
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Kees on do 21-01-2016 at 21:14:00,46.
Microsoft Windows 10 Pro 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kees\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2016-01-21-201057.log	27894 bytes

==== Empty Folders Check ======================

C:\Users\Kees\AppData\Local\ActiveSync deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"MbWzdFPAP-EXL600"=- 
"MalwareProtectionLive"=- 

==== Deleting Files \ Folders ======================

C:\windows\SysNative\FPAP-EXL600 not found
C:\Users\Kees\AppData\Local\MalwareProtectionLive not found
C:\ProgramData\YTD Video Downloader not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== D:\TEMP ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-01-13 10:20:36	21F36915236B7B1466632A0E66E11FBA	13018624	----a-w-	C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2016-01-13 10:20:34	AD780450655553B8A55B327E2051D42F	2180128	----a-w-	C:\Windows\SysWOW64\mfcore.dll
2016-01-13 10:20:31	FB105327027BFD691840687456690BBA	2796032	----a-w-	C:\Windows\SysWOW64\Windows.Media.dll
2016-01-13 10:20:31	268366A5E301A61823E95D14258EAC17	18677760	----a-w-	C:\Windows\SysWOW64\edgehtml.dll
2016-01-13 10:20:29	1F7C4CBC0C5788E3E91C08A3D32F7BB9	1118208	----a-w-	C:\Windows\SysWOW64\mfnetsrc.dll
2016-01-13 10:20:28	44CBF47585584D74C3D0C2320031E539	569856	----a-w-	C:\Windows\SysWOW64\qdvd.dll
2016-01-13 10:20:27	EF3D963CD01DBBBAA7394BB1A638A1BB	116728	----a-w-	C:\Windows\SysWOW64\mfps.dll
2016-01-13 10:20:27	AD509AC05E94B96768165FA744642AD9	703840	----a-w-	C:\Windows\SysWOW64\WWAHost.exe
2016-01-13 10:20:27	1661BE40F2ADC5FABF3EEA50655AEA42	5660160	----a-w-	C:\Windows\SysWOW64\Chakra.dll
2016-01-13 10:20:26	6E7BF3FB027D46B7DEFCFFBEF8C4511D	2026736	----a-w-	C:\Windows\SysWOW64\msxml6.dll
2016-01-13 10:20:25	0B7C5790893F3650162BED4BEA35D9A6	695752	----a-w-	C:\Windows\SysWOW64\WMADMOD.DLL
2016-01-13 10:20:25	0A8409C137B580A3EEB80E33649044F3	701384	----a-w-	C:\Windows\SysWOW64\mfnetcore.dll
2016-01-13 10:20:24	C8892F76C2D15CB1175E3F7A04D07904	890880	----a-w-	C:\Windows\SysWOW64\WMSPDMOD.DLL
2016-01-13 10:20:24	B582395C45BEE500A33FDD1F4D6F9F47	3667456	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2016-01-13 10:20:24	2B6C84CF3AE5E1CEE5C763115DAF5FB4	389120	----a-w-	C:\Windows\SysWOW64\schannel.dll
2016-01-13 10:20:23	5B4A72F4E698940C858F54BE2E1E21C1	1542656	----a-w-	C:\Windows\SysWOW64\quartz.dll
2016-01-13 10:20:23	53C56BBD38D51810E2221C3BDDA8D9C9	652312	----a-w-	C:\Windows\SysWOW64\evr.dll
2016-01-13 10:20:23	30440486E1D0DF0A4F6EFB714AB53898	709688	----a-w-	C:\Windows\SysWOW64\mfsvr.dll
2016-01-13 10:20:23	039AD4C3FDCF13CE3196C0258C24D0C7	1371792	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2016-01-13 10:20:22	7BA4B67BDA4222B55FA700E31B63F32D	208176	----a-w-	C:\Windows\SysWOW64\mftranscode.dll
2016-01-13 10:20:22	30C2700A2CDEF6042585C9296ABC9054	499432	----a-w-	C:\Windows\SysWOW64\advapi32.dll
2016-01-13 10:20:22	0B8C82099C16CC3AF45ABBE9BADC0B0C	498176	----a-w-	C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-01-13 10:20:21	6F1EEEF679AFA703C7C328BD87C5AB68	558592	----a-w-	C:\Windows\SysWOW64\uReFS.dll
2016-01-13 10:20:21	51B550A0FBFA6E04F8595ED0BD99C202	100160	----a-w-	C:\Windows\SysWOW64\MP3DMOD.DLL
