
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by MY NAME on zo 31-05-2015 at 15:31:14,64.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\MY NAME\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

31-5-2015 15:33:59 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\GUM2F6A.tmp deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Users\MY NAME\AppData\Roaming\NwDocx deleted successfully
C:\Users\MY NAME\AppData\Roaming\QuickScan deleted successfully
C:\Users\MY NAME\AppData\Local\genienext deleted successfully
C:\Users\MY NAME\AppData\Local\KPN deleted successfully
C:\Users\MY NAME\AppData\Local\KundenName deleted successfully
C:\Users\MY NAME\AppData\Local\Logitech-LS deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1002\Software\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} deleted successfully
HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1002\Software\Microsoft\Internet Explorer\SearchScopes\{F6D70D87-CA8F-4612-9D2E-5C9E38012620} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{6c97a91e-4524-4019-86af-2aa2d567bf5c} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6c97a91e-4524-4019-86af-2aa2d567bf5c}] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iLivid] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mobilegeni daemon] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NextLive] 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\GUM2F6A.tmp not found
C:\Program Files (x86)\Mobogenie not found
C:\PROGRA~2\URLSnooper2 deleted
C:\ProgramData\Search Protection deleted
C:\Users\MY NAME\daemonprocess.txt deleted
C:\Users\MY NAME\.android deleted
C:\PROGRA~2\PC Speed Up deleted
C:\PROGRA~2\Toolbar Cleaner deleted
C:\PROGRA~2\GreenTree Applications deleted
C:\PROGRA~2\MyPC Backup deleted
C:\PROGRA~2\sizlsearch deleted
C:\Users\MY NAME\AppData\Roaming\newnext.me deleted
C:\Users\MY NAME\AppData\Roaming\BabSolution deleted
C:\PROGRA~3\blekko toolbars deleted
C:\PROGRA~3\YTD Video Downloader deleted
C:\Users\MY NAME\AppData\Local\adawarebp deleted
C:\Users\MY NAME\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader deleted
C:\Users\MY NAME\Downloads\SoftonicDownloader_voor_samsung-kies.exe deleted
C:\Users\MY NAME\Downloads\SoftonicDownloader_voor_wavepad.exe deleted
C:\Users\MY NAME\AppData\LocalLow\adawaretb deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\Users\MY NAME\Documents\Add-in Express deleted
"C:\windows\tasks\Ad-Aware Update (Weekly).job" not deleted
"C:\Users\MY NAME\AppData\Local\{06EF892A-6853-49BC-B3CA-99497ED6BE09}" deleted
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.dll" deleted
"C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" deleted
"C:\PROGRA~3\Ad-Aware Browsing Protection\adawarebp.dll" deleted
