soft.com"="C:\Windows\vf_hip" [07-07-2014 01:12]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[26-03-2014 11:01]
hakdifolhalapjijoafobooafbilfakh - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[26-03-2014 11:01]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[26-03-2014 11:01]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[26-03-2014 11:00]
meinjhkhgaalhfbinmclpmjikccbplkf - No path found[]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[26-03-2014 11:01]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
meinjhkhgaalhfbinmclpmjikccbplkf - No path found[]

YoutubeAdblocker - di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bngicgbjdlljbjfpdjloefmibalaehna
Speedy Shopper - di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp
saafeweb - di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kogcafdlgeiandmfjbleabogldhdjgha
Kaspersky URL Advisor - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj
Safe Money - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh
Dangerous Websites Blocker - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail
Virtual Keyboard - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh
Google Wallet - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Anti-Banner - di\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman
YoutubeAdblocker - di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bngicgbjdlljbjfpdjloefmibalaehna
Speedy Shopper - di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp
saafeweb - di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kogcafdlgeiandmfjbleabogldhdjgha

==== Chrome Fix ======================

C:\Users\di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bngicgbjdlljbjfpdjloefmibalaehna deleted successfully
C:\Users\di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\bngicgbjdlljbjfpdjloefmibalaehna deleted successfully
C:\Users\di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp deleted successfully
C:\Users\di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp deleted successfully
C:\Users\di\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\kogcafdlgeiandmfjbleabogldhdjgha deleted successfully
C:\Users\di\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\kogcafdlgeiandmfjbleabogldhdjgha deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://home.microsoft.com/access/autosearch.asp?p=%s"
"Default"="http://www.bing.com/search?q={searchTerms}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F60730A4A66673047777F5728467D401 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\meinjhkhgaalhfbinmclpmjikccbplkf deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F60730A4A66673047777F5728467D401 deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\di\AppData\Local\VirtualStore\Windows\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\TEMP\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\di\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\di\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=405 folders=73 40267860 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\di\AppData\Local\Temp will be emptied at reboot
C:\Users\TEMP\AppData\Local\Temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\di\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\di\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on di 08-07-2014 at 17:48:18,01 ======================