
Zoek.exe v5.0.0.0 Updated 08-April-2015
Tool run by Zwervende Eik on vr 10/04/2015 at 13:43:04,20.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Zwervende Eik\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

10/04/2015 13:46:03 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\PC Speed Up deleted successfully
C:\PROGRA~2\WNetEnhance deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\PlotSoft deleted successfully
C:\Users\Zwervende Eik\AppData\Roaming\dlg deleted successfully
C:\Users\Zwervende Eik\AppData\Roaming\hpqlog deleted successfully
C:\Users\Gast\AppData\Local\VirtualStore deleted successfully
C:\Users\Zwervende Eik\AppData\Local\Adobe deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1393742732-960651036-4280872672-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8d0ea870-e492-4825-a734-a0ed7d65882a} deleted successfully
HKEY_USERS\S-1-5-21-1393742732-960651036-4280872672-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8d0ea870-e492-4825-a734-a0ed7d65882a} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8d0ea870-e492-4825-a734-a0ed7d65882a} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8d0ea870-e492-4825-a734-a0ed7d65882a} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default

user.js not found
---- Lines mystart removed from prefs.js ----
user_pref("browser.search.searchengine.alias", "mystartsearch");
user_pref("browser.search.searchengine.iconURL", "http://www.mystartsearch.com/web/favicon.ico");
user_pref("browser.search.searchengine.name", "mystartsearch");
user_pref("browser.search.searchengine.url", "http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&
user_pref("browser.search.selectedEngine", "mystartsearch");
user_pref("browser.startup.homepage", "http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN");
---- Lines quick_start removed from prefs.js ----
user_pref("extensions.quick_start.enable_search1", false);
user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
---- FireFox user.js and prefs.js backups ---- 