"C:\PROGRA~3\Ad-Aware Browsing Protection\adawarebp.exe" deleted
"C:\ProgramData\Ad-Aware Browsing Protection" not deleted
"C:\PROGRA~3\Ad-Aware Browsing Protection" not deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\EDROSS~1\AppData\Local\Temp ====
2015-05-31 10:05:05	19DB9C15D2A4218D2141A778DE84DAED	2680448	----a-w-	C:\Users\MY NAME\AppData\Local\Temp\{3F470DC3-9B77-4ABD-9C86-5FBB514F47F6}_emergency.exe
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2015-05-31 09:48:29	06B4E8855DA706E34C5429A6804A4586	648656	------w-	C:\windows\SysWOW64\ipworks6.dll
2015-05-20 09:30:34	1B6E2050ABBDA860F4F9F245D1E150A5	466944	----a-w-	C:\windows\SysWOW64\capicom.dll
2015-05-20 09:30:17	ECFFF2DFFBB1CAE3A00CB2AB9BFF8CEF	40960	----a-w-	C:\windows\SysWOW64\MFC71CHS.DLL
2015-05-20 09:30:17	E52CFBBD496A531075998B81E51D49CA	49152	----a-w-	C:\windows\SysWOW64\MFC71KOR.DLL
2015-05-20 09:30:17	C94D9D5B96D385586063093BAAD8F206	65536	----a-w-	C:\windows\SysWOW64\MFC71DEU.DLL
2015-05-20 09:30:17	C3CA0BF342DD90C9012C77BCFFD9D43D	49152	----a-w-	C:\windows\SysWOW64\MFC71JPN.DLL
2015-05-20 09:30:17	BAF751E7061FF626AA60F56D1D5D1FDC	57344	----a-w-	C:\windows\SysWOW64\MFC71ENU.DLL
2015-05-20 09:30:17	BA14D19B7C983C5863601D95EA473FD2	61440	----a-w-	C:\windows\SysWOW64\MFC71ITA.DLL
2015-05-20 09:30:17	7B93C623333F121DC9E689CCB1B7A733	1047552	----a-w-	C:\windows\SysWOW64\MFC71u.dll
2015-05-20 09:30:17	3A52FCD03C1C6DFBD82D19CD0625EFD1	61440	----a-w-	C:\windows\SysWOW64\MFC71ESP.DLL
2015-05-20 09:30:17	34A892CABFE500BD87FFB9EBBD4C92C7	45056	----a-w-	C:\windows\SysWOW64\MFC71CHT.DLL
2015-05-20 09:30:16	F35A584E947A5B401FEB0FE01DB4A0D7	1060864	----a-w-	C:\windows\SysWOW64\MFC71.dll
2015-05-20 09:30:16	8F2097E8B174F38178570C611464935F	89088	----a-w-	C:\windows\SysWOW64\atl71.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-05-25 07:33:15	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-05-20 09:28:09	--------	d-----w-	C:\PROGRA~2\Logitech
======= C: =====
====== C:\Users\MY NAME\AppData\Roaming ======
2015-05-26 18:14:00	--------	d-----w-	C:\Users\MY NAME\AppData\Local\CyberLink
====== C:\Users\MY NAME ======
2015-05-31 09:47:16	C4AC7802C74B5C58D47EB707A1B0F203	48445848	----a-w-	C:\Users\MY NAME\Downloads\BreedbandAssistent_WIN.exe
2015-05-25 07:31:27	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\MY NAME\Downloads\RSITx64.exe
2015-05-20 14:05:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-20 13:50:32	312E3ECE7D878B32CA6DC4C6D4B79DC5	880208	----a-w-	C:\Users\MY NAME\Downloads\ChromeSetup (1).exe
2015-05-20 09:30:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2015-05-20 09:27:30	5B3209EE814DF9401FBE8D545B87CDD4	33823016	----a-w-	C:\Users\MY NAME\Downloads\qc848enu.exe

