
Zoek.exe v5.0.0.0 Updated 31-07-2014
Tool run by Rijon on vr 01-08-2014 at  7:50:38,68.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Rijon\Local Settings\Downloads\zoek.exe    [Scan all users] [Script inserted] 

==== System Restore Info ======================

1-8-2014 7:51:52 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\stinger deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\WinZipEC deleted successfully
C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{83C3B2FD-37EA-4C06-A228-E9B5E32FF0B1} deleted successfully
C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\Rijon\AppData\Roaming\HpUpdate deleted successfully
C:\Users\Rijon\AppData\Roaming\Lite deleted successfully
C:\Users\Rijon\AppData\Roaming\TP deleted successfully
C:\Users\Rijon\AppData\Roaming\VMware deleted successfully
C:\Users\Rijon\AppData\Roaming\Vso deleted successfully
C:\Users\Rijon\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Rijon\AppData\Roaming\Yrew deleted successfully
C:\Users\Rijon\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Rijon\AppData\Local\DriverToolkit deleted successfully
C:\Users\Rijon\AppData\Local\PowerCinema deleted successfully
C:\Users\Rijon\AppData\Local\Soldiers deleted successfully
C:\Users\Rijon\AppData\Local\StormFall deleted successfully
C:\Users\UpdatusUser\AppData\Local\CrashDumps deleted successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcuicnt.exe] 

==== Deleting Files \ Folders ======================

"C:\$Recycle.Bin\S-1-5-18\$cab8ab867ccd745ef15d0e0e754fb0a0" not found
C:\Program Files (x86)\Common Files\ParetoLogic deleted
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted
"C:\Windows\tasks\ParetoLogic Registration3.job" deleted
"C:\Windows\tasks\ParetoLogic Update Version3.job" deleted
"C:\$Recycle.Bin\S-1-5-21-644121108-1263804581-3321629488-1001\$cab8ab867ccd745ef15d0e0e754fb0a0" deleted
"C:\$Recycle.Bin\S-1-5-21-644121108-1263804581-3321629488-1001\$cab8ab867ccd745ef15d0e0e754fb0a0\L" deleted
"C:\$Recycle.Bin\S-1-5-21-644121108-1263804581-3321629488-1001\$cab8ab867ccd745ef15d0e0e754fb0a0\U" deleted

==== Registry Search Results for "$cab8ab867ccd745ef15d0e0e754fb0a0" ======================

No instances of string "$cab8ab867ccd745ef15d0e0e754fb0a0" found.

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-07-30 17:46:08	EBF06D627D6BE5362291D4E9C01C90F7	869311591	----a-w-	C:\Windows\MEMORY.DMP
2014-07-30 10:35:47	E185BDA84E5F03F4E1D8DCA30E209277	1912	----a-w-	C:\Windows\epplauncher.mif
2014-07-25 14:53:49	C7BC96C3711C0D269DA26D1F0ECEC547	69	----a-w-	C:\Windows\NeroDigital.ini
====== C:\Users\Rijon\AppData\Local\Temp ====
2014-08-01 05:44:16	04CE58B01287E0E6F6E2D115438A9929	139776	----a-w-	C:\Users\Rijon\AppData\Local\Temp\IntResource.dll
2014-07-30 05:29:22	5C9BAD096DA815EF3E53EFEB8125B94F	851136	----a-w-	C:\Users\Rijon\AppData\Local\Temp\0039461406698162mcinst.exe
2014-07-30 05:29:11	5340E46ADE8A3DE667FC8BE751E5E4D4	166192	----a-w-	C:\Users\Rijon\AppData\Local\Temp\McTemp (2)\3770\Download_Files\InstProg.dll
2014-07-30 05:27:45	EEFD3BA2B827BA79AEBEEF8DE95C9009	348472	----a-w-	C:\Users\Rijon\AppData\Local\Temp\McInstrumentationTemp (2)\McUtil.dll
2014-07-30 05:27:45	CF0D4E039DB557B13EC20474613CD715	802672	----a-w-	C:\Users\Rijon\AppData\Local\Temp\McInstrumentationTemp (2)\McItInfo.exe
2014-07-30 05:27:45	4E37D5F0BC925638B8B2451F7C3DF14E	208392	----a-w-	C:\Users\Rijon\AppData\Local\Temp\McInstrumentationTemp (2)\McIIHlp.dll
2014-07-29 17:15:14	CF95932C00190451115C782E139DE582	264488	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll
