
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by admin on zo 10/01/2016 at  2:53:21,10.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\admin\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

10/01/2016 2:56:17 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\Program Files\log deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\admin\AppData\Local\ActiveSync deleted successfully
C:\Users\admin\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\admin\AppData\Local\EmieSiteList deleted successfully
C:\Users\admin\AppData\Local\EmieUserList deleted successfully
C:\Users\admin\AppData\Local\MediaShow deleted successfully
C:\Users\admin\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-458130901-3640470560-3070456815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-458130901-3640470560-3070456815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Users\admin\AppData\Roaming\SolidDocuments deleted
C:\Users\admin\AppData\Roaming\DVDVideoSoft deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_date_time-vc120-mt-1_56.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_filesystem-vc120-mt-1_56.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\boost_system-vc120-mt-1_56.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\collector.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\dlmgr.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libcurl.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\libeay32.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcp120.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcr100.dll" not deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcr120.dll" not deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\ssleay32.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\stat.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\tier0.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\updhelperlib.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\zlib1.dll" deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft" not deleted
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib" not deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\admin\AppData\Local\Temp ====
====== Java Cache =====
2016-01-08 16:27:54	4F85459CEC4F78A3987FFFD5B6A816C5	605	----a-w-	C:\Users\admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-35709383
2016-01-08 16:27:54	B28EA4E67BA8FCDE01A119F7AE32671A	428	----a-w-	C:\Users\admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\37\52c00ce5-78e96a5ccf5c5b6a29dcdffe1d16c989d010904d54059e7b28aad8dacf6a56c9-6.0.lap
2016-01-08 16:27:54	C9588417B10E1D770E3E5DA1F3510AE5	8425	----a-w-	C:\Users\admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\45\298d42d-5250ad1a
2016-01-08 16:27:58	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\admin\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\46\c8dc66e-744b90f8
====== C:\WINDOWS\SysWOW64 =====
2016-01-08 16:26:31	895ABED2A7C126EFA4D61AF24B0D5AE4	97888	----a-w-	C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-01-09 13:14:14	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2016-01-08 16:26:45	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-12-14 17:50:43	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\admin\AppData\Roaming ======
2015-12-14 17:50:51	--------	d-----w-	C:\Users\admin\AppData\Local\Mozilla
====== C:\Users\admin ======
2016-01-09 13:13:05	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\admin\Downloads\RSITx64.exe
2016-01-08 16:32:03	--------	d-----w-	C:\ProgramData\regid.1986-12.com.adobe
2016-01-08 16:26:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-01-08 16:22:29	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\admin\Downloads\JavaSetup8u66.exe
2016-01-08 16:09:29	FCD4D6CA9EB8722BDEA937380AC9987F	2094184	----a-w-	C:\Users\admin\Downloads\acrobatproDC_00000000000000000000000413(1).exe
2016-01-08 16:07:08	FCD4D6CA9EB8722BDEA937380AC9987F	2094184	----a-w-	C:\Users\admin\Downloads\acrobatproDC_00000000000000000000000413.exe

