Hot Searches


Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Simon Derbaix on vr 26/06/2015 at 13:18:28,76.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Simon Derbaix\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

26/06/2015 13:19:55 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\InstallJammer Registry deleted successfully
C:\PROGRA~2\Linn deleted successfully
C:\PROGRA~2\MarkAny deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} deleted successfully
C:\Users\Simon Derbaix\AppData\Roaming\PopcornTime deleted successfully
C:\Users\Simon Derbaix\AppData\Local\Downloaded Installations deleted successfully
C:\Users\Simon Derbaix\AppData\Local\PDFCreator deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1257701118-990318771-1584906478-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FC9FE84C-1B14-4B74-A587-1D6CF85DE7A3} deleted successfully
HKEY_USERS\S-1-5-21-1257701118-990318771-1584906478-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\SIMOND~1\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default

user.js not found
---- Lines searches removed from prefs.js ----
user_pref("extensions.alexa.active-buttons.hs", "<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<buttons>\n  <title>Hot Searches</title>\n  <id>hs</id>\n
---- FireFox user.js and prefs.js backups ---- 

prefs_20152606_1345_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\InstallJammer Registry not found
C:\PROGRA~2\Linn not found
C:\PROGRA~2\MarkAny not found
C:\PROGRA~3\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C} not found
C:\install.exe deleted
C:\PROGRA~3\Package Cache deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
"C:\Users\Simon Derbaix\AppData\Local\{64D16AA5-F231-4653-9D64-2509ED851F26}" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
====== C:\Users\SIMOND~1\AppData\Local\Temp ====
====== Java Cache =====
2015-06-26 05:17:49	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Simon Derbaix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-285f29db
2015-06-26 05:17:49	39F727FF20C8219BA05F3CB1519BCB98	424	----a-w-	C:\Users\Simon Derbaix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-06-26 05:17:45	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Simon Derbaix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-3b8faa09
2015-06-26 05:17:54	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Simon Derbaix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-21796c6a
2015-06-26 05:17:49	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Simon Derbaix\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-3e5e88a4
====== C:\windows\SysWOW64 =====
2015-06-26 01:53:09	E99049F129B1DE728BE33BA4AF1F353B	97888	----a-w-	C:\windows\SysWOW64\WindowsAccessBridge-32.dll
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
2015-06-10 02:56:36	272C27711C8AA6E7815EE33F8ACA9C66	155584	----a-w-	C:\windows\Sysnative\drivers\ksecpkg.sys
2015-06-10 02:56:34	BF69D973523D539A35807946C6DA7E16	95680	----a-w-	C:\windows\Sysnative\drivers\ksecdd.sys
2015-06-10 02:33:45	36E0DDD19038C92B7C7709BFA03F813F	69888	----a-w-	C:\windows\Sysnative\drivers\stream.sys
====== C:\windows\Tasks ======
2015-06-19 10:18:15	C2C29C8916B54738B37131726F1C9F9B	5034	----a-w-	C:\windows\Sysnative\Tasks\Microsoft Office 15 Sync Maintenance for SimonDerbaix-PC-Simon Derbaix SimonDerbaix-PC
====== C:\windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-06-26 01:53:32	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Simon Derbaix\AppData\Roaming ======
2015-06-23 04:50:02	--------	d-----w-	C:\Users\Simon Derbaix\AppData\Local\SolarWinds
2015-06-23 02:28:57	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\pdf.dll\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\pdf.dll\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\locales\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2015-06-23 02:28:57	--------	d-----w-	C:\Users\Apps\AppData\Local\temp
2015-06-02 02:00:09	--------	d-----w-	C:\Users\Simon Derbaix\AppData\Local\GWX
2015-05-29 07:10:10	--------	d-----w-	C:\Users\Simon Derbaix\AppData\Local\Spotify
2015-05-29 07:08:21	--------	d-----w-	C:\Users\Simon Derbaix\AppData\Roaming\Spotify
====== C:\Users\Simon Derbaix ======
2015-06-26 01:51:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-26 01:50:02	--------	d-----w-	C:\ProgramData\Oracle
2015-06-26 01:24:22	EAD05FEECC6FF24284970827330BC564	561248	----a-w-	C:\Users\Simon Derbaix\Downloads\jxpiinstall (1).exe
2015-06-25 06:52:51	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Simon Derbaix\Downloads\RSITx64.exe
2015-06-23 04:50:02	--------	d-----w-	C:\Users\Simon Derbaix\My Documents
2015-06-23 04:48:39	--------	d-----w-	C:\ProgramData\SolarWinds
2015-06-23 02:28:57	--------	d-----w-	C:\Users\pdf.dll\AppData
2015-06-23 02:28:57	--------	d-----w-	C:\Users\pdf.dll\AppData
2015-06-23 02:28:57	--------	d-----w-	C:\Users\locales\AppData
2015-06-23 02:28:57	--------	d-----w-	C:\Users\Apps\AppData
2015-06-02 03:12:20	--------	d-----r-	C:\Users\Simon Derbaix\Google Drive
2015-05-29 11:37:40	E0C5BA691EA4FC2C19BE688D84A96016	325245	----a-w-	C:\Users\Apps\local-files-desktop.spa