2014-07-29 17:15:14	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe
2014-07-29 17:15:14	87AA773F15D90973090D4DF76F8E60EF	565808	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll
2014-07-29 17:15:14	2AA753368BF68871962D2E99B8692985	153760	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll
2014-07-29 17:15:14	14E9947D26B0A418AA02F87741E4B40B	769736	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll
====== Java Cache =====
2014-07-18 09:22:42	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-7c4336db
2014-07-18 09:22:42	08E756084D64CDFEA958CED49E65D984	100	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2014-07-18 09:22:41	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-44217821
2014-07-18 09:22:42	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-345c95c4
2014-07-18 16:19:58	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-3d31124f
2014-07-12 06:38:37	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Rijon\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-4e94a16a
====== C:\Windows\SysWOW64 =====
2014-07-22 15:38:18	7F26D694BC7E78958BE38D1D9AAFC2B9	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-07-22 15:38:12	FFAECE8AEC1D9CCDCEC1C55C2CA450BA	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-07-22 15:38:12	67BE34FBF29E783691C713517102E67E	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-07-22 15:38:12	419094DF76A32252ECD70730382029ED	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-07-21 19:15:00	684279A3F1035510BFFA1E160C8168F8	773120	----a-w-	C:\Windows\SysWOW64\NEROINSTAEC43759.DB
2014-07-21 19:15:00	33AB1D32C1E19660A3C2993A9C17D5AA	1414440	----a-w-	C:\Windows\SysWOW64\ShellManager310E2D762.dll
2014-07-18 20:18:09	C6A991D7DF17EBD8DE4739CD1F283133	646144	----a-w-	C:\Windows\SysWOW64\osk.exe
2014-07-18 20:18:08	492FF9C530EC0352B3C904CE9898269D	509440	----a-w-	C:\Windows\SysWOW64\qedit.dll
2014-07-18 20:18:04	F95E1E9D97D25C11F29CA34C843A6F4D	247808	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-07-18 20:18:04	C71CC796F0E2E9BD542C87532706FCFE	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-07-18 20:18:04	C61DDFE40204F3BE3DF111981D91560E	220160	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-07-18 20:18:04	8BA721F76C97A219599E88722AA48875	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-07-18 20:18:04	6CB2616152ADCDF39F05B08E4858F476	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-07-18 20:18:04	1A0BE0092646F564FAF204E678AF8E03	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-07-18 20:18:02	E3ECF5FFE3DEDF61DC6877B6A99ACBBF	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-07-18 20:17:56	67EA1BB7F6428A10C64D5A732976F871	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-07-18 20:17:56	448854C4FE94C0FA329CC38FF103DC74	51200	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-18 20:17:55	E3065F51EE0BB099EAAE48C3FC3A25B6	592896	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2014-07-18 20:17:55	BE0EA764820239F7785410CBE3880086	32256	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-18 20:17:55	91CF46BBB827E461C498A1D7D1A71AD6	32768	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-07-18 20:17:55	7C44C697BA6D0B698B91AC6516A731C3	1139200	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-07-18 20:17:53	E739AEDCA67F214F96C2520BA293B12B	526336	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-07-18 20:17:53	DFA59840BB1220AFD261FDAE83543959	17276416	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-07-18 20:17:53	9385D7C5DF2566D01B1FB150F381D50B	367616	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-07-18 20:17:52	