Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Inge on do 07/05/2015 at 19:59:42,13.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Inge\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

7/05/2015 20:02:08 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\Inge\AppData\Roaming\TP deleted successfully
C:\Users\Inge\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1691281062-3244372407-1984891347-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3DD04137-5B2D-4714-8B9D-7F1CCBAFBC21} deleted successfully
HKEY_USERS\S-1-5-21-1691281062-3244372407-1984891347-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{3DD04137-5B2D-4714-8B9D-7F1CCBAFBC21} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3DD04137-5B2D-4714-8B9D-7F1CCBAFBC21} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1691281062-3244372407-1984891347-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\lrftujgm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\lrftujgm deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\innfd_1_10_0_14 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\innfd_1_10_0_14 deleted successfully

==== Deleting Files \ Folders ======================

"C:\windows\SysNative\drivers\lrftujgm.sys" not found
"C:\windows\SysNative\drivers\innfd_1_10_0_14.sys" not found
C:\Users\Inge\AppData\Local\TempDIR deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Shopping and Services deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-05-06 14:35:27	2169B4B1EFAA3453A4DA732F1F94C1E1	43112	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Inge\AppData\Local\Temp ====
2015-05-06 17:23:12	3AA22E5E51D9A1D0BF0975D08F9F0C0D	160128	----a-w-	C:\Users\Inge\AppData\Local\Temp\EsgInstallerx64Stub.exe
2015-05-01 11:20:05	A96619564071DF84CC892752DF062A6D	86016	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\tmp\RegWrite.exe
2015-05-01 11:20:05	8A8F5EBE2FD9C2E6325723209B9CDF32	337064	----a-w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\tmp\wpm_v20.0.0.2227.exe
2015-05-01 11:20:04	27D4BCC325306B1415A89DE550528E04	94720	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\MsiZap.exe
2015-05-01 11:20:04	11B0C4F03D271213FF01FE2A81BC7C6A	36864	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
2015-05-01 11:20:03	B9F9541171DEB1C17F00D7BFBBDBB94F	71024	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\RegKey64Bit.dll
2015-05-01 11:20:03	6E0A95E643529D2E529FB54FD0BC4A0E	1560872	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\HwCtrlMgr.dll
2015-05-01 11:20:03	429063846145BD83860B7D703783A6D3	28672	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\APIfor64Bit.dll
2015-05-01 11:20:02	6AD27A8648DB6D2CB9646E3AC20C34A1	38184	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\GetSTime.dll
2015-05-01 11:20:02	405AD0E91FCD7CDEFE9ADBD72C0CDD78	71024	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\GetDXver.dll
2015-05-01 11:20:02	36F39D3ACAE0B0D3652A468EBFE202BC	57344	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\SIM.dll
2015-05-01 11:20:00	D07756AB3FB3D77932DECD8F00E010B2	110657	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\CLScan.dll
2015-05-01 11:20:00	6F7BA34273BF7219F40EF17871930D00	217088	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\WMI.dll
2015-05-01 11:19:33	75199934259934DDC0059E5DE0860CD0	1914368	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\UninstallManager.exe
2015-05-01 11:19:33	2EEE15B1927EADFF45013E94B0CB0D94	131640	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\QQBrowser.exe
2015-05-01 10:08:35	41C3F23085908917127EC948D8B55D07	926520	----a-w-	C:\Users\Inge\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\HPWarrantyChecker.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-01 11:07:25	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Windows\SysWOW64\track
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-06 14:35:49	9CA2FDD44F7C1F8AC1652F6C2638CFED	364472	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2015-05-07 11:20:32	60F5579B6B33F509C52200207F79B795	79064	----a-w-	C:\Windows\Sysnative\drivers\gphega.sys
2015-05-07 10:57:54	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-05-07 10:57:17	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-05-07 10:57:17	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-05-07 10:57:17	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-04-14 18:19:27	063C09DB965E3DFD6F4F08416F6DB8F5	95672	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-04-14 18:19:20	1FA627E63195BF3BF636BFEF0D7190D4	155576	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-04-14 18:18:20	F61634BEC53F73702A10DE69F6DCAF57	754688	----a-w-	C:\Windows\Sysnative\drivers\http.sys
====== C:\Windows\Tasks ======
2015-05-01 11:46:26	BF589B96217F13DF08E835FD2E5782D4	3142	----a-w-	C:\Windows\Sysnative\Tasks\{1B587027-41C6-48C0-8C9A-FC371D9D27F0}
2015-05-01 10:52:17	AF3ECF4F8278123EE2AA86590ABCAA36	3320	----a-w-	C:\Windows\Sysnative\Tasks\Format Factory
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-05-06 18:55:30	--------	d-----w-	C:\Program Files\trend micro
2015-05-01 10:25:03	--------	d-----w-	C:\Program Files\iTunes
2015-05-01 10:25:03	--------	d-----w-	C:\Program Files\iPod
2015-04-28 19:38:59	--------	d-----w-	C:\Program Files\Fotoservice
======= C:\PROGRA~2 =====
2015-05-01 10:25:03	--------	d-----w-	C:\PROGRA~2\iTunes
======= C: =====
2015-05-06 15:16:17	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
====== C:\Users\Inge\AppData\Roaming ======
2015-05-01 10:53:57	2B56224FC614D6900C20254A0FC7A641	3199040	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
====== C:\Users\Inge ======
2015-05-07 10:55:59	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Inge\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-07 10:55:47	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Inge\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-07 06:30:41	2E1D22AC30F4B392CEAF3D7D59BE3626	2204160	----a-w-	C:\Users\Inge\Downloads\adwcleaner_4.203.exe
2015-05-06 18:54:49	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Inge\Downloads\RSITx64.exe
2015-05-06 15:15:49	--------	d-----w-	C:\Users\Inge\Start Menu
2015-05-06 15:14:45	B9FF555660A02DC4D3EAFF58357BE02A	3109248	----a-w-	C:\Users\Inge\Downloads\SpyHunter-Installer.exe
2015-05-06 14:58:35	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2015-05-01 10:25:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-05-01 10:25:03	--------	d-----w-	C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7
2015-04-28 19:49:39	--------	d-----w-	C:\Users\Inge\restore
2015-04-28 19:44:59	--------	d-----w-	C:\ProgramData\tmp
2015-04-28 19:44:58	--------	d-----w-	C:\ProgramData\hps
2015-04-28 19:44:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kruidvat fotoservice
2015-04-28 19:38:11	59EA05172CF573DEDFEBFFE77F905FEA	1557336	----a-w-	C:\Users\Inge\Downloads\setup_Kruidvat_fotoservice.exe