====== C: exe-files ==
2015-06-26 01:51:42	EED888394AC81A663F12C6EC43AB2838	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-06-26 01:51:42	4586CD8F1C929EF184098A22FE31A857	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-06-26 01:51:42	1E2E159D0621A466CFA7CE06E4DA9CAE	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-06-26 01:51:17	FF589C55E0CB6A0A1BD9570217BB1A42	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-06-26 01:51:17	C57CA849D13177E1F43CFEF51374F1EE	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-06-26 01:51:17	B66ED84383EA6C6218CA47BC49C15615	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-06-26 01:51:17	5DF39BE82C777B7EDAD34E3A7A7EADB7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-06-26 01:51:17	2682BB5D60C30DCB5A2BC414D01D6764	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-06-26 01:51:17	134D4B0A753808F8F8645DCF3FA00173	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
2015-06-26 01:51:15	A1A1BC927541346D840BBB511F557848	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-06-26 01:51:13	FD8978875A992C876AF430B35DF9CFA7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-06-26 01:51:13	1F29E31C6B9A487FF32006C4E223BA4F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-06-26 01:51:12	D3DA34876B7F6D06D26D29CA77BD25A2	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-06-26 01:51:12	98903A3C01AA820E7FCC19A0A60126C0	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-06-26 01:51:12	4EA6A4DD2EB584C4C2BF39A9A7D0D580	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-06-26 01:51:12	3C0A1F0D13A8998E9A1825A853FF3B39	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-06-26 01:51:11	CF683290B3369A1491A5B8B4D19F79B3	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-06-26 01:51:11	1CCD26E1E9FC582ABAA5D5FD1FA47A6B	76384	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-06-26 01:51:05	F16868F20E4701142FAEF8C9FA847D27	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-06-26 01:51:05	EF66D96BC42BCE52686A7635AB11D8DD	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-06-26 01:51:05	EED888394AC81A663F12C6EC43AB2838	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-06-26 01:51:05	88FFC43B0E3BB3E30F70CB7B08D499B4	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-06-26 01:51:05	4586CD8F1C929EF184098A22FE31A857	271968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-06-26 01:51:05	1E2E159D0621A466CFA7CE06E4DA9CAE	190560	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-06-26 01:24:22	EAD05FEECC6FF24284970827330BC564	561248	----a-w-	C:\Users\Simon Derbaix\Downloads\jxpiinstall (1).exe
2015-06-25 06:52:51	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Simon Derbaix\Downloads\RSITx64.exe
2015-06-24 01:10:33	0E99A44322AD5BDE7DC9D79D8CB88C9C	42091600	----a-w-	C:\Program Files (x86)\Google\Update\Install\{778A9FB8-1694-4A77-9909-7C826C46B995}\43.0.2357.130_chrome_installer.exe
2015-06-24 01:10:32	0E99A44322AD5BDE7DC9D79D8CB88C9C	42091600	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_chrome_installer.exe
2015-06-23 15:49:08	C29E128D08F09C9AEAABA0B602165262	1063504	----a-w-	C:\Program Files (x86)\Google\Update\Install\{5EDE87F3-F909-44ED-BAE7-4038AA3C35AD}\43.0.2357.130_43.0.2357.124_chrome_updater.exe
2015-06-23 15:49:08	C29E128D08F09C9AEAABA0B602165262	1063504	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe
2015-06-23 15:04:32	A81FE667B1D54AE4FC206E75148D5A23	39592	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe
2015-06-23 15:04:32	1D554BCF01FBEEEE17409AB2FCBE3746	1130712	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe
2015-06-23 15:04:32	183595C2E322C6C5DD5B0901C7EC7B5C	550584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe
2015-06-23 15:04:31	F1505640AF23DE80AA59DFDBB5A34A2C	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe
2015-06-23 15:04:16	87C9DE83FF6A82046316F4DB3371B4E1	842448	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe
2015-06-23 15:04:16	3F572D876DEE2EF442516EC2884D0F42	474344	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe
2015-06-23 15:04:16	3B5E891A7168A53B466AD992D18A0055	84208	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\csisyncclient.exe
2015-06-23 15:04:15	DD25531CC190DB7A8B1DC6A29803107C	480984	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe
2015-06-23 15:04:15	BB8A74A997E38BE89AC895E95F477A49	5782232	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe
2015-06-23 15:04:15	4BFB2F33312FD32F1E03515FB826644E	7902936	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe
2015-06-23 15:04:11	F53E6C254195A7B53A8A3EEA80737765	18990248	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\outlook.exe
2015-06-23 15:04:09	EC57EBE6E796D7928233795758AEB691	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe
2015-06-23 15:04:09	4C84197C6C28D02A9050839FA650E32F	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\winword.exe
2015-06-23 15:04:07	C7DD31962F49D22326696661DA3E56F9	873648	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2015-06-23 15:04:04	365A60082D6494279C0586332FD8EB43	9602736	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\pdfreflow.exe
2015-06-23 15:04:03	8E385D9606A6FF02655B7E35C04BC701	1763496	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2015-06-23 15:04:01	D13F944D6F45408975F5D6A58D10B6D3	498880	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msouc.exe
2015-06-23 15:04:01	C2E2DD4901EFE33DE2892FD47D656540	700064	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msqry32.exe
2015-06-23 15:04:01	ADEAF00EF3E4EF11868F1239E7C43924	627920	----a-w-	C:\Program Files\Microsoft Office 15\root\Integration\integrator.exe
2015-06-23 15:04:01	8AF53E766CE4B8F2498ADCC842E86AD9	10759848	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\mspub.exe