CE94480E78CC3A1A17B53F2BB65639BD	61952	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-07-18 20:17:52	42BF66A4DC35DAD3564065173372CCE9	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-07-18 20:17:51	4B774E842F268D51DB942EF9637828B9	1964544	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-07-18 20:17:51	084FB28A790685F32A6D7D003777696D	2179072	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-07-18 20:17:50	A9F8343A3234FC7A42DDA4569827B411	43008	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-07-18 20:17:49	FC733FD7721200D5136F6F8112E97B00	11742208	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-07-18 20:17:49	F2A99A4293CAF7956FF7801D36D5A3B2	442368	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-07-18 20:17:49	A98E303FCB7058C6E78FD1FBBCBB5EEF	240824	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-07-18 20:17:49	573E522A27210701EB8A6C476D36FFF6	239616	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-07-18 20:17:47	FDA05E78813F543A6E9AC6B23EC696F2	1068032	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-18 20:17:47	98C7B1AFA0A99EE3BE99EAABEFB72CA0	4254720	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-07-18 20:17:47	09CBE4B1AEF497FC05493B09EA2C1757	112128	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2014-07-18 20:17:46	CCC198257901BEEA2FBF8EB1E7678356	1791488	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-07-18 20:17:46	8046CF629D8AE766C22145F4A6AFFBE1	164864	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-07-18 20:17:46	557D60DF85D61C290A1D09E7115B294B	62464	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-18 20:17:46	175A663547805367C10746FC416D4605	704512	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2014-07-18 20:17:46	045A91095A605BB20FF2B37546FE62B0	455168	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-07-18 20:16:57	A0E053D8D97ED0F913D56E6AF21DD26F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-07-18 20:16:57	230AAF45031E87638CA4053C0399C1E6	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-31 14:19:41	24C56D9D97371EC343278E862541B3ED	20312	----a-w-	C:\Windows\Sysnative\roboot64.exe
2014-07-31 11:02:09	A42AED7C2881D562D6D0780C037FA577	189912	----a-w-	C:\Windows\Sysnative\mfevtps.exe
2014-07-18 20:18:21	03282D1ADC4F64D27D697CBB63F972C2	519168	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-07-18 20:18:19	980394E1FF94E460C4D71C1B098A0B4F	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-07-18 20:18:09	F1726E14C8F7B40CD828345890AAF764	3157504	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-07-18 20:18:09	A064A1D9CBD7F6959AAEAEAFF96DB2E9	692736	----a-w-	C:\Windows\Sysnative\osk.exe
2014-07-18 20:18:08	D6AFBAA93169E6772565A1BC896D666B	624128	----a-w-	C:\Windows\Sysnative\qedit.dll
2014-07-18 20:18:04	E8E98B3B7A6E1250F4AA7AF8FA17D5BB	340992	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-07-18 20:18:04	E23BA7A7BD97FC6B8AB5EA32A46D05CD	307200	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-07-18 20:18:04	BFC98590EAB40C785D6134B1FA818A62	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-07-18 20:18:04	A805B5E68262302D1A60BE3DED5846C9	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-07-18 20:18:04	7D1017ED11B7C3B162628069742B5E58	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-07-18 20:18:04	79EE13A5A406E4603874686B8005DA72	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-07-18 20:18:03	C9DD5C0D5AF2D7A54BA32E8FBD3B67F1	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-07-18 20:17:56	FC50DF22550C565DD096ACFAF18A37ED	33792	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-07-18 