
Zoek.exe v5.0.0.0 Updated 15-01-2015
Tool run by Nel on zo 18-01-2015 at 20:32:42,17.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nel\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-01-18-141416.log	99552 bytes

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Nel\AppData\Local\Temp ====
2015-01-17 18:12:09	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\Nel\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
2015-01-15 16:35:12	2A276BA2B7782476302C59D0F760F4BC	117560	------w-	C:\Users\Nel\AppData\Local\Temp\{2A735270-FAD2-4783-94C1-C2FA0050282C}\ISBEW64.exe
2015-01-15 16:34:12	E17BC8B35F06807103A812C8E18AB467	944016	----a-w-	C:\Users\Nel\AppData\Local\Temp\4215A522-74AA-43E8-BC6D-479BC5B6808E\Setup.exe
2015-01-15 16:34:12	969E4F07A2B59B1B49DE2C8CE84227A8	341904	----a-w-	C:\Users\Nel\AppData\Local\Temp\4215A522-74AA-43E8-BC6D-479BC5B6808E\Script.dll
2015-01-15 16:34:12	53E73A4F03B80747C937FF152F04BB2A	276368	----a-w-	C:\Users\Nel\AppData\Local\Temp\4215A522-74AA-43E8-BC6D-479BC5B6808E\SetupXML.dll
2015-01-15 16:16:54	E17BC8B35F06807103A812C8E18AB467	944016	----a-w-	C:\Users\Nel\AppData\Local\Temp\F2D87B5F-89C2-4ECE-B2DC-AF8D65BE4735\Setup.exe
2015-01-15 16:16:54	969E4F07A2B59B1B49DE2C8CE84227A8	341904	----a-w-	C:\Users\Nel\AppData\Local\Temp\F2D87B5F-89C2-4ECE-B2DC-AF8D65BE4735\Script.dll
2015-01-15 16:16:54	53E73A4F03B80747C937FF152F04BB2A	276368	----a-w-	C:\Users\Nel\AppData\Local\Temp\F2D87B5F-89C2-4ECE-B2DC-AF8D65BE4735\SetupXML.dll
====== Java Cache =====
2015-01-18 12:36:28	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Nel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-5fbe714f
2015-01-18 12:36:04	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Nel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-564462f5
2015-01-18 12:36:04	BA509314252AA335B024D1028EF8D573	99	----a-w-	C:\Users\Nel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-01-18 12:36:03	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Nel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-200e53a4
2015-01-18 12:36:04	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Nel\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-31707ed9
====== C:\Windows\SysWOW64 =====
2015-01-18 12:34:55	A042349B7208BF8BED858B1E9B48B06D	98216	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-01-15 08:03:11	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 08:03:11	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 08:03:10	9606307F5E1EABA98ACB61206EFC2127	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-01-14 07:24:34	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-01-14 07:24:34	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-15 08:03:13	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-01-15 08:03:11	F4846789B3795F14DCB7D92ED1DAF74F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-01-15 08:03:10	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-01-15 08:03:10	BA6D609BAB615991E8791CA1DFFD034C	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
2015-01-14 07:24:34	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-01-14 07:24:34	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
2015-01-14 07:24:33	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
====== C:\Windows\Sysnative\drivers =====
2015-01-15 08:03:27	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-01-18 12:35:14	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-01-18 12:34:02	--------	d-----w-	C:\PROGRA~2\Java
2015-01-15 16:46:27	--------	d-----w-	C:\PROGRA~2\COMMON~1\Protexis
======= C: =====
====== C:\Users\Nel\AppData\Roaming ======
2015-01-15 16:47:20	--------	d-----w-	C:\Users\Nel\AppData\Roaming\Ulead Systems
2015-01-15 16:47:18	--------	d-----w-	C:\Users\Nel\AppData\Local\Corel PaintShop Pro
2014-12-20 09:33:46	--------	d-----w-	C:\Users\Nel\AppData\Local\SoftonicAssistant
====== C:\Users\Nel ======
2015-01-18 12:34:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-01-18 12:22:08	92F975B07E65EF3AE67D89A016FDAACC	638888	----a-w-	C:\Users\Nel\Desktop\JavaSetup8u25.com
2015-01-15 16:45:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel PaintShop Pro X4