====== C: exe-files ==
2015-05-31 13:23:00	D904474849BFABDC5BCDA946D9DE6B62	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-151403999-931789392-3130884974-1002\$I9Q0HP0.exe
2015-05-31 13:23:00	AE2AB26936A31BD5D188D15341C118AC	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-151403999-931789392-3130884974-1002\$IQFD27J.exe
2015-05-31 13:22:36	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$Recycle.Bin\S-1-5-21-151403999-931789392-3130884974-1002\$R9Q0HP0.exe
2015-05-31 13:21:24	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$Recycle.Bin\S-1-5-21-151403999-931789392-3130884974-1002\$RQFD27J.exe
2015-05-31 10:05:05	19DB9C15D2A4218D2141A778DE84DAED	2680448	----a-w-	C:\Users\MY NAME\AppData\Local\Temp\{3F470DC3-9B77-4ABD-9C86-5FBB514F47F6}_emergency.exe
2015-05-31 09:47:16	C4AC7802C74B5C58D47EB707A1B0F203	48445848	----a-w-	C:\Users\MY NAME\Downloads\BreedbandAssistent_WIN.exe
2015-05-30 17:22:38	FCDCC522D687A7412AEED8DAD1129705	453664	----a-r-	C:\ProgramData\NVIDIA\Updatus\Download\7787\updatus.19626950_RUNASUSER.exe
2015-05-28 20:18:27	B1798BC27E40983B12FEFD0D85C05B3F	873800	----a-w-	C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe
2015-05-28 19:35:44	4BE25E75D37FCEFD07B46BFBA7CD1671	452840	----a-r-	C:\ProgramData\NVIDIA\Updatus\Download\774B\updatus.19622664_RUNASUSER.exe
2015-05-26 15:25:15	2D7D54B47ACFAB94671E3C97B2D2E639	1106512	----a-w-	C:\Program Files (x86)\Google\Update\Install\{ACF4D3E4-401C-4D92-BC94-C34F7131FDFC}\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-26 15:25:15	2D7D54B47ACFAB94671E3C97B2D2E639	1106512	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.81\43.0.2357.81_43.0.2357.65_chrome_updater.exe
2015-05-25 07:33:18	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\MY NAME.exe
2015-05-25 07:31:27	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\MY NAME\Downloads\RSITx64.exe
2015-05-24 19:54:34	6F6AFBD93BB17B50D91DA63EA85DF4A3	453056	----a-r-	C:\ProgramData\NVIDIA\Updatus\Download\770C\updatus.19606705_RUNASUSER.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-151403999-931789392-3130884974-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KPN Assistent Update"="C:\Users\EDROSS~1\AppData\Local\Temp\{3F470DC3-9B77-4ABD-9C86-5FBB514F47F6}_emergency.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Ad-Aware Browsing Protection"="C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Agent Wallet-toepassing"="C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"KPN Assistent Update"="C:\Users\EDROSS~1\AppData\Local\Temp\{3F470DC3-9B77-4ABD-9C86-5FBB514F47F6}_emergency.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Bdagent"="C:\Program Files\Bitdefender\Bitdefender\bdagent.exe"
"HotKeysCmds"="C:\windows\system32\hkcmd.exe"
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"=""
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CAHeadless]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CAHeadless"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Adobe\\Elements 11 Organizer\\CAHeadless\\ElementsAutoAnalyzer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CDAServer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CDAServer"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Common Desktop Agent\\CDASrv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesPreload"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KiesTrayAgent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KPN Assistent]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="KPN Assistent"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\KPN\\KPN Assistent\\KPN_Assistent.exe /auto"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SandboxieControl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SandboxieControl"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Sandboxie\\SbieCtrl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Search Protection]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Search Protection"
"hkey"="HKLM"
"command"="C:\\ProgramData\\Search Protection\\SearchProtection.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\windows\\pss\\Microsoft Office.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\MICROS~1\\Office\\OSA9.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^MY NAME^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^MailWasherPro.lnk]
"path"="C:\\Users\\MY NAME\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\MailWasherPro.lnk"
"backup"="C:\\windows\\pss\\MailWasherPro.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Program Files (x86)\\Firetrust\\MailWasher\\MailWasherPro.exe -nosplash"
"item"="MailWasherPro"