20:17:55	DA5BAC4C5BDB22BBC6771534EA95AD33	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-07-18 20:17:55	C2F62DF01E3552DB0571FEF4D514675B	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2014-07-18 20:17:55	C0F9F52C36E584C0339406ABF6DA1FBA	266424	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-07-18 20:17:53	5E646AD50848A409291418B5759595B9	38400	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2014-07-18 20:17:51	73C7D1FCF6F58F3BF077FB42B0214BC0	1393664	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-07-18 20:17:50	391D68668CFC061F26BE593A61F745E0	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2014-07-18 20:17:49	D8E6706AECD7AA50764E126CE3F36555	631808	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-07-18 20:17:49	7176CB0FFAAC3E54ABB2014E821120F9	111616	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2014-07-18 20:17:49	2E40D5E11BCC597352EE0314AF629A0F	452608	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-07-18 20:17:48	CA67F68CEC788C0C69AD47C5125DDD8E	608768	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-07-18 20:17:48	7469D4E046BD7D155CAC2697BD28B58B	66048	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-07-18 20:17:48	1685AA234852657C4A6D253CCBBE84E0	2040832	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-07-18 20:17:47	A21C6231459F4CAC212676A9367A1A68	2768384	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-07-18 20:17:46	8B2ADE09864BF3F7AA6D395DAFEC41B5	51200	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-07-18 20:17:46	415DF2B045167D6D85223CFFF00FCFC7	292864	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-07-18 20:17:45	CD76B3D60D28634A67B0AD7CB2E45929	139264	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2014-07-18 20:17:45	945FA19B388FCF0FEA6124B5FD71C72F	1249280	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2014-07-18 20:17:45	854C5F171F5CEE272232AC0286F3B3B9	598016	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-07-18 20:17:45	366FA6D38406DC8BED62825C196144D1	13527040	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-07-18 20:17:45	1FD6C2F6AC489C271565730F6E9E1A05	85504	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-07-18 20:17:44	BDD4A74421B023C81DA63168BD10C01B	846336	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2014-07-18 20:17:44	50FF2DD806CC6CF3B3F98F9A1A711603	752640	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2014-07-18 20:17:44	4EC7738394D2BC7BCB5F7A3657F57252	5721088	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-07-18 20:17:44	2EE102DF0EDD8A1EDD3D1E9B99A91BEC	2266112	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-07-18 20:17:44	00401347C3BC466E5F2516387EBBCA7D	548352	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-07-18 20:17:43	F876957CA193B20A21D52F91418657D7	195584	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-07-18 20:17:43	89A53CDE0DA5680AF48A181D82C752CA	83968	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2014-07-18 20:17:42	FEC19C351EF1B2C998A85D1BFD765675	23464448	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-07-18 20:17:42	52012C83F7E9AF65D13F04415F0508F5	940032	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2014-07-18 20:16:57	D4CCE15190269486A5E6D4D4E597F798	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
====== C:\Windows\Sysnative\drivers =====
2014-07-31 11:10:34	12F0F8D3F84FAB8F31D073286FE131CB	2641	----a-w-	C:\Windows\Sysnative\drivers\mfencrk.inf
2014-07-31 11:10:31	691EF5966CE866B766CE00BECFCFA589	5442	----a-w-	C:\Windows\Sysnative\drivers\mfencbdc.inf
