
Zoek.exe v5.0.0.0 Updated 27-09-2014
Tool run by Gebruiker on za 27/09/2014 at 12:07:40,97.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\Zoek\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2014-05-18-071108.log	63312 bytes
C:\zoek-results2014-05-19-194920.log	45945 bytes
C:\zoek-results2014-05-21-131054.log	9858 bytes
C:\zoek-results2014-09-22-171346.log	16309 bytes
C:\zoek-results2014-09-24-131858.log	50570 bytes

==== Empty Folders Check ======================

C:\Users\Gebruiker\AppData\Roaming\Publish Providers deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
C:\Program Files\Acer\Acer Updater\UpdaterService.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe
C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\NIS.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe
C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
c:\program files (x86)\teamviewer\version9\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe
C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe
C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Fraps\fraps.exe
c:\program files (x86)\teamviewer\version9\TeamViewer_Desktop.exe
C:\Users\Gebruiker\Desktop\Zoek\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 8044 MB
CPU Info: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
CPU Speed: 2470,8 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Atheros AR5B97 Wireless Network Adapter | Microsoft Virtual WiFi Miniport Adapter
CD / DVD Drives: 1x (E: | ) E: MATSHITADVD-RAM UJ8B0AW
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  449,7GB | D:  465,8GB
Hard Disks - Free: C:  34,4GB | D:  183,3GB
Manufacturer *: Acer
BIOS Info: AT/AT COMPATIBLE | 12/30/11 | ACRSYS - 1
Time Zone: West-Europa (standaardtijd)
Motherboard *: Acer JE70_HR
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated)
Anti-Spyware: Norton Internet Security disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Firewall: Norton Internet Security disabled
Default Browser: Google Chrome	32.0.1700.107
Internet Explorer Version: 11.0.9600.17280 
Google Chrome version: 32.0.1700.107
Adobe Reader version: 10.1.12.15
Sun Java version: 1.7.0_67 (32-bit) 
Sun Java version: 1.7.0 (64-bit) 
Flash Player version: 14.0.0.125

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2014-09-20 06:26:48	22385EE33688B10B61DA1D8CA9549E4B	120192	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\clear.fiClient\cabarc.exe
2014-09-19 20:11:51	CF95932C00190451115C782E139DE582	264488	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll
2014-09-19 20:11:50	C4CF03B998D4D758B89CD07F22D7A7F9	645168	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe
2014-09-19 20:11:50	87AA773F15D90973090D4DF76F8E60EF	565808	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll
2014-09-19 20:11:50	2AA753368BF68871962D2E99B8692985	153760	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll
2014-09-19 20:11:50	14E9947D26B0A418AA02F87741E4B40B	769736	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-09-18 16:44:33	07EF2978A5BC36720378F95566697FD8	272808	----a-w-	C:\Windows\SysWOW64\javaws.exe
2014-09-18 16:44:27	3BDEB17FE6390BFF1BF3A2D964DE8E48	175528	----a-w-	C:\Windows\SysWOW64\javaw.exe
2014-09-18 16:44:27	11FD45A41DF45298686ED39062AABE2A	175528	----a-w-	C:\Windows\SysWOW64\java.exe
2014-09-18 16:44:27	0F70F4DAF2BC5613EE75C9B2585CE67E	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-09-20 10:30:02	E16E2431516D904CED3946AD3FF8C86B	854	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF
2014-09-20 10:30:02	97E11C50CE52277B377396EA8838E539	177752	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS
2014-09-20 10:30:02	7846ED59291A134CC5DD017C6EC7B433	8222	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-09-18 16:44:40	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-09-06 09:54:27	--------	d-----w-	C:\PROGRA~2\uTorrent
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2014-09-13 15:29:00	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps
2014-09-04 16:32:26	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\BitTorrent
====== C:\Users\Gebruiker ======
2014-09-25 17:54:06	CF8C9FC7A1679A8C278F738166B5BD2A	615304	----a-w-	C:\Users\Gebruiker\Downloads\CreativeCloudSet-Up.exe
2014-09-20 10:12:15	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Desktop\RSITx64.exe
2014-09-11 18:15:28	489E06DA1C3594EE45DEAC8A61E30BDD	647430148	----a-w-	C:\Users\Gebruiker\0032.avi
2014-09-11 18:13:26	07452D54C7E46A81C59EC6A10A5A5FAB	496627524	----a-w-	C:\Users\Gebruiker\0031.avi
