
Zoek.exe v5.0.0.1 Updated 28-09-2015
Tool run by veerle on wo 30-09-2015 at 15:42:09,82.
Microsoft Windows 10 Home 10.0.10240  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\veerle\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

30-9-2015 15:46:55 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\MyHook {CAE41CE0-1855-4985-A332-7D83704A45B6} undetermined path
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Nokia {416651E4-9C3C-11D9-8BDE-F66BAD1E3F3A} C:\Program Files (x86)\Nokia\Nokia PC Suite 7\PhoneBrowser64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\Program Files\log deleted successfully
C:\PROGRA~3\4Sync deleted successfully
C:\PROGRA~3\Big Fish Games deleted successfully
C:\PROGRA~3\Canon IJ Network Tool deleted successfully
C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\Evernote deleted successfully
C:\Users\Default\AppData\LocalGoogle deleted successfully
C:\Users\veerle\AppData\LocalGoogle deleted successfully
C:\Users\veerle\AppData\Local\avgchrome deleted successfully
C:\Users\veerle\AppData\Local\cache deleted successfully
C:\Users\veerle\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\veerle\AppData\Local\EmieSiteList deleted successfully
C:\Users\veerle\AppData\Local\EmieUserList deleted successfully
C:\Users\veerle\AppData\Local\genienext deleted successfully
C:\Users\veerle\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2552160748-1258426742-3539396727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-2552160748-1258426742-3539396727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{6A060448-60F9-11D5-A6CD-0002B31F7455} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6A060448-60F9-11D5-A6CD-0002B31F7455} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6A060448-60F9-11D5-A6CD-0002B31F7455} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^veerle^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^tcbhn.lnk] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Batch Command(s) Run By Tool======================

C:\WINDOWS\system32\appdata deleted

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\MyPC Backup not found
"C:\$Recycle.Bin\S-1-5-18\$4524a55ad1650b1edba09fa95b9478a3" not found
C:\PROGRA~2\Raptr deleted
C:\Users\veerle\AppData\Roaming\QuickScan deleted
C:\WINDOWS\syswow64\appdata deleted
C:\PROGRA~3\QuickSet deleted
C:\Users\veerle\daemonprocess.txt deleted
C:\Users\veerle\.android deleted
C:\PROGRA~2\Mozilla Firefox\user.js deleted
C:\PROGRA~2\ParetoLogic deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~3\6957293.reg deleted
C:\PROGRA~3\9464015.reg deleted
C:\PROGRA~3\6957293.bat deleted
C:\PROGRA~3\9464015.bat deleted
C:\PROGRA~3\SpeedyPC Software deleted
C:\PROGRA~3\ParetoLogic deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\veerle\AppData\Local\{BFFB4DAD-9151-42DB-86FA-4F90FA6F699F} deleted
C:\Users\veerle\AppData\Local\Software deleted
C:\Users\veerle\AppData\Local\CrashRpt deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\veerle\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk.disabled deleted
C:\Users\Public\Documents\iwin deleted
C:\WINDOWS\wininit.ini deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
"C:\Windows\Installer\132012.msi" deleted
"C:\$Recycle.Bin\S-1-5-21-2552160748-1258426742-3539396727-1000\$4524a55ad1650b1edba09fa95b9478a3" deleted
"C:\Users\veerle\AppData\Roaming\Namco" deleted
"C:\$Recycle.Bin\S-1-5-21-2552160748-1258426742-3539396727-1000\$4524a55ad1650b1edba09fa95b9478a3\L" deleted
"C:\$Recycle.Bin\S-1-5-21-2552160748-1258426742-3539396727-1000\$4524a55ad1650b1edba09fa95b9478a3\U" deleted

==== Registry Search Results for "$4524a55ad1650b1edba09fa95b9478a3" ======================

No instances of string "$4524a55ad1650b1edba09fa95b9478a3" found.