2014-07-31 11:10:22	29F981739E50305128022CBE10B3659C	197704	----a-w-	C:\Windows\Sysnative\drivers\HipShieldK.sys
2014-07-18 20:18:27	FA886682CFC5D36718D3E436AACF10B9	497152	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
====== C:\Windows\Tasks ======
2014-07-30 20:54:34	42941A056875D8DCA57BFA59C34152A0	2956	----a-w-	C:\Windows\Sysnative\Tasks\{E981C966-85CC-4047-A217-BBECFB1AD5A4}
2014-07-30 13:33:41	BFBC0D75C9B086D8E2EC64A516CB5A4B	2988	----a-w-	C:\Windows\Sysnative\Tasks\{A381054B-4C72-4948-A928-029C9F033D89}
2014-07-29 21:44:38	227BA0B89019C620517C15906CDDBC0C	2980	----a-w-	C:\Windows\Sysnative\Tasks\{0CACDB23-E95C-46AC-80B5-EF7813CB2DB0}
2014-07-29 21:44:29	227BA0B89019C620517C15906CDDBC0C	2980	----a-w-	C:\Windows\Sysnative\Tasks\{6B2EFC00-56AF-4316-B65F-83830E9C94E6}
2014-07-29 21:43:56	BFBC0D75C9B086D8E2EC64A516CB5A4B	2988	----a-w-	C:\Windows\Sysnative\Tasks\{DE651C09-86D0-4D41-849F-65C6DDD3D0D4}
2014-07-29 21:43:25	BFBC0D75C9B086D8E2EC64A516CB5A4B	2988	----a-w-	C:\Windows\Sysnative\Tasks\{B021E925-2465-417C-A89E-D913828EA70F}
2014-07-29 21:42:30	42941A056875D8DCA57BFA59C34152A0	2956	----a-w-	C:\Windows\Sysnative\Tasks\{8F10A1B8-C14B-4CEF-9014-01BF86E06713}
2014-07-29 21:42:24	42941A056875D8DCA57BFA59C34152A0	2956	----a-w-	C:\Windows\Sysnative\Tasks\{217CFED6-A10B-44A5-ABAB-631318207A9B}
2014-07-29 13:16:12	42941A056875D8DCA57BFA59C34152A0	2956	----a-w-	C:\Windows\Sysnative\Tasks\{47D01D11-9ADD-4E37-B08E-19AFC87DCBF8}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-07-30 08:53:50	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-07-31 17:20:20	--------	d-----w-	C:\PROGRA~2\Max Recorder
2014-07-31 17:20:08	--------	d-----w-	C:\PROGRA~2\COMMON~1\DFX
2014-07-31 17:20:07	--------	d-----w-	C:\PROGRA~2\DFX
2014-07-29 13:32:27	--------	d-----w-	C:\PROGRA~2\Citrix
2014-07-25 13:55:35	--------	d-----w-	C:\PROGRA~2\NSIS Uninstall Information
2014-07-22 15:38:06	--------	d-----w-	C:\PROGRA~2\Java
2014-07-22 06:08:58	--------	d-----w-	C:\PROGRA~2\MSXML 4.0
======= C: =====
2014-07-18 13:28:28	1DED9C9ECF75273B956754FB26AD3E92	553	----a-w-	C:\0
====== C:\Users\Rijon\AppData\Roaming ======
2014-07-30 16:01:30	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2014
2014-07-30 16:01:19	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\TuneUp Software
2014-07-29 16:20:17	--------	d-----w-	C:\Users\Rijon\AppData\Local\NPE
2014-07-29 15:48:19	--------	d-----w-	C:\Users\Rijon\AppData\Local\Temp
2014-07-29 13:32:24	--------	d-----w-	C:\Users\Rijon\AppData\Local\Citrix
2014-07-27 09:28:15	--------	d-----w-	C:\Users\Rijon\AppData\Roaming\DriverCure
2014-07-19 14:15:55	73A554AEDFD463DA31A8D1FBD6460C80	502576	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2014-07-14 08:20:17	D0BBED85BA7D9DDB1CB27E2B95120986	114848	----a-w-	C:\Users\Rijon\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Rijon ======
2014-07-31 17:20:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Max Recorder
2014-07-31 17:20:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2014-07-30 19:26:59	19E37453FECD42EA053B7492223FED5D	7313616	----a-w-	C:\Users\Rijon\Desktop\saSetup_3.4.0.exe
2014-07-28 10:18:35	--------	d-----w-	C:\Users\Rijon\Nieuw Map
2014-07-25 13:55:44	--------	d-----w-	C:\ProgramData\PDVD
2014-07-25 13:55:15	--------	d-----w-	C:\ProgramData\SUPPORTDIR
2014-07-25 13:55:15	--------	d-----w-	C:\ProgramData\install_clap
2014-07-22 15:38:12	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-07-21 19:36:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
2014-07-19 15:36:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-07-15 14:08:12	75E6AE98E8A6A79ABF0CF3057AA75CCA	1024	----a-w-	C:\Users\Rijon\.rnd