2016-01-13 10:20:20	6CE4F5BC53932C885B2276C2B352065C	34816	----a-w-	C:\Windows\SysWOW64\usermgrcli.dll
2016-01-13 10:20:20	627DC6C1A8D38FFC64BF884C2DE90410	573440	----a-w-	C:\Windows\SysWOW64\qedit.dll
2016-01-13 10:20:20	626E736B04150EC59601D2D3EEFEDA6D	123392	----a-w-	C:\Windows\SysWOW64\ProximityCommon.dll
2016-01-13 10:20:19	94A99147A62D9830676B47D2BFA8FA46	125440	----a-w-	C:\Windows\SysWOW64\wshom.ocx
2016-01-13 10:20:19	64F7A89D4DBFA69D40C7C1FF5BB4457E	166912	----a-w-	C:\Windows\SysWOW64\UserMgrProxy.dll
2016-01-13 10:20:19	29EF8EC898FE21680DB5FB15DB513EC8	235008	----a-w-	C:\Windows\SysWOW64\ksproxy.ax
2016-01-13 10:20:19	132209E26098FCDDEC023B460E68EBEB	1070080	----a-w-	C:\Windows\SysWOW64\WMSPDMOE.DLL
2016-01-13 10:20:18	EDD93EDB3758471A4862D3CF70FE9007	503296	----a-w-	C:\Windows\SysWOW64\vbscript.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-01-13 10:20:36	7C60661994699C46DA511131697AE7F2	16986112	----a-w-	C:\Windows\Sysnative\Windows.UI.Xaml.dll
2016-01-13 10:20:33	C85084053134A7FDA9D3BCB174654A1C	22393856	----a-w-	C:\Windows\Sysnative\edgehtml.dll
2016-01-13 10:20:33	C5BEFFC71C5584000F7DD92BC2AE27DC	2544256	----a-w-	C:\Windows\Sysnative\mfcore.dll
2016-01-13 10:20:33	5D0AADA2231BBC252D71D65CA98D33CE	3428864	----a-w-	C:\Windows\Sysnative\Windows.Media.dll
2016-01-13 10:20:29	5CB2CB9410BD09BE144D64BF447D6582	1299504	----a-w-	C:\Windows\Sysnative\mfnetsrc.dll
2016-01-13 10:20:29	43807C26BF18DA3EDFB5F4FFFD92BCD8	7477600	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2016-01-13 10:20:28	903F7858A69A95836B0C1D36CBEC5E5B	387072	----a-w-	C:\Windows\Sysnative\qdvd.dll
2016-01-13 10:20:28	602E23B67E82266E1D1B1D0E4B623F5C	7826432	----a-w-	C:\Windows\Sysnative\Chakra.dll
2016-01-13 10:20:27	CCFE330C465256D5D835E9248C676E9E	245840	----a-w-	C:\Windows\Sysnative\mfps.dll
2016-01-13 10:20:27	C46159A366C6AA90F1B742999745FA36	2280448	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2016-01-13 10:20:27	76F240DE951303CD5B717C9583C4C8C0	808800	----a-w-	C:\Windows\Sysnative\WWAHost.exe
2016-01-13 10:20:27	36EC82F0E399F36BD25F593D63DC144A	912384	----a-w-	C:\Windows\Sysnative\usermgr.dll
2016-01-13 10:20:26	8F0749D5F46FDC5C82E74AC26138B7E5	796352	----a-w-	C:\Windows\Sysnative\generaltel.dll
2016-01-13 10:20:26	70E822EC30C93426C2C51D8CB8BBCDDF	2587696	----a-w-	C:\Windows\Sysnative\msxml6.dll
2016-01-13 10:20:26	67C00AEDBE4B3AD408A4910A357E046F	786696	----a-w-	C:\Windows\Sysnative\WMADMOD.DLL
2016-01-13 10:20:26	06B4CA3A5033B775B8C33DD56899C32C	4894720	----a-w-	C:\Windows\Sysnative\jscript9.dll
2016-01-13 10:20:25	D1824F779289CA26635A186FF30C0F92	858952	----a-w-	C:\Windows\Sysnative\mfnetcore.dll
2016-01-13 10:20:25	B84FEAB09387BECCA1900E4BFBD899A9	1009152	----a-w-	C:\Windows\Sysnative\WMSPDMOD.DLL
2016-01-13 10:20:25	93373D10F0F00D1DEE2EB822654735A5	275968	----a-w-	C:\Windows\Sysnative\facecredentialprovider.dll
2016-01-13 10:20:25	0522361AB3FE5B9C63D7B8C793E793F6	638464	----a-w-	C:\Windows\Sysnative\enterprisecsps.dll
2016-01-13 10:20:24	F5F72E0612286EE2A3700211015BF16B	848160	----a-w-	C:\Windows\Sysnative\mfsvr.dll
2016-01-13 10:20:24	7E0BD4140FFB06EB7253074C872EAF54	513888	----a-w-	C:\Windows\Sysnative\devinv.dll
2016-01-13 10:20:24	5F88CE195745E419A444E1CBED58AB00	1674240	----a-w-	C:\Windows\Sysnative\quartz.dll