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-09-26 13:04:42	F0ECBDA4D2FD129FF15C299AF8462FC8	43112	----a-w-	C:\WINDOWS\avastSS.scr
====== C:\Users\veerle\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-09-30 13:36:41	C05114B0BDF2470F7F4A1B2128540062	97888	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2015-09-30 13:30:03	FD209E7BB851E8049EA6317E5822F53C	16148	----a-w-	C:\WINDOWS\Sysnative\LAPTOP_veerle_HistoryPrediction.bin
2015-09-28 14:49:56	A4DC3DC657DE45A44255BD205C66E057	586484	----a-w-	C:\WINDOWS\Sysnative\.crusader
2015-09-26 13:04:54	36F4012709319D4D2F8858DAF2C3117E	378880	----a-w-	C:\WINDOWS\Sysnative\aswBoot.exe
====== C:\WINDOWS\Sysnative\drivers =====
2015-09-28 15:06:12	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\WINDOWS\Sysnative\drivers\MBAMSwissArmy.sys
2015-09-28 15:05:39	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\WINDOWS\Sysnative\drivers\mbamchameleon.sys
2015-09-28 15:05:38	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\WINDOWS\Sysnative\drivers\mbam.sys
2015-09-28 15:05:38	85CFE7AB85B43B6B7AC7961AA3983A9F	64216	----a-w-	C:\WINDOWS\Sysnative\drivers\mwac.sys
2015-09-26 13:34:16	799F70FF787F4F68E7EA02FEABAC9FAB	307352	----a-w-	C:\WINDOWS\Sysnative\drivers\tmcomm.sys
2015-09-13 13:51:45	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2015-09-02 13:09:05	C67A03F54A1EA683F4880A481EE5FF6C	373072	----a-w-	C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS
2015-09-02 12:42:14	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_User_WpdFs_01_11_00.Wdf
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-09-29 15:22:18	--------	d-----w-	C:\Program Files\trend micro
2015-09-28 14:35:20	--------	d-----w-	C:\Program Files\HitmanPro
======= C:\PROGRA~2 =====
2015-09-30 13:37:03	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-09-30 13:34:15	--------	d-----w-	C:\PROGRA~2\Java
======= C: =====
====== C:\Users\veerle\AppData\Roaming ======
2015-09-26 13:50:34	53DFD3028AD5C901671ADBC2692CE3AE	532579	----a-w-	C:\Users\veerle\AppData\Local\census.cache
2015-09-26 13:50:30	12D0195C49BC4C4304F7AC5650566150	236489	----a-w-	C:\Users\veerle\AppData\Local\ars.cache
2015-09-26 13:40:17	6C37C407B6530CFC042B7CAAD30C8761	10	----a-w-	C:\Users\veerle\AppData\Local\sponge.last.runtime.cache
2015-09-26 13:34:12	4308EBCA5C2297D3FB43D60D10500C6C	36	----a-w-	C:\Users\veerle\AppData\Local\housecall.guid.cache
2015-09-25 08:53:07	407AAB8C27CF7081EECE071C90A65B83	17	----a-w-	C:\Users\veerle\AppData\Local\resmon.resmoncfg
====== C:\Users\veerle ======
2015-09-30 13:36:46	--------	d-----w-	C:\Users\veerle\.oracle_jre_usage
2015-09-30 13:36:39	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-09-30 13:21:12	6E6FAC98AF9E39E9131A236F8DAC8C75	584288	----a-w-	C:\Users\veerle\Downloads\JavaSetup8u60.exe
2015-09-29 15:20:47	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\veerle\Downloads\RSITx64.exe
2015-09-28 15:03:55	D3B6FA14CB7E12B7FBC0B3AA26235898	24345872	----a-w-	C:\Users\veerle\Downloads\mbam-setup-2.1.8.1057 (1).exe
2015-09-28 14:35:20	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2015-09-28 14:33:49	--------	d-----w-	C:\ProgramData\HitmanPro
2015-09-28 14:32:13	7F4BDDD7B11B1FC220BCAFB079AB510C	11350472	----a-w-	C:\Users\veerle\Downloads\HitmanPro_x64.exe
2015-09-28 14:16:55	6F2AF2D358750FBACA1CBCF0E5D9745F	39480	----a-w-	C:\Users\veerle\Downloads\qsinstaller.exe
2015-09-27 09:14:11	BD4122D5B2830C8DB3992CB9D2920F0E	6677440	----a-w-	C:\Users\veerle\Downloads\ccsetup510.exe
2015-09-26 13:34:01	57E86EA1E1AEBF898496F38D10A57664	2494560	----a-w-	C:\Users\veerle\Downloads\HousecallLauncher64.exe
2015-09-26 12:31:16	72CB31555DA5996B6DC008F2F6BCBBFF	772016	----a-w-	C:\Users\veerle\Downloads\reimagerepair (1).exe
2015-09-26 11:44:12	72CB31555DA5996B6DC008F2F6BCBBFF	772016	----a-w-	C:\Users\veerle\Downloads\reimagerepair.exe
2015-09-02 12:38:02	--------	d-----w-	C:\ProgramData\ATI