====== C: exe-files ==
2014-08-01 05:13:29	E7A2D42DDFE1AF501E06D27A11C170DE	827456	----a-w-	C:\Windows\temp\0080701406870009mcinst.exe
2014-07-31 17:20:22	06871BE43232FAB00BD84B984A3E6BD8	118566	----a-w-	C:\Program Files (x86)\DFX\uninstall.exe
2014-07-31 17:20:21	60BF734C6FC0B00D38838F66922828BB	139294	----a-w-	C:\Program Files (x86)\Max Recorder\uninstall.exe
2014-07-31 14:19:41	24C56D9D97371EC343278E862541B3ED	20312	----a-w-	C:\Windows\System32\roboot64.exe
2014-07-31 11:02:09	A42AED7C2881D562D6D0780C037FA577	189912	----a-w-	C:\Windows\System32\mfevtps.exe
2014-07-31 05:39:08	D014D9560CD7DB184C01BAE53E766C1A	3480040	----a-w-	C:\Users\Rijon\AppData\Local\Downloads\MCPR.exe
2014-07-30 19:26:59	19E37453FECD42EA053B7492223FED5D	7313616	----a-w-	C:\Users\Rijon\Desktop\saSetup_3.4.0.exe
2014-07-30 14:24:42	E7A2D42DDFE1AF501E06D27A11C170DE	827456	----a-w-	C:\Windows\temp\0105321406730282mcinst.exe
2014-07-30 10:43:51	31BF4892327DA51363D73953ACF8C0C0	13845688	----a-w-	C:\Users\Rijon\AppData\Local\Downloads\mseinstall.exe
2014-07-30 08:53:51	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Rijon.exe
2014-07-30 05:29:22	5C9BAD096DA815EF3E53EFEB8125B94F	851136	----a-w-	C:\Users\Rijon\AppData\Local\Temp\0039461406698162mcinst.exe
2014-07-30 05:27:45	CF0D4E039DB557B13EC20474613CD715	802672	----a-w-	C:\Users\Rijon\AppData\Local\Temp\McInstrumentationTemp (2)\McItInfo.exe
2014-07-29 21:03:01	E7A2D42DDFE1AF501E06D27A11C170DE	827456	----a-w-	C:\Windows\temp\0030381406667781mcinst.exe
2014-07-29 18:00:57	6717DFCC1727E0BB424296ADBE3B8A51	110556920	----a-w-	C:\Users\Rijon\AppData\Local\Downloads\msert.exe
2014-07-29 17:15:14	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\Rijon\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe
2014-07-29 16:19:44	ED6F7AD7951ECA0E667931761226E1AC	3082224	------w-	C:\Users\Rijon\AppData\Local\Downloads\NPE.exe
2014-07-29 14:40:45	C67A8C9C56B5B6509243C06019F82248	1579552	----a-w-	C:\Users\Rijon\AppData\Local\Downloads\getsusp (1).exe
2014-07-29 13:32:24	DD1B959AABC4B46EF49BA7B202A28926	1998232	----a-w-	C:\Users\Rijon\AppData\Local\Citrix\GoToAssist\GoToAssist_service_896.exe
2014-07-28 15:53:53	7C3030F654EADB0B16D0FF8E611BBEF2	1365547	----a-w-	C:\AdwCleaner\adwcleaner_3.301.exe
2014-07-25 13:55:35	3EA8FCE70A43282DE4A20119A531348C	392947	----a-w-	C:\Program Files (x86)\NSIS Uninstall Information\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}\Setup.exe
=== C: other files ==
2014-07-31 11:10:22	29F981739E50305128022CBE10B3659C	197704	----a-w-	C:\Windows\System32\drivers\HipShieldK.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-644121108-1263804581-3321629488-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Syncables"="C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
"HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN14Q2C0CZ05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"{91140000-0011-0000-0000-0000000FF1CE}"="C:\Windows\system32\cmd.exe /C del C:\ProgramData\Microsoft Help\Rgstrtn.lck /Q /A:H"
"{90140000-0018-0413-0000-0000000FF1CE}"="C:\Windows\system32\cmd.exe /C del C:\ProgramData\Microsoft Help\Rgstrtn.lck /Q /A:H"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"{91140000-0011-0000-0000-0000000FF1CE}"="C:\Windows\system32\cmd.exe /C del C:\ProgramData\Microsoft Help\Rgstrtn.lck /Q /A:H"
"{90140000-0018-0413-0000-0000000FF1CE}"="C:\Windows\system32\cmd.exe /C del C:\ProgramData\Microsoft Help\Rgstrtn.lck /Q /A:H"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"SonicMasterTray"="C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe"