==== Startup Folders ======================

2013-09-26 20:09:40	834	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Ad-Aware Update (Weekly).job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Ad-Aware Update (Weekly)" [C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\windows\SysNative\tasks\AdobeAAMUpdater-1.0-Area51-MY NAME" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\BatteryLifeExtender" [C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\SamsungSupportCenter" [%programfiles(x86)%\Samsung\Samsung Support Center\SSCKbdHk.exe]
"C:\windows\SysNative\tasks\SRS Premium Sound" [C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe]
"C:\windows\SysNative\tasks\SUPBackground" ["%ProgramFiles(x86)%\Samsung\Samsung Update Plus\SUPBackground.exe"]
"C:\windows\SysNative\tasks\WifiManager" ["%programfiles(x86)%\Samsung\Easy Display Manager\WifiManager.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [04-09-2013 17:04]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.81

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[20-04-2014 18:45]
oejkcgajlodefenbbjdnaiahmbnnoole - C:\Program Files (x86)\Lavasoft\AdAware SecureSearch Toolbar\chrome-newtab-search.crx[30-10-2013 21:01]

Google Drive - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Bitdefender Wallet - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl
selector is not a valid CSS selector - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
WMP FOR CHROME - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjgndfecgdkbhdpdmklohmbjodjnpna
Bookmark Manager - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Windows Media Player Extension for HTML5 - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\hokdglbhghcebcopdbanieangmcamaak
Google Wallet - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Preferences
oofebfddakdcjhd":"B3B49D4B53ABFEBCB9A8AAD10C85A040CFC7DF53061A08FEEF2D45B9FBD7D464","nkeimhogjdpnpccoofpliimaahmaaome":"FA41A32255B4CA1BF451DB7860B2C3F52FCD3FE1F20F73F813832D1606431C05","nmmhkkegccagdldgiimedpiccmgmieda":"752CAA8FA23D8B3F29C5AF88D5F5510403BF5F3513C238A677607E7F3068B7C0","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"34BDBB53EA2033BB94DC1858EC7EB1F450F44DF483258BA5590B345868F09800","pjkljhegncpnkpknbcohdijeoejaedia":"654A880AF93BFE49C5BBEE5C5A889E3580D92B01208FB12CB1A89144150B4FCF"}},"google":{"services":{"last_username":"6281283ED22C5B482DC63BE8724CB2939CC9B1B31E1309DE3379B3C19231E7AF","username":"8AEC1F130CD40CDEDCEF01012684679ADB967F102B5AFC7DA9F7B77EBD89AE9A"}},"homepage":"618D5BD5A2F25D40F3434D0A93E90C72335802DD0145FFD7AA1573B4E7CE5FE3","homepage_is_newtabpage":"B6823888419F883D9BB960A990E75DFC4859408DFF66FBFB606AFA3A6751C5E1","pinned_tabs":"75A83BAD91555B63A63BB2C67AC623B5F2707414CFED8A2EA38F0923A7DC0B4B","prefs":{"preference_reset_time":"57E5DF5726A8D9D2108F1DBA7ECBC037EE65A03D87DB3D1FC582C8289BEBD012"},"profile":{"reset_prompt_memento":"858DF11C52FD4D8450C5F40BEAEC8851895A24D5E6B1295208F18D10E6A5D13A"},"safebrowsing":{"incidents_sent":"606AC81FB7740D3491ABFDA5A22E3E0487D3C01262AFB0EBED9C576239ADFE02"},"search_provider_overrides":"93348A97877BFEE48B20031EAAEDB66446BFDA6D4765537EB55025A4CA9CE3E4","session":{"restore_on_startup":"956037AAA0507A5E79E3D14684E5D1DC5F764CE1C7641F0E05D8ABDE2BF8E909","startup_urls":"480A30FF02A0E9D74AAF93B795371A77DBD1D394CE0E01EB7316A042FC6EABFB"},"software_reporter":{"prompt_reason":"4D3243A913A110D11730E9D6AC0D65E6B17554F7A4274EDD1D4A7FF3586F582D","prompt_seed":"55791C73497813E78188E33A3CB3EDAB87802C236242915649343C7C56753A78","prompt_version":"78F1E27500E18B7C7946BAEDEE0AF73DC743EC7AD20B4232BA101AC243E131EA"},"sync":{"remaining_rollback_tries":"02DFB79CAE77C525282B3BCC4A67C8CC499110705B9C96365185AE11A21A4EDD"}},"super_mac":"B6CB201C9DEABA901DC44B41BC4CDD06A38FDC0DCF94400457FC2B519643C942"},"session":{"restore_on_startup":4,"startup_urls":["https://mail.google.com/mail/u/0/#inbox"]},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Preferences.bak was reset successfully
C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D} deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SandboxieControl deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Search Protection deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MY NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\MY NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=319 folders=109 60836572 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MY NAME\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\EDROSS~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\tasks\Ad-Aware Update (Weekly).job"  not found
"C:\ProgramData\Ad-Aware Browsing Protection"  not found
"C:\PROGRA~3\Ad-Aware Browsing Protection"  not found

==== EOF on zo 31-05-2015 at 16:45:03,94 ======================