====== C: exe-files ==
2015-05-07 10:55:59	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Inge\Downloads\mbam-setup-2.1.6.1022 (1).exe
2015-05-07 10:55:47	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Inge\Downloads\mbam-setup-2.1.6.1022.exe
2015-05-07 06:30:41	2E1D22AC30F4B392CEAF3D7D59BE3626	2204160	----a-w-	C:\Users\Inge\Downloads\adwcleaner_4.203.exe
2015-05-06 18:55:31	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Inge.exe
2015-05-06 18:54:49	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Inge\Downloads\RSITx64.exe
2015-05-06 17:23:12	3AA22E5E51D9A1D0BF0975D08F9F0C0D	160128	----a-w-	C:\Users\Inge\AppData\Local\Temp\EsgInstallerx64Stub.exe
2015-05-06 15:14:45	B9FF555660A02DC4D3EAFF58357BE02A	3109248	----a-w-	C:\Users\Inge\Downloads\SpyHunter-Installer.exe
2015-05-06 14:49:25	F3A2B4CA1DF34F751B9267D0A78673B6	32256	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderA.exe
2015-05-06 14:49:25	E515A156798111669821C005482FE4A4	31744	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_B.exe
2015-05-06 14:49:25	B8187379AEF2F29650239B329C3EA0DA	32256	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusDefenderB.exe
2015-05-06 14:49:25	19EDB8286BC6AB0229CF073036A65145	31744	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_AntiVirusNoAV_A.exe
2015-05-06 14:44:25	2FE0E5FF8E2A641C3FB2DC6D910E4BC6	11007056	----a-w-	C:\Program Files (x86)\Google\Update\Install\{AB0A59C1-E796-4881-9E48-C16C9B75336F}\42.0.2311.135_41.0.2272.101_chrome_updater.exe
2015-05-06 14:44:25	2FE0E5FF8E2A641C3FB2DC6D910E4BC6	11007056	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_41.0.2272.101_chrome_updater.exe
2015-05-06 14:35:49	9CA2FDD44F7C1F8AC1652F6C2638CFED	364472	----a-w-	C:\Windows\System32\aswBoot.exe
2015-05-01 11:20:05	A96619564071DF84CC892752DF062A6D	86016	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\tmp\RegWrite.exe
2015-05-01 11:20:05	8A8F5EBE2FD9C2E6325723209B9CDF32	337064	----a-w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\tmp\wpm_v20.0.0.2227.exe
2015-05-01 11:20:04	27D4BCC325306B1415A89DE550528E04	94720	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\MsiZap.exe
2015-05-01 11:20:04	11B0C4F03D271213FF01FE2A81BC7C6A	36864	----a-w-	C:\Users\Inge\AppData\Local\Temp\{01FB4998-33C4-4431-85ED-079E3EEFE75D}\PostBuild.exe
2015-05-01 11:19:33	75199934259934DDC0059E5DE0860CD0	1914368	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\UninstallManager.exe
2015-05-01 11:19:33	2EEE15B1927EADFF45013E94B0CB0D94	131640	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\QQBrowser.exe
2015-05-01 10:41:23	516A5FCE06BB388499238A5F9286CB74	96768	----a-w-	C:\Windows\Temp\2A568347-C97F-4846-8519-154166075E4C\DismHost.exe
2015-05-01 10:17:57	F3C3ED4D06A4B46F4761C1B22ED8D1BB	77104	----a-w-	C:\ProgramData\Apple Computer\Installer Cache\iTunes 12.1.2.27\SetupAdmin.exe
2015-05-01 10:08:35	41C3F23085908917127EC948D8B55D07	926520	----a-w-	C:\Users\Inge\AppData\Local\Temp\HPWarrantyChecker\HPWarrantyCheck\HPWarrantyChecker.exe
=== C: other files ==
2015-05-07 11:20:32	60F5579B6B33F509C52200207F79B795	79064	----a-w-	C:\Windows\System32\drivers\gphega.sys
2015-05-07 10:57:54	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-05-07 10:57:17	F49FB3C88E263AE9A246593B0BB29294	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-05-07 10:57:17	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-05-07 10:57:17	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-05-06 15:16:17	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\autoexec.bat
2015-05-01 11:20:03	23BFA566514F68405554F4599065E352	2824344	----a-w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\eg2.zip
2015-05-01 11:19:33	AEAA570266D756939B62E3E4B2785C7B	166426	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\quick_searchff#5.4.10.xpi
2015-05-01 11:19:33	1B24F54DDE63987C58ECBBEE5730F0B5	15312	------w-	C:\Users\Inge\AppData\Local\Temp\xtmp1506501\sweetsearch!1.0.0.1031.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1691281062-3244372407-1984891347-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HPQuickWebProxy"="C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"SetDefault"="C:\Program Files\Hewlett-Packard\HP LaunchBox\SetDefault.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OneDrive"
"hkey"="HKCU"
"command"="\"C:\\Users\\Inge\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background"