2015-06-23 15:04:00	CE81AEA3F08BEDA12F294AB0627E5098	161480	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msosrec.exe
2015-06-23 15:04:00	7DAC02A9B9348821EE9A5002E1EB66CE	449216	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
2015-06-23 15:03:55	2BDD7B23D8652F79AC630D16E3020319	21939360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2015-06-23 15:03:54	30483C7A3B3CCD57AB9DCC5F76F01885	4522176	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\graph.exe
2015-06-23 15:03:54	08DED152EED1B9C4A842A342EDE49461	15519400	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\msaccess.exe
2015-06-23 15:03:53	DA8C1B64726C8F06FC660E3F2AE2522A	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe
2015-06-23 15:03:53	9B73083153DD16B88FAFB222136AD997	25714848	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excel.exe
2015-06-23 15:03:52	EDF8F04E9A17444752A11D844E2D7DCD	229056	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\clview.exe
2015-06-23 15:03:52	3A0AE179EE7B9C1610271A2A8F7C1AB1	990376	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\firstrun.exe
2015-06-21 10:00:43	57DD7CD54025791E807149D4C9F99EFA	19213312	----a-w-	C:\Users\Simon Derbaix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\43DHPXYQ\SkypeSetupFull[1].exe
=== C: other files ==
2015-06-26 01:51:17	5DDC15149346900F16B38C65502BACA9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip
2015-06-24 10:35:03	F671CF4E7BBC5F2B52915CD149077C7A	18438451	----a-w-	C:\Users\Simon Derbaix\Downloads\RT-N16_3.0.0.4_378.50_0.zip
2015-06-23 04:48:09	168A7175BD932E4B55A7787C1305430B	1449441	----a-w-	C:\Users\Simon Derbaix\Downloads\SolarWinds-TFTP-Server.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1257701118-990318771-1584906478-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Astrill"="C:\Program Files (x86)\Astrill\astrill.exe /autostart"
"Google Update"="C:\Users\Simon Derbaix\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify Web Helper"="C:\Users\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Spotify.exe -autostart -minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Astrill"="C:\Program Files (x86)\Astrill\astrill.exe /autostart"
"Google Update"="C:\Users\Simon Derbaix\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Spotify Web Helper"="C:\Users\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Spotify.exe -autostart -minimized"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="AirfoilInjector_3_7.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeBridge]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeBridge"
"hkey"="HKCU"
"command"=""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCEPServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCEPServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CEPServiceManager4\\CEPServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS6ServiceManager]
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS6ServiceManager\\CS6ServiceManager.exe\" -launchedbylogin"
"hkey"="HKLM"
"item"="AdobeCS6ServiceManager"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AirPort Base Station Agent]
"command"="\"C:\\Program Files (x86)\\AirPort\\APAgent.exe\""
"hkey"="HKLM"
"item"="AirPort Base Station Agent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BTMTrayAgent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BTMTrayAgent"
"hkey"="HKLM"
"command"="rundll32.exe \"C:\\Program Files (x86)\\Intel\\Bluetooth\\btmshell.dll\",TrayApp"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Connectify-Installer]
"command"="\"C:\\Users\\SIMOND~1\\AppData\\Local\\Temp\\Connectify\\Connectify2015Installer_cnet_.exe\" /NOLIC=1"
"hkey"="HKCU"
"item"="Connectify-Installer"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Simon Derbaix\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPUsageTrackingLEDM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPUsageTrackingLEDM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\HP\\HP UT LEDM\\bin\\hppusg.exe\" \"C:\\Program Files (x86)\\HP\\HP UT LEDM\\\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Jamcast System Tray Utility]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Jamcast System Tray Utility"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Jamcast\\jctray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPDLR.exe]
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\External\\FirmwareUpdate\\KiesPDLR.exe Run"
"hkey"="HKCU"
"item"="KiesPDLR.exe"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesPreload]
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\Kies.exe /preload"
"hkey"="HKCU"
"item"="KiesPreload"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent]
"command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe"
"hkey"="HKLM"
"item"="KiesTrayAgent"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OnAir Player]
"command"="C:\\Program Files\\OnAir Player\\OnAir Player.exe -noUI"
"hkey"="HKLM"
"item"="OnAir Player"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Simon Derbaix\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StrongVPN Client]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StrongVPN Client"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\StrongVPN\\StrongDial.exe\" --silent"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeFlashPlayerUpdateSvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AMPPALR3]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth Device Monitor]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth Media Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Bluetooth OBEX Service]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BTHSSecurityMgr]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\mysql]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SkypeUpdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\SWUpdateService]