====== C: exe-files ==
2016-01-10 01:55:00	2E18E815C07D5BB653511880FECCE813	43901520	----a-w-	C:\Program Files (x86)\Google\Update\Install\{83AB803B-01A2-4E62-B71D-1500001BE01D}\47.0.2526.106_chrome_installer.exe
2016-01-09 13:14:16	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\admin.exe
2016-01-09 13:13:05	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\admin\Downloads\RSITx64.exe
2016-01-08 16:26:31	F003BBCB09CACF8A9F4CE0C67A2D6E63	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2016-01-08 16:26:31	A9E84AD3536425BC68263B723C2442E4	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2016-01-08 16:26:31	7BDD7F1BC2A20971DEE17B6920D61BBC	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2016-01-08 16:26:25	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javacpl.exe
2016-01-08 16:26:25	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaws.exe
2016-01-08 16:26:25	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jabswitch.exe
2016-01-08 16:26:25	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\servertool.exe
2016-01-08 16:26:25	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jp2launcher.exe
2016-01-08 16:26:25	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ssvagent.exe
2016-01-08 16:26:25	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java.exe
2016-01-08 16:26:25	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\jjs.exe
2016-01-08 16:26:25	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\klist.exe
2016-01-08 16:26:25	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\javaw.exe
2016-01-08 16:26:25	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmiregistry.exe
2016-01-08 16:26:25	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\kinit.exe
2016-01-08 16:26:25	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\orbd.exe
2016-01-08 16:26:25	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\pack200.exe
2016-01-08 16:26:25	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\keytool.exe
2016-01-08 16:26:25	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\ktab.exe
2016-01-08 16:26:25	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\policytool.exe
2016-01-08 16:26:25	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\rmid.exe
2016-01-08 16:26:25	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\tnameserv.exe
2016-01-08 16:26:25	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\unpack200.exe
2016-01-08 16:26:25	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\bin\java-rmi.exe
2016-01-08 16:22:29	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\admin\Downloads\JavaSetup8u66.exe
2016-01-08 16:09:29	FCD4D6CA9EB8722BDEA937380AC9987F	2094184	----a-w-	C:\Users\admin\Downloads\acrobatproDC_00000000000000000000000413(1).exe
2016-01-08 16:07:08	FCD4D6CA9EB8722BDEA937380AC9987F	2094184	----a-w-	C:\Users\admin\Downloads\acrobatproDC_00000000000000000000000413.exe
2016-01-07 09:11:41	98DA127D0AB8B6CB5773546AF60D9217	146888	----a-w-	C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice_tmp.exe
2016-01-06 18:47:19	7B9BECE52B9A060B7BEAC6DA1E031086	601768	----a-w-	C:\Users\admin\AppData\Local\NVIDIA\NvBackend\Packages\000084b4\CoProc update.20313796.exe
=== C: other files ==
2016-01-08 16:26:25	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_66\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-458130901-3640470560-3070456815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"OneDrive"="C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"

[HKEY_USERS\S-1-5-21-458130901-3640470560-3070456815-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"WinampAgent"="C:\Program Files (x86)\Winamp\winampa.exe"
"HPMessageService"="C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe"
"AccelerometerSysTrayApplet"="C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Power2GoExpress8"="C:\Program Files (x86)\CyberLink\Power2Go8\Power2GoExpress8.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"OneDrive"="C:\Users\admin\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Adobe Acrobat Synchronizer"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\admin\AppData\Local\Microsoft\OneDrive\17.3.6201.1019_1\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/05/2015 17:23]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/05/2015 17:23]
C:\WINDOWS\tasks\HPCeeScheduleForadmin.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16/06/2015 09:51]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\DropboxOEM" ["C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe"]
"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForadmin" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\Start OPBHOBroker" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe"]
"C:\WINDOWS\SysNative\tasks\Start OPBHOBrokerDesktop" ["C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe"]
"C:\WINDOWS\SysNative\tasks\Start SimplePass" ["C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe"]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{92E87CB7-E594-4B04-B0E8-8AD4D204A41B}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" ["C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe"]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater - Resources" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Norton 360\Norton Autofix" [C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\22.5.5.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5eghqzl7.default
user_pref("browser.startup.homepage", "http://www.nieuwsblad.be/");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_22.5.0.124\coFFAddon" [16/12/2015 09:37]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn" [08/01/2016 17:30]

==== Firefox Extensions ======================

ProfilePath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5eghqzl7.default
- Facebook Disconnect - %ProfilePath%\extensions\jid0-dBgF7UkIiOsWqvBng4hYu@jetpack.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\admin\AppData\Roaming\Mozilla\Firefox\Profiles\5eghqzl7.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
0C0C5C207121C7A78414A8250E8E099A	- C:\windows\SysWOW64\Adobe\Director\np32dsw_1204144.dll -	Shockwave for Director / Shockwave for Director
70858ED7836E5C849D33576A84DC8CCF	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll -	Shockwave Flash


==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== C:\zoek_backup content ======================

C:\zoek_backup (files=158 folders=41 128059429 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcr100.dll"  not found
"C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\msvcr120.dll"  not found
"C:\Program Files (x86)\Common Files\DVDVideoSoft"  not found

==== EOF on zo 10/01/2016 at  3:05:19,92 ======================