====== C: exe-files ==
2015-01-18 12:34:47	75D477E868CA51EC1B09D730570F322B	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-01-18 12:34:47	691D49FB44EDE9788288CABE4F7E0DAF	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-01-18 12:34:46	AA3520FB0133A56BEE1DB34D74DBEF64	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-01-18 12:34:35	67F763B09F4BC8689E6FA9761E068D74	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe
2015-01-18 12:34:35	28FC00F89631B0F6E1E9CA386FADD566	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe
2015-01-18 12:34:34	DC197DCE6325CBAC905DE0D0E3BA3E8E	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe
2015-01-18 12:34:34	57E1F756FAA787623DFCD2C1B2AACC68	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe
2015-01-18 12:34:34	33D2AF53E209DA3E2BA939EB89801DC0	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe
2015-01-18 12:34:34	29E65AC6AFD8A0A9CAA361FF6F7B4886	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe
2015-01-18 12:34:33	E3E6B18458FFB07CB24D7A0BA77C9FDF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe
2015-01-18 12:34:33	7AB1F1B3FB6C3DACA34EA2F988CDF5AC	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe
2015-01-18 12:34:33	75EE99C7F0038C746D82C76221ECA4EF	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe
2015-01-18 12:34:32	B719E0F43166037DF46B5CFBE60A5118	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe
2015-01-18 12:34:32	A458E2535E46151690E53E2A03FAA711	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe
2015-01-18 12:34:32	9BFAEF308D50779F6B255CB7BA7DCA5A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe
2015-01-18 12:34:32	4367C05B0CF5553E71B34F51003D0615	76200	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe
2015-01-18 12:34:32	4109C4DB4BD48F5BF8115C7523A6B6F8	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe
2015-01-18 12:34:32	26C7F32186B1F0364CD06EA69227A79D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe
2015-01-18 12:34:31	BB8C890E3E6372F2720709262BD42BF4	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe
2015-01-18 12:34:31	AA3520FB0133A56BEE1DB34D74DBEF64	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe
2015-01-18 12:34:31	75D477E868CA51EC1B09D730570F322B	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe
2015-01-18 12:34:31	74713E9C1B01B152DDD3A1A3519A3647	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe
2015-01-18 12:34:31	70E67429D2C011FD0419AF899A8D0D70	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe
2015-01-18 12:34:31	691D49FB44EDE9788288CABE4F7E0DAF	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe
2015-01-17 18:12:09	3F512AF8DB108FCA028BA731CE0B4700	224408	----a-w-	C:\Users\Nel\AppData\Local\Temp\{AC76BA86-7AD7-1043-7B44-AB0000000001}\FixTransforms.exe
2015-01-15 16:35:12	2A276BA2B7782476302C59D0F760F4BC	117560	------w-	C:\Users\Nel\AppData\Local\Temp\{2A735270-FAD2-4783-94C1-C2FA0050282C}\ISBEW64.exe
2015-01-15 16:34:12	E17BC8B35F06807103A812C8E18AB467	944016	----a-w-	C:\Users\Nel\AppData\Local\Temp\4215A522-74AA-43E8-BC6D-479BC5B6808E\Setup.exe
2015-01-15 16:16:54	E17BC8B35F06807103A812C8E18AB467	944016	----a-w-	C:\Users\Nel\AppData\Local\Temp\F2D87B5F-89C2-4ECE-B2DC-AF8D65BE4735\Setup.exe
2015-01-15 08:03:13	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-01-15 08:03:11	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2015-01-15 08:03:11	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-15 08:03:10	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\System32\rstrui.exe
2015-01-14 07:24:33	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\System32\TSWbPrxy.exe
=== C: other files ==
2015-01-18 19:10:43	0B0ACBA32817B3544582BC60E7AB331F	60422926	----a-w-	C:\Users\Nel\Pictures\DREAMLAND\kit 12- felicidades.zip
2015-01-18 17:47:34	E4735CD61E593E27BEACE58C0BA9B5D7	650120	----a-w-	C:\Users\Nel\Downloads\verjaardagskit(1).zip
2015-01-18 17:43:39	E4735CD61E593E27BEACE58C0BA9B5D7	650120	----a-w-	C:\Users\Nel\Desktop\DREAMLAND2\verjaardagskit.zip
2015-01-18 17:41:40	E4735CD61E593E27BEACE58C0BA9B5D7	650120	----a-w-	C:\Users\Nel\Downloads\verjaardagskit.zip
2015-01-18 12:34:36	CE44A9D4918DCDC7CCCF5503BF4D7A3D	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip
2015-01-18 12:22:08	92F975B07E65EF3AE67D89A016FDAACC	638888	----a-w-	C:\Users\Nel\Desktop\JavaSetup8u25.com
2015-01-17 09:20:31	02D863760621D6EA78D8FFD6BA4B03E4	7470936	----a-w-	C:\Users\Nel\Desktop\Girl_with_coffee.zip
2015-01-15 08:03:27	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\System32\drivers\mrxdav.sys
2015-01-14 19:00:30	82A2A5B28C845743FA3E07D6CEE11CBF	18695134	----a-w-	C:\Users\Nel\Desktop\vzzipje11-01-2015.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2088802119-1191371545-69361678-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="C:\Users\Nel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SkyDrive"="C:\Users\Nel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s                                                                                                                                                                                                                       "
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"IntelTBRunOnce"="wscript.exe //b //nologo C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Apoint]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Apoint"
"hkey"="HKLM"
"command"="C:\\Program Files\\Apoint2K\\Apoint.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AthBtTray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AthBtTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\AthBtTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AtherosBtStack]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AtherosBtStack"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Bluetooth Suite\\BtvStack.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG_UI]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVG_UI"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\AVG\\AVG2013\\avgui.exe\" /TRAYONLY"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BackupManagerTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BkupTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BkupTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\NewTech Infosystems\\NTI Backup Now 5\\BkupTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlazeServoTool]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BlazeServoTool"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\NTI\\NTI Digital Flix 2.5.0.4\\MediaDetector.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Dolby Home Theater v4]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dolby Home Theater v4"
"hkey"="HKLM"
"command"="\"C:\\Dolby PCEE4\\pcee4.exe\" -autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\InstantUpdate]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="InstantUpdate"
"hkey"="HKLM"
"command"="C:\\Program Files\\Acer\\Acer Instant Service\\InstantUpdate\\iuDaemon.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LManager"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norton Online Backup"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SuiteTray"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USB3MON]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="USB3MON"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Intel\\Intel(R) USB 3.0 eXtensible Host Controller Driver\\Application\\iusb3mon.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Nel^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Jacquie Lawson Quick Send Widget.lnk]
"path"="C:\\Users\\Nel\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Jacquie Lawson Quick Send Widget.lnk"
"backup"="C:\\Windows\\pss\\Jacquie Lawson Quick Send Widget.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\JACQUI~1\\JACQUI~1.EXE "
"item"="Jacquie Lawson Quick Send Widget"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BUNAgentSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\cphs]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\FLEXnet Licensing Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\fshoster]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GamesAppService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\LightScribeService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Live Updater Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTI IScheduleSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTIBackupSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\NTISchedulerSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ProtexisLicensing]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\PSI_SVC_2]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\TuneUp.UtilitiesSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\vToolbarUpdater15.3.0]