==== Startup Folders ======================

2012-11-19 16:48:16	2003	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/10/2014 18:24]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\HPCeeScheduleForInge.job --a------ C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 22:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Format Factory" ["C:\Users\Inge\AppData\Local\Temp\is-DGERQ.tmp\prsetup.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForInge" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F7D6028D-AAD3-45FD-AC3F-4CB7AD8A6AD8}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/05/2015 16:35]

==== Chromium Look ======================

Google Chrome Version: 42.0.2311.135

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20/04/2015 18:13]

Bookmark Manager - Inge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Inge\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Babylon Toolbar - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb

==== Chromium Startpages ======================

C:\Users\Inge\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.google.be/" ]

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com",
"urls_to_restore_on_startup": [ "http://www.google.com" ]


==== Chromium Fix ======================

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.globasearch.com/?serie=211&b=3&installkey=IH4yHuSZeSEWmxUhoXAA"
"Default_Page_URL"="http://www.google.com"
"Search Page"="http://www.google.com"
"Search Bar"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.globasearch.com/?serie=211&b=3&installkey=IH4yHuSZeSEWmxUhoXAA"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"
"Start Page"="http://www.globasearch.com/?serie=211&b=3&installkey=IH4yHuSZeSEWmxUhoXAA"
"Search Page"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{47A00688-944A-4AFD-AF28-B91CFD12F255} Google  Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Goo  Url="http://www.google.com/search?q={sear"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Inge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Inge\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Inge\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=32 folders=7 1614899 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Inge\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Inge\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 07/05/2015 at 20:50:32,37 ======================