"FLxHCIm"="C:\Program Files\Fresco Logic Inc\Fresco Logic USB3.0 Host Controller\host\FLxHCIm.exe"
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"VAWinAgent"="C:\ExpressGateUtil\VAWinAgent.exe"
"RemoteControl10"="C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe"
"UpdatePSTShortCut"="C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Cyberlink\DVD Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter"
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"NBKeyScan"="C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"mcpltui_exe"="C:\Program Files\Common~1\McAfee\Platform\mcuicnt.exe /platui /runkey"
"DFX"="C:\Program Files (x86)\DFX\DFX.exe -startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"
"Syncables"="C:\Program Files (x86)\syncables\syncables desktop\Syncables.exe"
"OfficeSyncProcess"="C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"
"HP Deskjet 3070 B611 series (NET)"="C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\ScanToPCActivationApp.exe -deviceID CN14Q2C0CZ05MQ:NW -scfn HP Deskjet 3070 B611 series (NET) -AutoStart 1"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="C:\Program Files (x86)\Atheros\Bluetooth Suite\BtvStack.exe"
"AthBtTray"="C:\Program Files (x86)\Atheros\Bluetooth Suite\AthBtTray.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3"
"ETDWare"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"HP Software Update"="C:\\Program Files (x86)\\Hp\\HP Software Update\\HPWuSchd2.exe"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2014-01-13 08:23:02	1956	----a-w-	C:\Users\Rijon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3070 B611 series (netwerk).lnk
2011-11-15 16:10:30	1204	----a-w-	C:\Users\Rijon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherFree.lnk
2014-07-30 20:21:49	1154	----a-w-	C:\Users\Rijon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MailWasherPro.lnk
2011-04-13 02:49:43	2062	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
2011-08-23 08:48:01	2617	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [18-07-2014 22:47]
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf4a4c50154a1.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA1cf27c04674f1b1.job --a------ [Undetermined Task]
C:\Windows\tasks\HP Photo Creations Communicator.job --a------ C:\ProgramData\HP Photo Creations\Communicator.exe [20-09-2011 11:11]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\awditSkipUAC" [C:\Users\Rijon\AppData\Roaming\Reincubate\awdit Desktop\awdit-desktop.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\Driver Booster SkipUAC (Rijon)" [C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Rijon\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore1cf4a4c50154a1" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA1cf27c04674f1b1" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP Photo Creations Communicator" [C:\ProgramData\HP Photo Creations\Communicator.exe]
"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Deskjet 3070 B611 series" ["C:\Program Files\HP\HP Deskjet 3070 B611 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe]
"C:\Windows\SysNative\tasks\{07E2ECC4-29C7-4EC3-A776-C3E69A167A96}" [C:\Program Files (x86)\Philips\Philips Digital Media Manager\PCDMM\PCDMM.exe]
"C:\Windows\SysNative\tasks\{0CACDB23-E95C-46AC-80B5-EF7813CB2DB0}" [C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe]
"C:\Windows\SysNative\tasks\{109D6723-712F-4FC9-B3AA-3FD118C0D289}" [C:\Program Files (x86)\Philips\Philips Digital Media Manager\PCDMM\PCDMM.exe]
"C:\Windows\SysNative\tasks\{10B7FE5E-EE75-451B-A7E6-63C5667CE3BA}" [C:\FLAC To MP3\flac2mp3.exe]