==== Startup Folders ======================

2013-08-25 13:46:44	1296	----a-w-	C:\Users\Nel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-01-2015 22:07]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe]
"C:\Windows\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2011" [C:\Program Files (x86)\TuneUp Utilities 2011\OneClick.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2012" [C:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe]
"C:\Windows\SysNative\tasks\UALU notificatin" ["C:\Program Files\Acer\Acer Updater\UALU.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{1740CD31-5BE6-454A-85A4-6AA557B6EAD3}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{37071B0F-6FA3-409B-9519-267D9A3A9ACF}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.107.456/nl/abandoninstall?page=tsProgressBar]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Nel\AppData\Roaming\Mozilla\Firefox\Profiles\wa9eznum.default
user_pref("browser.startup.homepage", "https://www.google.nl/");

ProfilePath: C:\Users\Nel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0
user_pref("browser.startup.homepage", "http://mysearch.avg.com?cid={FF7659E2-AECA-4A90-AD22-AE4E460FBB78}&mid=3d02e831c45e47d0bbc93909b44f856b-a7d92a34c04515bd6e05b49169a82c51971c9bdc&lang=en&ds=fp011&coid=avgtbdisfp&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "AVG Secure Search");
user_pref("browser.search.selectedEngine", "AVG Secure Search");
user_pref("keyword.URL", "http://mysearch.avg.com/search?cid={FF7659E2-AECA-4A90-AD22-AE4E460FBB78}&mid=3d02e831c45e47d0bbc93909b44f856b-a7d92a34c04515bd6e05b49169a82c51971c9bdc&lang=en&ds=fp011&coid=avgtbdisfp&cmpid=&pr=sa&d=2014-01-29 11:28:01&v=17.3.1.91&pid=safeguard&sg=&sap=dsp&q={searchTerms}");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"discountfinder@moneymillionaire.com"="C:\ProgramData\Qassa+\FFExtension20141010093724" [10-10-2014 08:37]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nel\AppData\Roaming\Mozilla\Firefox\Profiles\wa9eznum.default
- Undetermined - leethax@leethax.net
- leethax.net extension - %ProfilePath%\extensions\leethax@leethax.net.xpi

ProfilePath: C:\Users\Nel\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0
- BatBrowse - %ProfilePath%\extensions\firefox@batbrowse.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nel\AppData\Roaming\Mozilla\Firefox\Profiles\wa9eznum.default
8560995C727974F27F2A1CE68909FEB9	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_257.dll -	Shockwave Flash
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013


==== Chromium Look ======================


==== C:\zoek_backup content ======================

C:\zoek_backup (files=551 folders=99 211917578 bytes)

==== EOF on zo 18-01-2015 at 20:39:50,44 ======================