==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/04/2015 22:07]
C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1257701118-990318771-1584906478-1000Core.job --a------ [Undetermined Task]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-1257701118-990318771-1584906478-1000UA.job --a------ [Undetermined Task]
C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ [Undetermined Task]
C:\windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\Adobe Flash Player Updater" [C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\Samsung\Easy Settings\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\EasySupportCenter" ["%ProgramFiles%\Samsung\Easy Support Center\SamoyedAgent.exe"]
"C:\windows\SysNative\tasks\FFSRConfigurer" ["C:\Program Files (x86)\Samsung\Fast Flash Sleep Resume\FFSRConfigurer.exe"]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1257701118-990318771-1584906478-1000Core" [C:\Users\Simon Derbaix\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1257701118-990318771-1584906478-1000UA" [C:\Users\Simon Derbaix\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\Hybrid" [C:\IORRT\IORRT.bat]
"C:\windows\SysNative\tasks\IORRT" [C:\IORRT\IORRT.bat]
"C:\windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["%programfiles(x86)%\Samsung\Easy Settings\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\PC Shutdown" [C:\Windows\System32\shutdown.exe]
"C:\windows\SysNative\tasks\SAgent" ["%ProgramFiles%\Samsung\S Agent\CommonAgent.exe"]
"C:\windows\SysNative\tasks\SCCSpeedBoot" ["%programfiles(x86)%\Samsung\Easy Settings\SCCSpeedBoot.exe"]
"C:\windows\SysNative\tasks\SmartSetting" ["%programfiles(x86)%\Samsung\Easy Settings\SmartSetting.exe"]
"C:\windows\SysNative\tasks\WLANStartup" ["%programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe"]
"C:\windows\SysNative\tasks\{712E49B6-9D10-4A05-AAAD-E5B3550005AB}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\SIMOND~1\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default
user_pref("browser.startup.homepage", "about:home");