2014-09-11 17:48:23	A49A62685990D47F3D3EB970ECDF2A32	1618739910	----a-w-	C:\Users\Gebruiker\0030.avi
2014-09-11 17:48:12	0A0C3D84A3A872C7755EB7FCAE752B76	10591006	----a-w-	C:\Users\Gebruiker\0029.avi
2014-09-11 16:21:43	63E53AE246E31819103D10674CDA96E8	10520	----a-w-	C:\Users\Gebruiker\0028.avi.sfk
2014-09-11 16:21:02	F84A4314C97F87FE39F9E80196946D80	81391494	----a-w-	C:\Users\Gebruiker\0028.avi
2014-09-11 16:18:18	BC42B66B339CE0E89A95B0DC5E3E92A7	61684582	----a-w-	C:\Users\Gebruiker\0027.avi
2014-09-11 16:15:54	549F0BEAC03669BEEBF2CA4F63189381	137990998	----a-w-	C:\Users\Gebruiker\0026.avi
2014-09-04 15:50:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends

====== C: exe-files ==
2014-09-25 17:52:56	FEE8993774D370A467F3C376D5E0A7A6	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I0BV91Q.exe
2014-09-25 17:52:56	F60634EEFFD296365B6807895AB2028A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IFII4G3.exe
2014-09-25 17:52:56	D574B27A3AD860E14E1C0A4EDEEF260B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IAACI4F.exe
2014-09-25 17:52:56	C11DBD73A5CF9B0D01EB215E9CDAD51A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IZN61LC.exe
2014-09-25 17:52:56	AAF9AD7A5D9AC15C793430645485586D	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IWYC284.exe
2014-09-25 17:52:56	A3FD27FA35E7B02AC4A03A579356206E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IYHU3U5.exe
2014-09-25 17:52:56	A0F82D2CA9831CE75583E4B72A6CD447	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IJGK0YE.exe
2014-09-25 17:52:56	9CEE7876A1D5C773E7C8F6A27926D7D2	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I9HTDOH.exe
2014-09-25 17:52:56	829A1F55232A311CCADF79AD124A4C12	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IK00I2D.exe
2014-09-25 17:52:56	813B103E9A345E88B0B11E40F54E1568	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I9VLJZ2.exe
2014-09-25 17:52:56	69A7A25C8DEDCD7190A9FBC252E0F425	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I6I4M6X.exe
2014-09-25 17:52:56	524770052044BAC43FE8521C949AEC42	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ILUB0IL.exe
2014-09-25 17:52:56	4A969D7CCA0658C4E30196FD09671C1A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ISKP2B6.exe
2014-09-25 17:52:56	439E6806BE0900131B48BD1450850D18	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I4MZ71L.exe
2014-09-25 17:52:56	373AF17C89AA208B768D482BCA5A4F20	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I8E821D.exe
2014-09-25 17:52:56	33ED02F8758338C9B065A8979C91FDBB	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ISOWAAS.exe
2014-09-25 17:52:56	267C55356D6847BFB6B3E3D6175E920A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IHTI9N3.exe
2014-09-25 17:52:56	12AE650B286A3A1A2DDF9C5B5524BD3A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IEGVPM0.exe
2014-09-25 17:52:56	0BCA780E0C0D597D3122E9E2A92BCC12	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IVIRD5P.exe
2014-09-25 17:52:56	0569F8B06B30BA92710D36D5AFD2D8D4	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I4XM7VT.exe
2014-09-25 17:52:56	02AE3C76D9D51FCB1F9A7EA1F1CCC813	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IF5CWRR.exe
2014-09-25 17:52:55	C90EAD7B8B383EC8783C5AFBB6F07575	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$II9RJ0Y.exe
2014-09-25 17:52:55	B7A87DEBDCBAF8246C8A401BF0653A00	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IB3920K.exe
2014-09-25 17:52:55	7990D352D4C9DED316E35E2E64CD8592	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$INDWGUB.exe
2014-09-25 17:52:55	6C78278E3AB02F6AA7735CF20F42D5F2	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IL3BTPA.exe
2014-09-25 17:52:55	65801975A03957467147E6B46307928F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I46TOO6.exe
2014-09-25 17:52:55	4CEB957C02928E625ECFDBDF07492694	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ISDOHHZ.exe
2014-09-25 17:52:55	3C8F49FF3763DBB83C59EA6ACB21FC7F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ISHCH9S.exe
2014-09-25 17:52:55	2BE606A4C2A38C1648E0D543F654DB95	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IN8AMO8.exe
2014-09-25 17:52:55	2B3AD976DD1E11E2B2B442A444688F4E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ITE6P6Y.exe
2014-09-25 17:52:55	2878BA32FCEA07C0051A64B1B96B40B1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IKWB7JY.exe
2014-09-25 17:52:55	0EA86D1E70A952FFABA0574E66C09E4B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I6LGZQ3.exe