"C:\Windows\SysNative\tasks\{217CFED6-A10B-44A5-ABAB-631318207A9B}" [C:\Program Files\McAfee.com\Agent\mcagent.exe]
"C:\Windows\SysNative\tasks\{31646315-966C-4F7B-8AA3-DF42BE9CA9EF}" [C:\Program Files (x86)\DFX\DFX.exe]
"C:\Windows\SysNative\tasks\{47D01D11-9ADD-4E37-B08E-19AFC87DCBF8}" [C:\Program Files\McAfee.com\Agent\mcagent.exe]
"C:\Windows\SysNative\tasks\{51849723-58D8-4BCE-94BA-48A60DD4E352}" [F:\DTVP_Launcher.exe]
"C:\Windows\SysNative\tasks\{5CDF9262-576B-496B-9D96-A20883BC1B51}" [C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe]
"C:\Windows\SysNative\tasks\{6B2EFC00-56AF-4316-B65F-83830E9C94E6}" [C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe]
"C:\Windows\SysNative\tasks\{731D1A89-6B0D-4D18-BF57-A6CB33B55A44}" [C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe]
"C:\Windows\SysNative\tasks\{8F10A1B8-C14B-4CEF-9014-01BF86E06713}" [C:\Program Files\McAfee.com\Agent\mcagent.exe]
"C:\Windows\SysNative\tasks\{A2A2ABBD-D449-4AE0-AB1C-9C1B32DF706C}" [C:\FLAC To MP3\flac2mp3.exe]
"C:\Windows\SysNative\tasks\{A381054B-4C72-4948-A928-029C9F033D89}" [C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe]
"C:\Windows\SysNative\tasks\{A60E0330-A2D3-4AA7-A53A-DC4521951214}" [F:\DTVP_Launcher.exe]
"C:\Windows\SysNative\tasks\{ADB24E89-EAF3-4676-9FD0-C08C7DF7D5D2}" [C:\FLAC To MP3\flac2mp3.exe]
"C:\Windows\SysNative\tasks\{B021E925-2465-417C-A89E-D913828EA70F}" [C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe]
"C:\Windows\SysNative\tasks\{D99207A7-E77A-437C-8398-9EF56E846EDE}" [F:\DTVP_Launcher.exe]
"C:\Windows\SysNative\tasks\{DE651C09-86D0-4D41-849F-65C6DDD3D0D4}" [C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe]
"C:\Windows\SysNative\tasks\{E595115E-6686-4D54-91F7-DBB558ADBF92}" [C:\FLAC To MP3\flac2mp3.exe]
"C:\Windows\SysNative\tasks\{E7BA9C85-5342-48C0-BB5D-1AF80D9B9C0D}" [C:\Program Files (x86)\Philips\Philips Digital Media Manager\PCDMM\PCDMM.exe]
"C:\Windows\SysNative\tasks\{E981C966-85CC-4047-A217-BBECFB1AD5A4}" [C:\Program Files\McAfee.com\Agent\mcagent.exe]
"C:\Windows\SysNative\tasks\{EE7EDEB2-1AB3-4620-8D85-B6E312377347}" [C:\FLAC To MP3\flac2mp3.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [01-08-2014 07:13]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Rijon\AppData\Roaming\Mozilla\Firefox\Profiles\cdnzskek.default-1394974712706
- McAfee SiteAdvisor - C:\Program Files (x86)\McAfee\SiteAdvisor
- Start Page - %ProfilePath%\extensions\{58d2a791-6199-482f-a9aa-9b725ec61362}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Rijon\AppData\Roaming\Mozilla\Firefox\Profiles\kuotoozg.default-1391153090336
- Undetermined - %ProfilePath%\extensions\iobitapps@mybrowserbar.com

ProfilePath: C:\Users\Rijon\AppData\Roaming\TomTom\HOME\Profiles\6tb2ga9j.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.544.1836@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.057.562242@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Rijon\AppData\Roaming\Mozilla\Firefox\Profiles\cdnzskek.default-1394974712706
4390CCD3790F8D9C427C0C29590C62D7	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll -	Shockwave Flash
87132527E2256CF6683A18C4EB34DD3B	- C:\Windows\system32\Wat\npWatWeb.dll -	Windows Activation Technologies
F4D52B252DA08B647F2BD5379191A741	- C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll -	RocketLife Secure Plug-In Layer


==== C:\zoek_backup content ======================

C:\zoek_backup (files=15 folders=8 3694956 bytes)

==== After Reboot ======================

==== EOF on vr 01-08-2014 at  8:03:39,68 ======================