====== C: exe-files ==
2015-09-30 13:36:41	BC949C957CEB9FAFDF0F3949CDDF1A72	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-09-30 13:36:41	7080B965215703EA1340C3C4903C7D73	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-09-30 13:36:41	5DC0128E8A2017E82289191820C736A5	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-09-30 13:36:26	D94C31E9C9C9A1273CC67DC6FFAF9984	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\policytool.exe
2015-09-30 13:36:26	BDFF5086FC1F20E631A070EEF43A7BEC	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\tnameserv.exe
2015-09-30 13:36:26	B804A4E31F4BAD4D5BA05FE684756BA2	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\servertool.exe
2015-09-30 13:36:26	7A0DE452F677EF2971C7B75B0267B6ED	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssvagent.exe
2015-09-30 13:36:26	6A5A2FDB6D09E02A3283C55237DA10F6	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\unpack200.exe
2015-09-30 13:36:26	606A24A64E164B345A79F8F22A5DAC6F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\pack200.exe
2015-09-30 13:36:26	5A503CFE5B553A9721A469FCC9CE8562	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmiregistry.exe
2015-09-30 13:36:26	3292748E640429C2682484BD23D43F6B	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\rmid.exe
2015-09-30 13:36:26	08427EADE480F21412696582170B1167	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\orbd.exe
2015-09-30 13:36:25	E408E46C5DD2D03A7474AA12BAABEFEE	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\klist.exe
2015-09-30 13:36:25	B9DE149653ED8B9C5C6CB68131AB66D2	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jjs.exe
2015-09-30 13:36:25	30387BE3E5D04FE969B731441C89D2D8	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\ktab.exe
2015-09-30 13:36:25	21B5D297A9191E4D833BB39456CEDAD0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\kinit.exe
2015-09-30 13:36:25	0FCF9F3D9518B90FB58CC950FA33998C	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2launcher.exe
2015-09-30 13:36:25	0F6E0DD1263ACB2A1AC559BB7742B54D	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\keytool.exe
2015-09-30 13:36:24	BC949C957CEB9FAFDF0F3949CDDF1A72	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\java.exe
2015-09-30 13:36:24	8C6BDB56CD4DEED1AF2790D37B54CFE9	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javacpl.exe
2015-09-30 13:36:24	86CC77A8189758834CF83F7F2FEA5162	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\java-rmi.exe
2015-09-30 13:36:24	7080B965215703EA1340C3C4903C7D73	274016	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaws.exe
2015-09-30 13:36:24	5DC0128E8A2017E82289191820C736A5	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\javaw.exe
2015-09-30 13:36:24	262BBCE84B9C8784CC5A5E1975898022	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\bin\jabswitch.exe
2015-09-30 12:41:36	008AE7228FAA525AF3970C441F4BD4DC	3016272	----a-w-	C:\Program Files (x86)\Google\Update\Install\{A89A8897-35BD-413A-851E-2893DE13CA29}\45.0.2454.101_45.0.2454.93_chrome_updater.exe
