
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Gebruiker on do 01/10/2015 at 21:04:11,12.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-09-30-152127.log	5412 bytes

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\DropboxCopyHook {FBC9D74C-AF55-4309-9FB2-C426E071637F} C:\Users\Gebruiker\AppData\Roaming\Dropbox\bin\DropboxExt64.27.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~3\CanonEPP deleted successfully
C:\PROGRA~3\CanonIJEPPEX2 deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG Web TuneUp deleted
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} deleted
C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} deleted
C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default\extensions\avg@toolbar deleted
C:\Users\Gebruiker\AppData\Local\AVG Web TuneUp deleted
C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\wtu-secure-search.xml deleted
C:\PROGRA~2\FreeRIP3 deleted
C:\PROGRA~2\COMMON~1\AVG Secure Search deleted
C:\Users\Gebruiker\AppData\Roaming\pdfforge deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\FreeRIP deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FreeRIP3 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Web TuneUp deleted
C:\windows\SysNative\tasks\RunAsStdUser Task deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\GroupPolicy\Machine deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default\searchplugins\avg-secure-search.xml deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\GEBRUI~1\AppData\Local\Temp ====
2015-10-01 18:50:35	78F768C4E0BD116AAF5EE41D760F899D	71168	----a-w-	C:\Users\Gebruiker\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmps1ohhm.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-09-10 16:35:36	E4DC0909B5EACB5BF50F6252095BCFF2	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-09-10 16:35:36	A405647429DE231CD954D93F792CFBA2	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-09-10 16:35:34	62CEA59FF56B66154E08BD51D87392C2	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-09-10 16:35:34	43E1F4B0EFDC244D2A83995CCD7846F7	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-09-10 16:35:33	7D65B5E9573A26C204AA547457DBF544	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-09-09 13:26:21	A0711D119BA4B48A1470C768D301013E	61440	----a-w-	C:\Windows\Sysnative\drivers\appid.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-09-25 20:02:37	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-09-27 18:52:13	--------	d-----w-	C:\PROGRA~2\ESET
2015-09-03 18:22:37	--------	d-----w-	C:\PROGRA~2\Knooppunt Kiosk
2015-09-02 18:33:21	--------	d-----w-	C:\PROGRA~2\PLAYLANE
======= C: =====
====== C:\Users\Gebruiker\AppData\Roaming ======
2015-09-05 12:02:51	--------	d-----w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-09-02 18:36:09	--------	d-----w-	C:\Users\Gebruiker\AppData\Local\PLAYLANE
====== C:\Users\Gebruiker ======
2015-09-25 19:35:17	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64.exe
2015-09-02 18:36:07	--------	d-----w-	C:\ProgramData\IsolatedStorage
2015-09-02 18:33:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PLAYLANE
2015-09-02 18:33:21	--------	d-----w-	C:\ProgramData\iumi

====== C: exe-files ==
2015-09-27 18:36:13	4719799B56E0B4BEE6C62552FC7FC7E0	936016	----a-w-	C:\Program Files (x86)\Google\Update\Install\{F51D7C1B-C9BE-46EB-A4E7-C1F2325B3207}\45.0.2454.101_45.0.2454.99_chrome_updater.exe
2015-09-27 18:36:13	4719799B56E0B4BEE6C62552FC7FC7E0	936016	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\45.0.2454.101\45.0.2454.101_45.0.2454.99_chrome_updater.exe
2015-09-25 20:02:37	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Gebruiker.exe
2015-09-25 19:35:17	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Gebruiker\Downloads\RSITx64.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"