2016-01-13 10:20:24	48D356CBA869FA4720A32B6285E7018D	785088	----a-w-	C:\Windows\Sysnative\evr.dll
2016-01-13 10:20:24	3FF05901B36C55E61E0C30B208B884F8	713568	----a-w-	C:\Windows\Sysnative\invagent.dll
2016-01-13 10:20:23	E00F94FADD6FE28F62841F8D31EF47BF	1594408	----a-w-	C:\Windows\Sysnative\gdi32.dll
2016-01-13 10:20:23	7B24B823404D53DA4748F21AD2BF04C9	584704	----a-w-	C:\Windows\Sysnative\winlogon.exe
2016-01-13 10:20:23	63B9376F17E6DE7DE8B25BC6F3319A98	671472	----a-w-	C:\Windows\Sysnative\advapi32.dll
2016-01-13 10:20:23	3A6DFDE14FEDB078985C6D0EA8C19FC9	162816	----a-w-	C:\Windows\Sysnative\DeviceCensus.exe
2016-01-13 10:20:23	11B74BAF9BD95FC3B7F17658A8CDBF3C	1804664	----a-w-	C:\Windows\Sysnative\WMALFXGFXDSP.dll
2016-01-13 10:20:22	DFDA465D7D14906ECC04071E20D0F19E	644096	----a-w-	C:\Windows\Sysnative\uReFS.dll
2016-01-13 10:20:22	DEEA03E61DCE718C64BF68D446E8ABA0	1309376	----a-w-	C:\Windows\Sysnative\appraiser.dll
2016-01-13 10:20:22	C7A6CC05D5D1BE5A863F858D963F7E0C	628736	----a-w-	C:\Windows\Sysnative\MessagingDataModel2.dll
2016-01-13 10:20:22	7677EA28D43C73FBD58BFA7C8E21FE97	479232	----a-w-	C:\Windows\Sysnative\schannel.dll
2016-01-13 10:20:22	57606281E23B0F53347527691E947B2B	749056	----a-w-	C:\Windows\Sysnative\PhoneService.dll
2016-01-13 10:20:22	29A61BF9EAB31507C36060CFAFEBE154	234504	----a-w-	C:\Windows\Sysnative\mftranscode.dll
2016-01-13 10:20:22	0C59D6C4129FDDCAB29B432DD2F57AC5	1173344	----a-w-	C:\Windows\Sysnative\aeinv.dll
2016-01-13 10:20:21	EF3D67F37ACC4CEFFDC853B960EC5856	1141496	----a-w-	C:\Windows\Sysnative\winload.exe
2016-01-13 10:20:21	90AA1A4C3B4FF984BB33D74C23D71536	678912	----a-w-	C:\Windows\Sysnative\qedit.dll
2016-01-13 10:20:21	815D17429CBDA7DD5D11AA57B379E94B	119320	----a-w-	C:\Windows\Sysnative\MP3DMOD.DLL
2016-01-13 10:20:21	5E509E7E8AA0DC686F749AC2996F4124	208896	----a-w-	C:\Windows\Sysnative\storewuauth.dll
2016-01-13 10:20:21	55FB0D95CC3EF6A0EB40DBDBC529787A	1255936	----a-w-	C:\Windows\Sysnative\WMSPDMOE.DLL
2016-01-13 10:20:21	26DFF195B1A59942541CE199C586F0D4	43520	----a-w-	C:\Windows\Sysnative\usermgrcli.dll
2016-01-13 10:20:21	0C4257E848E186BD4624DD12C6B5507E	1317640	----a-w-	C:\Windows\Sysnative\winload.efi
2016-01-13 10:20:20	B94746868C7AD8F0449662E8552E55DE	145920	----a-w-	C:\Windows\Sysnative\omadmclient.exe
2016-01-13 10:20:20	8321155AACF85779A42582B0CD5084A4	148992	----a-w-	C:\Windows\Sysnative\wshom.ocx
2016-01-13 10:20:20	503FFDCC4319F7419DE2B201B03BDB54	305664	----a-w-	C:\Windows\Sysnative\ksproxy.ax
2016-01-13 10:20:20	4EA244C67F3D3B0EB0CC694443D3F5AA	167936	----a-w-	C:\Windows\Sysnative\ProximityCommon.dll
2016-01-13 10:20:19	E95EA71BD560BF02276DF339FA412FCB	472576	----a-w-	C:\Windows\Sysnative\DscCore.dll
2016-01-13 10:20:19	C8C10002DF980C3830D103960957AA3C	1582080	----a-w-	C:\Windows\Sysnative\aitstatic.exe
2016-01-13 10:20:19	7ADDFA6327AD43B2D1DB974FE1B35BD4	764928	----a-w-	C:\Windows\Sysnative\Chakradiag.dll
2016-01-13 10:20:19	671DA2607117AC3BC7C028C0A6F4555E	210432	----a-w-	C:\Windows\Sysnative\aepic.dll
2016-01-13 10:20:19	561B71EE613240D3CC643E2E308BD3F7	248832	----a-w-	C:\Windows\Sysnative\UserMgrProxy.dll
2016-01-13 10:20:19	4DAAEB83744362082EA91B05C9CC13F3	604672	----a-w-	C:\Windows\Sysnative\vbscript.dll