prefs_20151004_1405_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"*LABAL*"=- 
"SoftonicAssistant"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\PC Speed Up not found
C:\PROGRA~2\WNetEnhance not found
C:\Program Files (x86)\Roaming Rate not found
C:\Users\Zwervende Eik\AppData\Local\SoftonicAssistant deleted
C:\Program Files (x86)\XTab deleted
C:\ProgramData\WindowsMangerProtect deleted
C:\Program Files (x86)\FreeFileViewer deleted
C:\Program Files (x86)\SearchProtect deleted
C:\Users\Zwervende Eik\AppData\Roaming\FreeFileViewer deleted
C:\ProgramData\IHProtectUpDate deleted
C:\Users\Zwervende Eik\AppData\Roaming\mystartsearch deleted
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted
C:\Users\Zwervende Eik\.android deleted
C:\PROGRA~2\File Type Assistant deleted
C:\Users\Public\Pokki deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted
C:\Users\Gast\AppData\Local\Pokki deleted
C:\Users\Zwervende Eik\AppData\Local\SearchProtect deleted
C:\Users\Zwervende Eik\AppData\Local\avaavaxvyy deleted
C:\Users\Zwervende Eik\AppData\Local\FileTypeAssistant deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\FileTypeAssistant deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\Tasks\avaavaxvyy deleted
C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\Windows\wininit.ini deleted
C:\Windows\tasks\FreeFileViewerUpdateChecker.job deleted
C:\windows\SysNative\tasks\FreeFileViewerUpdateChecker deleted
C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted
C:\Windows\AppPatch\nbin\VC32Loader.dll deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\searchplugins\mystartsearch.xml deleted
C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\jetpack deleted
"C:\windows\Installer\ae30a.msi" deleted
"C:\Windows\Installer\c93df4.msi" deleted
"C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\adbhelper@mozilla.org\win32\adb.exe" deleted
"C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\adbhelper@mozilla.org\win32\AdbWinApi.dll" deleted
"C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\adbhelper@mozilla.org\win32\AdbWinUsbApi.dll" deleted
"C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\adbhelper@mozilla.org" deleted
"C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\adbhelper@mozilla.org\win32" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-03-28 22:47:42	29968EDF8EF795F91DD35A61988CC40C	43112	----a-w-	C:\Windows\avastSS.scr
2015-03-11 22:06:07	C10A66189DC8C090E7C84873EDCEBC88	2501368	----a-w-	C:\Windows\explorer.exe
====== C:\Users\ZWERVE~1\AppData\Local\Temp ====
2015-04-10 00:30:10	2489723919CF56E8CCAE3DE53061AAFB	980656	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\AmazonKindleUpdateSetup.exe
2015-04-08 14:19:45	2C80666AE49E25F97BF091935B07B03B	41451520	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\Skype.msi
2015-04-06 13:35:09	E3A25C80E2375B2D42C3D4729769BDF3	10240	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\SDIAG_398408f6-0343-49da-80fe-53cb35d6dc79\NetworkDiagnosticSnapIn.dll
2015-04-06 13:20:36	FDCF03208012026400DA8626656983F8	298096	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe
2015-04-01 20:15:30	12C0789B30AD2425D9F5B63FFFAAEEA6	43008	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfgc9xv.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-03-28 22:47:47	5FA979EE982E893255D7808AB3E1EF94	364472	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2015-03-24 20:41:58	8E98D21EE06192492A5671A6144D092F	33240	----a-w-	C:\Windows\Sysnative\drivers\GEARAspiWDM.sys
2015-03-11 22:23:33	D296D0F0DB2CD1504F90405603664493	264000	----a-w-	C:\Windows\Sysnative\drivers\WdFilter.sys
2015-03-11 22:23:33	9F4DF0043965808973023A9B51A11136	114496	----a-w-	C:\Windows\Sysnative\drivers\WdNisDrv.sys
2015-03-11 22:23:33	1751F6B031ADAC34724511057D2E455D	44024	----a-w-	C:\Windows\Sysnative\drivers\WdBoot.sys
2015-03-11 22:12:43	F4CB6F457D019857C8DB6F04CA2957F5	132608	-c--a-w-	C:\Windows\Sysnative\drivers\BthA2DP.sys
2015-03-11 22:12:43	DC66AE45816614D2999DCD3834DCCC4E	167424	-c--a-w-	C:\Windows\Sysnative\drivers\rfcomm.sys
2015-03-11 22:12:43	42F88B57CAE42FC10059C887B3FCFCEA	97792	-c--a-w-	C:\Windows\Sysnative\drivers\hidbth.sys
2015-03-11 22:06:33	6D3A2565E01B3E4B0F1BEDB0D4B00B3F	1113920	----a-w-	C:\Windows\Sysnative\drivers\ndis.sys
====== C:\Windows\Tasks ======
2015-04-08 14:08:40	D46BA434CC2147102FB3B9594E6EA3FF	3950	----a-w-	C:\Windows\Sysnative\Tasks\ProgramUpdateCheck
2015-04-08 14:08:40	D2BF53112FDA1D61655EDC972924B57F	3580	----a-w-	C:\Windows\Sysnative\Tasks\ProgramRefresh-ATFST
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-04-10 09:32:28	--------	d-----w-	C:\Program Files\trend micro
2015-03-24 20:41:24	--------	d-----w-	C:\Program Files\iPod
2015-03-24 20:41:23	--------	d-----w-	C:\Program Files\iTunes
2015-03-24 20:30:56	--------	d-----w-	C:\Program Files\Bonjour
2015-03-24 20:30:46	--------	d-----w-	C:\Program Files\Common Files\Apple
======= C:\PROGRA~2 =====
2015-04-10 08:56:34	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2015-04-10 00:32:02	--------	d-----w-	C:\PROGRA~2\Amazon
2015-04-08 14:04:31	--------	d-----w-	C:\PROGRA~2\Microsoft Silverlight
2015-04-08 12:16:59	--------	d-----w-	C:\PROGRA~2\Jasc Software Inc
2015-04-08 12:16:59	--------	d-----w-	C:\PROGRA~2\COMMON~1\Jasc Software Inc
2015-03-24 20:41:24	--------	d-----w-	C:\PROGRA~2\iTunes
2015-03-24 20:31:22	--------	d-----w-	C:\PROGRA~2\Apple Software Update
2015-03-24 20:30:56	--------	d-----w-	C:\PROGRA~2\Bonjour
2015-03-24 20:30:33	--------	d-----w-	C:\PROGRA~2\COMMON~1\Apple
2015-03-17 22:01:12	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Zwervende Eik\AppData\Roaming ======
2015-04-08 12:16:59	--------	d-----w-	C:\Users\Zwervende Eik\AppData\Roaming\Jasc Software Inc
2015-03-24 20:42:07	--------	d-----w-	C:\Users\Zwervende Eik\AppData\Roaming\Apple Computer
2015-03-24 20:42:07	--------	d-----w-	C:\Users\Zwervende Eik\AppData\Local\Apple Computer
2015-03-24 20:31:25	--------	d-----w-	C:\Users\Zwervende Eik\AppData\Local\Apple
2015-03-24 20:31:19	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Apple Computer
2015-03-17 22:01:10	--------	d-----w-	C:\Users\Zwervende Eik\AppData\Locallow\Oracle
====== C:\Users\Zwervende Eik ======
2015-04-09 07:34:31	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2015-04-08 14:08:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeFileViewer
2015-04-08 14:04:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-04-08 12:17:51	--------	d-----w-	C:\ProgramData\InstallShield
2015-04-08 12:17:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
2015-03-24 20:42:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-03-24 20:41:23	--------	d-----w-	C:\ProgramData\Apple Computer
2015-03-17 21:42:41	--------	d-----w-	C:\Users\Zwervende Eik\Tracing