[HKEY_USERS\S-1-5-21-2627617279-2018821698-53219165-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Dropbox Update"="C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon"
"IJNetworkScanUtility"="C:\Program Files (x86)\Canon\Canon IJ Network Scan Utility\CNMNSUT.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"OneDrive"="C:\Users\Gebruiker\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Dropbox Update"="C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"PAC7302_Monitor"="C:\Windows\PixArt\PAC7302\Monitor.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeCS5.5ServiceManager]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeCS5.5ServiceManager"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\CS5.5ServiceManager\\CS5.5ServiceManager.exe\" -launchedbylogin"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GarminExpressTrayApp"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe\" ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NBKeyScan"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\sbsdk-server]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="sbsdk-server"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\sbsdk-server\\NodeLauncher.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMART Board Service]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMART Board Service"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\SMARTBoardService.exe\" -d"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMART Floating Tools]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMART Floating Tools"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\FloatingTools.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMART Ink]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMART Ink"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\SMARTInk.exe\" -a"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMART Tray Tools]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMART Tray Tools"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\SMARTTrayIcon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SMARTNotification]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SMARTNotification"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\SMART Technologies\\Education Software\\SMARTNotification.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SwitchBoard]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SwitchBoard"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Common Files\\Adobe\\SwitchBoard\\SwitchBoard.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TomTomHOME.exe"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\USBestCR]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="USBestCR"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Sitecom MD-020 SIM Editor\\iconcs3096058.exe RunFromReg"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^eInstruction Device Manager.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\eInstruction Device Manager.lnk"
"backup"="C:\\Windows\\pss\\eInstruction Device Manager.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\EINSTR~1\\DEVICE~1\\Launch.exe "
"item"="eInstruction Device Manager"


==== Startup Folders ======================

2015-05-12 03:55:01	1151	----a-w-	C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2627617279-2018821698-53219165-1000Core.job --a------ C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19/06/2015 05:53]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2627617279-2018821698-53219165-1000UA.job --a------ C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe [19/06/2015 05:53]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/08/2015 19:24]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/08/2015 19:24]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Reader and Acrobat Manager" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AutoKMS" [C:\Windows\AutoKMS\AutoKMS.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2627617279-2018821698-53219165-1000Core" [C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2627617279-2018821698-53219165-1000UA" [C:\Users\Gebruiker\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Java(TM) Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F1BDB083-27F2-4693-8B6B-785B2E27C25F}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-06-19 03:53:44	--------	d-----w-	C:\PROGRA~3\Dropbox
2015-08-06 12:16:01	--------	d-----w-	C:\PROGRA~3\Skype
2015-08-26 14:48:33	--------	d-----w-	C:\PROGRA~3\Apple Computer
2015-09-02 18:33:21	--------	d-----w-	C:\PROGRA~3\iumi
2015-09-02 18:36:07	--------	d-----w-	C:\PROGRA~3\IsolatedStorage

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default
user_pref("browser.startup.homepage", "www.google.com");
user_pref("browser.search.selectedEngine", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default
- Undetermined - C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
- Undetermined - %ProfilePath%\extensions\info@youtube-mp3.org.xpi
- Secure Login - %ProfilePath%\extensions\secureLogin@blueimp.net.xpi
- PDF Download - %ProfilePath%\extensions\{37E4D8EA-8BDA-4831-8EA1-89053939A250}.xpi

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Thunderbird\Profiles\ad3xf8j8.default
- Lightning - %ProfilePath%\extensions\{e2fda1a4-762b-4020-b5ad-a41df1933103}
- ImportExportTools - %ProfilePath%\extensions\{3ed8cc52-86fc-4613-9026-c1ef969da4c3}.xpi
- Recover deleted messages - %ProfilePath%\extensions\{8380f54c-9b7a-4107-b703-9b938e30fb54}.xpi

ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\TomTom\HOME\Profiles\awpnf1it.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Gebruiker\AppData\Roaming\Mozilla\Firefox\Profiles\zhtlbbbg.default
1A62BB86D17B8DC0D4339BACC8D60635	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_185.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101


Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com/?cid={AF2C1837-F364-4F45-B7F9-8ED917FB7EDC}&mid=97306551977447cdb78281ac0f2e4528-0d34a94dbd0c5a9ca988dc78df6e3afa713d3d45&lang=nl&ds=AVG&coid=avgtbavg&cmpid=0715av&pr=fr&d=2015-07-16 14:42:36&v=4.1.5.143&pid=wtu&sg=&sap=hp"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{95B7759C-8C7F-4BF1-B163-73684A933233}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG Web TuneUp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0 deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS5.5ServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GarminExpressTrayApp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SwitchBoard deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\USBestCR deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Gebruiker\AppData\Local\Mozilla\Firefox\Profiles\zhtlbbbg.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=696 folders=220 349034612 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 01/10/2015 at 21:39:42,55 ======================