2014-09-25 17:52:55	0513046DA7AC61230D5840CA899EBE1A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IW1M3QQ.exe
2014-09-25 17:52:54	9837555862FA912173ADB37573DF7C98	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ILODMCY.exe
2014-09-25 17:52:54	8AF7B446962ED86C6646E497A078726B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IUGG7SS.exe
2014-09-25 17:52:54	1A48745B5E4E4FD0026E7E6E610D4637	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IA6IOIT.exe
2014-09-25 17:52:54	0105CCA3BFB03B26403F4537EBA51F56	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ICKEHEJ.exe
2014-09-25 17:52:53	AE03F6ED92232D6938B036587F0A4C8B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ITK1EWE.exe
2014-09-25 17:52:53	6F43E26A3F734D74F8D78A79AC7F7CD3	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IFVB6IU.exe
2014-09-25 17:52:53	3B1BE9A6A74FA940A2B65BF181EBD76E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ILTULBJ.exe
2014-09-25 17:52:53	16B79ED88E44ECF1DFED92013F858A1B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IBSVKC8.exe
2014-09-25 17:52:53	10A89B2C480D6299D79808480259B206	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I30VZQ6.exe
2014-09-25 17:52:52	FFC0A93FAD228E6D91C554A38A60073D	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I2Z1A0H.exe
2014-09-25 17:52:52	BC4C090050325803B81BEB6DBC480B87	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IIXS3MZ.exe
2014-09-25 17:52:52	8706B61CB371B6A51DE34697EBE1A06F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ICQ8BY7.exe
2014-09-25 17:52:52	6B9C4CF334D996FDA068C8ADD667BA14	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ICS8H6E.exe
2014-09-25 17:52:52	4CADE49C62411D2DF673277E615A6A6A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IZ0T7NL.exe
2014-09-25 17:52:52	48E573568E58797777FEC39A90256A71	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I8POWU5.exe
2014-09-23 18:14:50	337166EE06E60A803FAFA29F8189AF63	614792	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$R2Z1A0H.exe
=== C: other files ==
2014-09-27 10:03:53	89221D87D3B412D035B3EC4458BED2CC	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ID1J4B9.com
2014-09-25 17:52:56	CB7527E907EF5DB992A0BB4C2039FE5B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IWA84ZV.zip
2014-09-25 17:52:56	CA5A0988FE3E4E2CD1344AD03EFA687F	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I88XA4S.zip
2014-09-25 17:52:56	59AB1F824955C7D6EE7A9B07223874A4	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IHDKIZR.zip
2014-09-25 17:52:56	473415637745E507CB103885E157B681	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IZPID48.zip
2014-09-25 17:52:56	3C5D5D5693DDD6BC5FA1B06DFA57953C	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$INBZK06.zip
2014-09-25 17:52:56	0E7C07090EB48E463D0B8B1A7ED53D96	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IDFPRMU.zip
2014-09-25 17:52:56	09DD0BDE227DEE44DA67A04D0F96D990	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$ILJFBTS.zip
2014-09-25 17:52:55	EBD87406F7CAAA0389B3B161CBE7FF85	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IL1DQMC.zip
2014-09-25 17:52:55	E990EB14D302242100CA00300B128A20	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IQSO0HK.zip
2014-09-25 17:52:55	A70C88035E30D23F1059F48F0866061A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IN5O3X1.zip
2014-09-25 17:52:55	77F7347167D0AA19952EE744197C58AD	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IBPAAM0.zip
2014-09-25 17:52:55	76FAC2CE9A8DAE8E271C2C45D53513ED	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$INXCMS7.zip
2014-09-25 17:52:55	6D7A8D543CA0D99B3829E676237788B8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IFF7IUR.zip
2014-09-25 17:52:55	6A1FE81AD37E2742A1CEB909278A2015	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IWBXNEP.zip
2014-09-25 17:52:55	00BF336384DBA56563EAD7FB81D9C3A1	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IQYO8YS.zip
2014-09-25 17:52:54	F74951E65617F76FEA5AA6E077E1A866	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I6G072B.zip
2014-09-25 17:52:54	DD723994E406BA36BC4652F3AE1C11A8	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IJJA0Y8.zip
2014-09-25 17:52:54	BFC6C2E2D32D467DCBF2921DA141CF51	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I9UF7WL.zip
2014-09-25 17:52:54	BE91B3AEBA3637834DD015A5E5057054	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IG8I54E.zip
2014-09-25 17:52:54	ABDC4BA47B6B37FB33F72C65CD226527	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IMQYU6M.zip