2015-09-30 12:41:36	008AE7228FAA525AF3970C441F4BD4DC	3016272	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.93_chrome_updater.exe
2015-09-29 15:22:20	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\veerle.exe
2015-09-28 14:35:20	7F4BDDD7B11B1FC220BCAFB079AB510C	11350472	----a-w-	C:\Program Files\HitmanPro\HitmanPro.exe
2015-09-28 14:35:20	0522F89DDD2BC98F8AC645370CAE5442	127752	----a-w-	C:\Program Files\HitmanPro\hmpsched.exe
2015-09-28 14:16:14	6F2AF2D358750FBACA1CBCF0E5D9745F	39480	----a-w-	C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.153_0\qsinstaller.exe
2015-09-28 14:16:14	52280685DFE27121B9B2B3AF3016F205	108032	----a-w-	C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie\0.9.9.153_0\chromeqs.exe
2015-09-25 07:42:46	CC0FADAC00B9964EA2B795B4FFFC508A	1105864	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_32479C6A88E27044.exe
2015-09-25 07:41:38	5E92E40FE9F9F45F4C01459CBCAAF597	532312	----a-w-	C:\Program Files (x86)\Google\Update\Install\{79DAC9B5-FB4E-4311-995D-AFF20685F967}\GoogleToolbarInstaller_updater_signed.exe
2015-09-25 07:41:38	5E92E40FE9F9F45F4C01459CBCAAF597	532312	----a-w-	C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6904.2028\GoogleToolbarInstaller_updater_signed.exe
=== C: other files ==
2015-09-30 13:36:27	4E221C69F3B103481534D1B6CB6A90DD	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_60\lib\deploy\ffjcext.zip
2015-09-28 15:06:12	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-09-28 15:05:39	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-09-28 15:05:38	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-09-28 15:05:38	85CFE7AB85B43B6B7AC7961AA3983A9F	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-09-27 09:19:05	76CDB2BAD9582D23C1F6F4D868218D6C	22	----a-w-	C:\Users\veerle\AppData\Local\Temp\avastBCLTMP\{390c7e87-153c-12db-2ea6-0bb301eb26e9}.zip
2015-09-26 13:34:16	799F70FF787F4F68E7EA02FEABAC9FAB	307352	----a-w-	C:\Windows\System32\drivers\tmcomm.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2552160748-1258426742-3539396727-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ANT Agent"="C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe"
"OneDrive"="C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ANT Agent"="C:\Program Files (x86)\Garmin\ANT Agent\ANT Agent.exe"
"OneDrive"="C:\Users\veerle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SpybotSD TeaTimer"="C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe"
"SpybotPostWindows10UpgradeReInstall"="C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"StartCCC"="\"C:\\Program Files (x86)\\ATI Technologies\\ATI.ACE\\Core-Static\\amd64\\CLIStart.exe\" MSRun"
"beid"="\"C:\\Program Files (x86)\\Belgium Identity Card\\beid35gui.exe\" /startup"
"SDTray"="\"C:\\Program Files (x86)\\Spybot - Search & Destroy 2\\SDTray.exe\""