====== C: exe-files ==
2015-04-10 11:41:43	B2C0547CEE0EC6820987AF1D98FED2E6	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1393742732-960651036-4280872672-1002\$I70NIBR.exe
2015-04-10 09:32:28	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Zwervende Eik.exe
2015-04-10 09:31:00	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\$Recycle.Bin\S-1-5-21-1393742732-960651036-4280872672-1002\$R70NIBR.exe
2015-04-10 08:56:35	63B308A3E1F062DFD3BF762FDDC2F39A	103588	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\Uninstall.exe
2015-04-10 08:56:34	269BDB3CB77EB77BABE2862BEAB1F208	148080	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
2015-04-10 00:32:20	01F5B701A11562188BBC7DAC0D6EA3F9	199970	----a-w-	C:\Program Files (x86)\Amazon\Kindle\uninstall.exe
2015-04-10 00:30:10	2489723919CF56E8CCAE3DE53061AAFB	980656	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\AmazonKindleUpdateSetup.exe
2015-04-08 23:12:14	83D811F35F7BCD1AB40795D349D7EF38	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1393742732-960651036-4280872672-1002\$IMRI0RV.exe
2015-04-08 13:59:56	4C8DC4F7F3506D7BB1074D4A11911935	394040	----a-w-	C:\Users\Zwervende Eik\Videos\ORIGINELE PROGRAMMA'S\download-freefileviewer.exe
2015-04-08 13:58:33	4C8DC4F7F3506D7BB1074D4A11911935	394040	----a-w-	C:\$Recycle.Bin\S-1-5-21-1393742732-960651036-4280872672-1002\$RMRI0RV.exe
2015-04-06 13:20:36	FDCF03208012026400DA8626656983F8	298096	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe
2015-04-04 13:34:45	F72D431081390B2329F6A7A924D9889A	392704	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2015-04-04 13:34:45	CAA865FD51B2FD48413D3BA2544AFF5C	658432	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2015-04-04 13:34:45	BBB8B43090244B0F9F612F70AEFB3732	458752	----a-w-	C:\Windows\System32\GWX\GWX.exe
2015-04-04 13:34:45	A63DD015342F6F9D480AAEF61C9CB88D	393216	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2015-04-04 13:34:45	29038FF696BB007224872DA9645EA324	353048	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2015-04-04 12:03:08	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files (x86)\Google\Update\Install\{1962317F-23F7-49FC-8D4D-2E9C8AA167E5}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
2015-04-04 12:03:08	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.118\41.0.2272.118_41.0.2272.101_chrome_updater.exe
=== C: other files ==
2015-04-10 10:46:36	76CDB2BAD9582D23C1F6F4D868218D6C	22	----a-w-	C:\Users\Zwervende Eik\AppData\Local\Temp\avastBCLTMP\{8d0ea870-e492-4825-a734-a0ed7d65882a}.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1393742732-960651036-4280872672-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"VoipConnect"="C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe -nosplash -minimized"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"
"AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h"
"Viber"="C:\Users\Zwervende Eik\AppData\Local\Viber\Viber.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe"
"HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"Samsung PanelMgr"="C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun"
"StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"VoipConnect"="C:\Program Files (x86)\VoipConnect.com\VoipConnect\VoipConnect.exe -nosplash -minimized"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"PC Suite Tray"="C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray"
"AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h"
"Viber"="C:\Users\Zwervende Eik\AppData\Local\Viber\Viber.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui"
"OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"
"OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Folders ======================