2014-09-25 17:52:54	A77B9983FF25EF0B1AB1F3041A413117	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I1OKF2Z.zip
2014-09-25 17:52:54	9BB84C6BDACE229380ED102402426A90	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IZRB9ID.zip
2014-09-25 17:52:54	93AD4A4F3FD8205A06CF3A0106CFA94E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IJFG7VS.zip
2014-09-25 17:52:54	83BA4705F1CD8B6764F9A8D8DA8D0979	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IGXLOWH.zip
2014-09-25 17:52:54	65191622F52BD5E8824E07DB82865B1B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I5W3SEC.zip
2014-09-25 17:52:54	609F4F4EEB3BDC008B5BC50CC04A6040	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IKHBT85.zip
2014-09-25 17:52:54	5D91EED1D6C3A7FF1C14AF58626EE114	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IWK4QK0.zip
2014-09-25 17:52:54	5770A7D637B7AE4E2A933A4539F1FE35	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I403FV3.zip
2014-09-25 17:52:54	4FBD1A1F71FBB5F1625321994688C88E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IXVJ6D6.zip
2014-09-25 17:52:54	24B90323D1962588DFBE772C8F945952	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IOR1BPK.zip
2014-09-25 17:52:53	F8DEF773F06C143BDDEEB1021CF91B6E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IGV8BR1.zip
2014-09-25 17:52:53	F420FC1696E7214C40C87C57F4BFEDF2	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$I7K51E1.zip
2014-09-25 17:52:53	ABFB5DB7D6D1B40AFFC3E8A7D49AC237	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IT9HE4Z.zip
2014-09-25 17:52:53	AA2A5271FB9F8654E1C977180710809A	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IAVY1ZT.zip
2014-09-25 17:52:53	1A398FECD44A8C3CE3659CE148652D5B	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IPEMQ71.zip
2014-09-25 17:52:53	12EE8B08269512010FC4C551D4B7BD45	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IZ667X5.zip
2014-09-24 17:53:03	9AD9635F9755EA0F226D2704672F5107	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$IFTXRM9.com
2014-09-24 12:21:17	90641F5394C9762938D8B516CD46B498	1421585	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RFTXRM9.com
2014-09-24 12:18:24	90641F5394C9762938D8B516CD46B498	1421585	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2239336281-3048674072-2116327964-1000\$RD1J4B9.com
2014-09-20 13:31:54	5570A74FF9B1EFBC5154DD1E2F05C517	593112	----a-w-	C:\Windows\System32\drivers\NISx64\1505000.013\symnets.sys
2014-09-20 13:31:53	F718A57D946EAC76EFCB351D74E269F4	875736	----a-w-	C:\Windows\System32\drivers\NISx64\1505000.013\srtsp64.sys
2014-09-20 13:31:53	B18CE01B9C09C59422BA7C7064248B35	36952	----a-r-	C:\Windows\System32\drivers\NISx64\1505000.013\srtspx64.sys
2014-09-20 13:31:53	9F31630D7FC2DD9D5DA1CE359AAD1F46	1148120	----a-w-	C:\Windows\System32\drivers\NISx64\1505000.013\symefa64.sys
2014-09-20 13:31:53	5C9EE2303CA7F267665D75237862B39C	493656	----a-r-	C:\Windows\System32\drivers\NISx64\1505000.013\symds64.sys
2014-09-20 13:31:53	48C2934683CBD06F662B088EEF49EF6A	264280	----a-r-	C:\Windows\System32\drivers\NISx64\1505000.013\ironx64.sys
2014-09-20 13:31:53	20F758E6339A16F97DD83389D582E09A	23568	----a-r-	C:\Windows\System32\drivers\NISx64\1505000.013\symelam.sys
2014-09-20 13:31:53	0510396A957E9FD7205BA62D3CAE4528	162392	----a-r-	C:\Windows\System32\drivers\NISx64\1505000.013\ccsetx64.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2239336281-3048674072-2116327964-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Akamai NetSession Interface]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Akamai NetSession Interface"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Akamai\\netsession_win.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Cm108Sound]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Cm108Sound"
"hkey"="HKLM"
"command"="C:\\Windows\\syswow64\\RunDll32.exe C:\\Windows\\Syswow64\\cm108.dll,CMICtrlWnd"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Advanced Audio v2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dolby Advanced Audio v2"
"hkey"="HKLM"
"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nikon Message Center 2]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Nikon Message Center 2"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Nikon\\Nikon Message Center 2\\NkMC2.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Gebruiker\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartCCC]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartCCC"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe\" MSRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Gebruiker^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Google.com.url]