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Norton Online Backup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Norton Online Backup"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Symantec\\Norton Online Backup\\NOBuClient.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\lfsvc]


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17-07-2015 18:56]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 14:31]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30-08-2015 14:31]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\WINDOWS\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\WINDOWS\SysNative\tasks\EgisUpdate" ["C:\Program Files\EgisTec IPS\EgisUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\PMMUpdate" ["C:\Program Files\EgisTec IPS\PMMUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{97256433-D119-4CA0-874A-F5446A4D9933}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\{02BCBEE6-7FBB-4E0A-B307-C4898D1B3756}" [C:\Users\veerle\FrostWire\Torrent Data\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games.exe]
"C:\WINDOWS\SysNative\tasks\{2944E033-045A-4078-8DC2-971452C612EA}" [C:\Users\veerle\FrostWire\Torrent Data\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games.exe]
"C:\WINDOWS\SysNative\tasks\{372B5501-4420-4DE6-9EAB-91672D5B282E}" [C:\Users\veerle\FrostWire\Torrent Data\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games\Mystery Murders - Jack the Ripper - FULL + Key - Foxy Games.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\WINDOWS\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-05-31 14:52:12	--------	d-----w-	C:\PROGRA~3\Oracle
2015-07-10 11:04:22	--------	d-----w-	C:\PROGRA~3\regid.1991-06.com.microsoft
2015-07-10 11:04:22	--------	d-----w-	C:\PROGRA~3\SoftwareDistribution
2015-07-10 11:04:22	--------	d-----w-	C:\PROGRA~3\USOPrivate
2015-07-10 11:04:22	--------	d-s---w-	C:\PROGRA~3\Microsoft
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Application Data
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Desktop
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Documents
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Start Menu
2015-07-10 12:21:38	--------	d-sh--we	C:\PROGRA~3\Templates
2015-07-10 12:22:45	--------	d-----w-	C:\PROGRA~3\USOShared
2015-08-07 14:04:26	--------	d-----w-	C:\PROGRA~3\AMD
2015-08-07 14:45:43	--------	d-sh--we	C:\PROGRA~3\Bureaublad
2015-08-07 14:45:43	--------	d-sh--we	C:\PROGRA~3\Documenten
2015-08-07 14:45:43	--------	d-sh--we	C:\PROGRA~3\Favorieten
2015-08-07 14:45:43	--------	d-sh--we	C:\PROGRA~3\Menu Start
2015-08-07 14:45:43	--------	d-sh--we	C:\PROGRA~3\Sjablonen
2015-08-07 14:55:44	--------	d-----w-	C:\PROGRA~3\Microsoft OneDrive
2015-08-14 12:53:03	--------	d-----w-	C:\PROGRA~3\Spybot - Search & Destroy
2015-09-02 12:38:02	--------	d-----w-	C:\PROGRA~3\ATI
2015-09-28 14:33:49	--------	d-----w-	C:\PROGRA~3\HitmanPro
2015-09-28 15:05:38	--------	d-----w-	C:\PROGRA~3\Malwarebytes

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [26-09-2015 15:04]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{B64D9B05-48E1-4CEB-BF58-E0643994E900}"="C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\ff" [19-12-2014 11:34]

==== Firefox Extensions ======================

ProfilePath: C:\Users\veerle\AppData\Roaming\Thunderbird\Profiles\y8o6geko.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- DVDVideoSoft YouTube MP3 and Video Download - %AppDir%\browser\extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900}.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 45.0.2454.93

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswwebrepchrome-sp.crx[04-08-2014 16:24]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07-04-2015 08:45]

Google Docs - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Docs Offline - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Bitdefender QuickScan - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie
Gmail - veerle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Search Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{0F269F2C-389E-470E-8C47-9C5B1C5483AA} Google  Url="https://www.google.com/search?q={searchTerms}"
{DC91AA90-8FEE-418E-B4BF-8F3D47755C39} (www.google.com) Google Url="https://www.google.com/search?q={searchTerms}"

==== Reset Google Chrome ======================

C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\37C4AD4FF62083D4C8B6580F91E3B465 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\c6daf508-fbf8-4b78-b32b-5ebb29fb5829 deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F4DA4C73-026F-4D38-8C6B-85F0193E4B56} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7130468A-F53F-4698-8C09-A339EA3B05E6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\37C4AD4FF62083D4C8B6580F91E3B465 deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\A8640317F35F8964C8903A93AEB3506E deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\veerle\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\veerle\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\veerle\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\veerle\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\veerle\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=164 folders=75 81381337 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\veerle\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 30-09-2015 at 16:31:44,18 ======================