====== C:\Windows\Sysnative\drivers =====
2015-12-24 13:33:01	4778EEECB75C6FB419745BEED3530B9D	26024	----a-w-	C:\Windows\Sysnative\drivers\rsdrvx64.sys
2015-12-24 10:03:29	AF7CE12C4F3DC8CB2B07685C916BBCFE	82816	----a-w-	C:\Windows\Sysnative\drivers\pcouffin.sys
====== C:\Windows\Tasks ======
2016-01-05 11:07:19	--------	d-----w-	C:\Windows\Sysnative\Tasks\NCH Software
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-01-20 13:15:35	--------	d-----w-	C:\Program Files\trend micro
2016-01-19 14:02:14	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2016-01-03 16:27:34	--------	d-----w-	C:\Program Files\CPUID
2016-01-03 12:38:51	--------	d-----w-	C:\Program Files\Realtek
2016-01-03 12:35:48	--------	d-----w-	C:\Program Files\Intel
======= C:\PROGRA~2 =====
2016-01-19 14:02:13	--------	d-----w-	C:\PROGRA~2\Microsoft Silverlight
2016-01-09 14:23:11	--------	d-----w-	C:\PROGRA~2\Fieldston Software
2016-01-09 08:52:11	--------	d---a-w-	C:\PROGRA~2\locate32_x64-3.1.11.7100
2016-01-05 11:26:19	--------	d-----w-	C:\PROGRA~2\VideoLAN
2016-01-05 11:06:56	--------	d-----w-	C:\PROGRA~2\NCH Software
2016-01-03 15:40:33	--------	d---a-w-	C:\PROGRA~2\RAPID
2016-01-03 15:38:22	--------	d---a-w-	C:\PROGRA~2\Samsung Magician
2016-01-03 12:35:45	--------	d-----w-	C:\PROGRA~2\COMMON~1\Intel
======= C: =====
====== C:\Users\Kees\AppData\Roaming ======
2016-01-03 15:39:24	9F4A6BABD018F1D580613ED2BC10F438	195488	----a-w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
====== C:\Users\Kees ======
2016-01-20 13:17:36	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kees\Downloads\RSITx64 (1).exe
2016-01-20 13:15:03	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kees\Downloads\RSITx64.exe
2016-01-19 14:02:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-09 14:23:11	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\gSyncit
2016-01-05 11:07:19	--------	d-----w-	C:\ProgramData\NCH Software
2016-01-03 16:27:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2016-01-03 15:38:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-01-03 12:36:24	--------	d-sh--w-	C:\Users\Kees\IntelGraphicsProfiles
2015-12-24 13:33:04	--------	d-----w-	C:\ProgramData\Licenses
2015-12-24 13:33:03	--------	d-----w-	C:\ProgramData\TEMP

====== C: exe-files ==
2016-01-20 13:17:36	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kees\Downloads\RSITx64 (1).exe
2016-01-20 13:15:35	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Kees.exe
2016-01-20 13:15:03	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Kees\Downloads\RSITx64.exe
2016-01-20 09:22:19	B6A5AA0D162C86D664F1AF626D2D7D8B	550584	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe
2016-01-20 09:22:19	89969E9A946B5E15B3E9C6853B5FD61D	195248	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
2016-01-20 09:22:19	12A4E8F1D4AC0615CF770E3DDCD4F9DE	842448	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DW20.EXE
2016-01-20 09:22:18	D0FCBFF69CF0EF3A23F777E07913C385	7931608	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\microsoft shared\office15\CMigrate.exe
2016-01-20 09:22:18	54242C408D56B95A1397BF204015B769	874160	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe
2016-01-20 09:22:18	53FC312F26DB43D6FCF8890426E6C2E4	1762984	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\onenote.exe