"path"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Google.com.url"
"backup"="C:\\Windows\\pss\\Google.com.url.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Gebruiker\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Google.com.url"
"item"="Google.com"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMD External Events Utility]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Apple Mobile Device]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BBSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\CltMngSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\DsiWMIService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GamesAppService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\iPod Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LMIGuardianSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTI IScheduleSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RealNetworks Downloader Resolver Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Steam Client Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer7]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TeamViewer9]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc]


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"IntelTBRunOnce"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\""


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/06/2014 13:32]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [14/09/2012 19:09]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe [14/09/2012 19:09]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/12/2012 17:27]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09/12/2012 17:27]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe [09/12/2012 17:27]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA" [C:\Users\Gebruiker\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000Core" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2239336281-3048674072-2116327964-1000UA" [C:\Users\Gebruiker\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\WSCStub.exe"]
"C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2239336281-3048674072-2116327964-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2239336281-3048674072-2116327964-1000" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{483FE4A1-9C00-4023-98C5-0DD3A90C818C}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]
"C:\Windows\SysNative\tasks\{5B4C654B-E65F-4F32-A7A5-D2C683D55484}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]
"C:\Windows\SysNative\tasks\{5F517ECA-4697-4A56-91B4-F209F0C2A0DB}" [C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE]
"C:\Windows\SysNative\tasks\{90118DB7-F1AB-4F5D-9194-1EB8EB6DED77}" ["c:\users\gebruiker\appdata\local\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn" [24/09/2014 19:47]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 18:22]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.5.0.19\Exts\Chrome.crx[31/07/2014 07:47]
nppllibpnmahfaklnpggkibhkapjkeob - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\Exts\Chrome.crx[31/07/2014 07:47]

Google Docs - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Identity Protection - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Battlefield Play4Free - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Gmail - Gast.Gebruiker-PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Battlefield Heroes - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh
Last updated at time on date - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Skype Click to Call - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Security Toolbar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Norton Security Toolbar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nppllibpnmahfaklnpggkibhkapjkeob
Battlefield Play4Free - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiokahphinmbmakkehgelkmpolmnbkdh
Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Skype Click to Call - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Norton Identity Protection - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Backup.Old.Start Page"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Backup.Old.Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7PRFD_nlBE565"