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\SIMOND~1\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default
user_pref("network.proxy.http", "127.0.0.1");
user_pref("network.proxy.http_port", 3213);
user_pref("network.proxy.ssl", "127.0.0.1");
user_pref("network.proxy.ssl_port", 3213);
user_pref("network.proxy.type", 1);

==== Firefox Extensions ======================

ProfilePath: C:\Users\SIMOND~1\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default
- LastPass - C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default\extensions\support@lastpass.com
- Astrill Proxy Switcher - C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default\extensions\addon@astrill.com
- Astrill Proxy Switcher - %ProfilePath%\extensions\addon@astrill.com
- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org
- LastPass - %ProfilePath%\extensions\support@lastpass.com
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\Firefox\Profiles\r920uggt.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
582BC5D5274529B10F66A3E9EEC20013	- C:\Users\Simon Derbaix\AppData\Roaming\BaiduMiniDownloader\1.0.0.5\npBDDLPlug.dll -	????????
9AE02005247DA91AB1743F5208DBEF76	- C:\windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll -	Shockwave Flash
08ACECEB47FAF053C468D8AFE44709AD	- C:\Users\Simon Derbaix\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll -	Google Update
BC2DD06851F1106271F313E758205DA4	- C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\plugins\npatgpc.dll -	ActiveTouch General Plugin Container
49D429EBF5305FC9ADD7545B7C914333	- C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
6BEAD7859E8A087BE04556AB5A78855C	- C:\Users\Simon Derbaix\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer


==== Chromium Look ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Docs - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Woodark - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\daiallmdmonifegjibcalpdgnjaomkme
ROCKI App for Chrome Beta - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmcmplhaibcgfglgffciopppohhfdkla
Tag Assistant - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk
Google Wallet - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:3213;https=127.0.0.1:3213"
"ProxyEnable"=dword:00000001

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Connectify-Installer deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jamcast System Tray Utility deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPDLR.exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OnAir Player deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StrongVPN Client deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Simon Derbaix\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Simon Derbaix\AppData\Local\Mozilla\Firefox\Profiles\r920uggt.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Simon Derbaix\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=54 folders=41 119959727 bytes)

==== Empty Temp Folders ======================

C:\Users\Apps\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\locales\AppData\Local\temp emptied successfully
C:\Users\pdf.dll\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\Simon Derbaix\AppData\Local\Temp will be emptied at reboot
C:\Users\pdf.dll\AppData\Local\temp emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\SIMOND~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Simon Derbaix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6JJZLCZ\static.ning.com"  not found
"C:\Users\Simon Derbaix\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\Q6JJZLCZ\vodcdn.video.taobao.com"  not found

==== EOF on vr 26/06/2015 at 13:56:38,87 ======================