2015-01-03 00:35:19	1178	----a-w-	C:\Users\Zwervende Eik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/11/2014 20:58]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20/11/2014 20:58]
C:\Windows\tasks\HPCeeScheduleForZwervende Eik.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15/07/2011 04:43]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForZwervende Eik" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\ProgramRefresh-ATFST" [C:\Program Files (x86)\File Type Assistant\tsasetup.exe]
"C:\Windows\SysNative\tasks\ProgramUpdateCheck" [C:\Program Files (x86)\File Type Assistant\TSAssist.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default
user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006");
user_pref("browser.search.defaultengine", "Google (avast)");
user_pref("browser.search.defaultenginename", "Google (avast)");
user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"fftoolbar2014@etech.com"="C:\Users\Zwervende Eik\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default\extensions\fftoolbar2014@etech.com" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\ZWERVE~1\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Zwervende Eik\AppData\Roaming\Mozilla\Firefox\Profiles\xih01rr5.default
0C0C5C207121C7A78414A8250E8E099A	- C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll -	Shockwave for Director / Shockwave for Director
43583AB4DFD406F4C188342F41B1F91C	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll -	Shockwave Flash


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118) [z-db]

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx[19/03/2015 23:06]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[19/03/2015 23:06]

Google Slides - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
{scripts [background.js]}content_scripts:[{js:[content.js]matches:[<all_urls>]run_at:document_end}]content_security_policy:script-src 'self' 'unsafe-eval' https://roamingrate-a.akamaihd.net https://roamingrate-a.akamaihd.net https://cdn.roamingrate.com; object-src 'self'description:homepage_url:http://www.roamingrate.comicons:{48:icon.png}key:MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vxRAPmxSDN4RwsfI7VRAeRcXDvzBSpzGvjkM5QyV7nkNtbTzzbqoWT7ykxr6mg/WKP7Rla+HuE1IzNZRvwS0Ynu+g6kluE06jk+Dx+3V/CyPfF5FKOoRANzw0f4jAzxrANHj7asCsCl/BfcaJBbxym7f4EkjQTgymhFOn9rmuun3YgxFGZ10mOKE3gI56pzNLAfYxlQULuF69+ZblvK2nRuxdNbTOvCDcnN3vCgrZvGnWtgPG+G2bg0dV2SyV2xmdJluhdO2ASyS59PCOdZXikuVLHamrLT/gJGCu3Z3zC8Kbm/3tUkQo3ql4WkmssMoyH2AKj6Kuj7V7Pa8hP55wIDAQABmanifest_version:2name:Roaming Ratepermissions:[managementstoragetabswebRequestwebRequestBlocking<all_urls>]update_url:http://cdn.roamingrate.com/updateversion:1.0.5574.28114} - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\faicigiapfhoenaedanigbmkniiocadi
Google Sheets - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Avast Online Security - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Google Wallet - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN",
"startup_urls": [ "http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN" ]


==== Chromium Fix ======================

C:\Users\Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Extensions\faicigiapfhoenaedanigbmkniiocadi deleted successfully
C:\Users\Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_faicigiapfhoenaedanigbmkniiocadi_0.localstorage deleted successfully
C:\Users\Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\faicigiapfhoenaedanigbmkniiocadi deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN"
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN"
"Search Page"="http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hppp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN"
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=dspp&ts=1428501787&from=cvs&uid=ST1000LM014-1EJ164-SSHD_W382G8LN&q={searchTerms}"
"Search Bar"="https://www.google.com/?trackid=sp-006"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1393742732-960651036-4280872672-1002\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\searchengine@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\istart_ffnt@gmail.com deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\fftoolbar2014@etech.com deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\SoftonicAssistant deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zwervende Eik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Zwervende Eik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Gast\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Zwervende Eik\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Zwervende Eik\AppData\Local\Microsoft\Windows\INetCache\IE\5A4J6310 will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Zwervende Eik\AppData\Local\Mozilla\Firefox\Profiles\xih01rr5.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Zwervende Eik\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=9563 folders=349 600866600 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Gast\AppData\Local\Temp emptied successfully
C:\Users\Zwervende Eik\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\ZWERVE~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Zwervende Eik\AppData\Local\Microsoft\Windows\INetCache\IE\5A4J6310" not found

==== EOF on vr 10/04/2015 at 14:51:07,54 ======================