2016-01-20 09:22:18	53E09254F59E3993BFF59C6FB1CBF709	5798104	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CMigrate.exe
2016-01-20 09:22:13	EA63400D17211654771B6889F3BD8EFC	474344	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\DWTRIG20.EXE
2016-01-20 09:21:47	6FAC12190E4BF7D66B023BD0EDCAF279	1136856	----a-w-	C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
2016-01-20 09:21:44	F3C2245428D6A03685CE2B6316801296	480984	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\SELFCERT.EXE
2016-01-20 09:21:44	96E1D1C174789A8D947E1E34F1635D4F	21941408	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe
2016-01-20 09:21:44	477236D15338F537BA7D341FEF3E16BF	517360	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\IEContentService.exe
2016-01-20 09:21:39	F10C630A25DBF545F38AC9F8856D23DC	528584	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\VPREVIEW.EXE
2016-01-20 09:21:39	0AEF52A3D8A9C5CC9E3C7383294BBAE4	569592	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\ORGCHART.EXE
2016-01-20 09:21:20	FAE17C01547C21D4E0E7A456DFAF642F	630992	----a-w-	C:\Program Files\Microsoft Office 15\root\Integration\Integrator.exe
2016-01-20 09:20:50	93C64C781C525F96DEED3DDF32493A43	18995880	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.EXE
2016-01-20 09:20:15	5C54C563351ADE0088D5F159CBD80DF2	1923232	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\WINWORD.EXE
2016-01-20 09:20:14	5FEAD863F85FCF39F81A3FA26FD4D0F1	25726624	----a-w-	C:\Program Files\Microsoft Office 15\root\office15\EXCEL.EXE
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2681243925-3193496902-2134059672-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"gSyncit"="C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"gSyncit"="C:\Program Files (x86)\Fieldston Software\gSyncit\gsyncit.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /ANDREA_BF_BYPASS"
"SamsungRapidApp"="C:\Program Files (x86)\jv16 PowerTools X\StartupOptimizer.exe C:\Program Files (x86)\RAPID\CacheFilter\SamsungRapidApp.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive.exe]
"command"="\"C:\\Users\\Kees\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background"
"item"="OneDrive.exe"
"hkey"="HKCU"
"key"="Software\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-12-2015 19:27]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-12-2015 19:27]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\4Team updater" [C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung Magician\Samsung Magician.exe"]
"C:\Windows\SysNative\tasks\NCH Software\WavePadSevenDays" [C:\Program Files (x86)\NCH Software\WavePad\WavePad.exe]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.duckduckgo.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.duckduckgo.com/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kees\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kees\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kees\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Kees\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=84 folders=25 39860179 bytes)

==== Empty Temp Folders ======================

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 21-01-2016 at 21:23:52,98 ======================