
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by rajni on wo 02-03-2016 at 15:41:48,05.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: O:\IE Downloads\Firefox Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

2-3-2016 15:42:37 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Synology deleted successfully
C:\Users\rajni\AppData\Roaming\MPC-HC deleted successfully
C:\Users\rajni\AppData\Roaming\npm deleted successfully
C:\Users\rajni\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\rajni\AppData\Local\CrashDumps deleted successfully
C:\Users\rajni\AppData\Local\LogMeIn Rescue Applet deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update service deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\Popcorn Time deleted
C:\PROGRA~3\Package Cache deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2016-02-06 22:50:33	9D77CC4A36FEEA644D002CFB9B2D42C0	3231232	----a-w-	C:\Windows\explorer.exe
====== C:\Users\rajni\AppData\Local\Temp ====
2016-03-01 11:33:25	560EDC0912BDB68290930E2542823A24	135760	----a-w-	C:\Users\rajni\AppData\Local\Temp\ehdrv.sys
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2016-02-26 23:19:31	E5DE5F75FF6739AC9AABBDD4740B22A9	14176	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2016-02-26 23:19:31	E37EC711D51AAF9FD8570739ED8A1AC0	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2016-02-26 23:19:31	DB9FEFF915F895BE960E9D1D47639324	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2016-02-26 23:19:31	D07F2E1FF3CA24A06ADDE429A0130E50	16224	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-26 23:19:31	BCBE1BD34AA5E3E585E8A186ECE49FA0	13664	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-26 23:19:31	B05D416F3162D1686914606E9C794997	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2016-02-26 23:19:31	924E2F51DE0177D08AABAB725421D70C	22368	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2016-02-26 23:19:31	85CF361F1388D42FEEDD3E2516D50CE7	66400	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2016-02-26 23:19:31	74126D3BED0E43DE875B66C63C608F42	19808	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-26 23:19:31	5E98B6B1D884AE801EEF41C42A080084	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2016-02-26 23:19:31	522226C519CDD233360BF0CE80B0CEBA	15712	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2016-02-26 23:19:31	3DF1D7DA8C1493A5A00C0474323FEF20	922432	----a-w-	C:\Windows\SysWOW64\ucrtbase.dll
2016-02-26 23:19:31	3A2E6016FF209066F3129543660BE0B5	12128	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2016-02-26 23:19:31	386C6B538AC4F36737819B79E679132D	12640	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2016-02-26 23:19:31	1D96A0D2EF83C6C1176806C02F96384A	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2016-02-26 23:19:31	0E9D1BCE1BB8A5E25B505CE7B52CCE74	17760	----a-w-	C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2016-02-26 23:19:31	EBA98AF7BA9FC4696BFD3F03D43CE07B	13664	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-filesystem-l1-1-0.dll
2016-02-26 23:19:31	E9C7DF2BC9C5157F2195737948DBFA0B	19808	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-multibyte-l1-1-0.dll
2016-02-26 23:19:31	D8F7A8440C5B23A587D981E7B9A4892C	15712	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-convert-l1-1-0.dll
2016-02-26 23:19:31	CB20CCF93E34CC08AB4B58A344E76DD1	14176	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-time-l1-1-0.dll
2016-02-26 23:19:31	CAB18EAC01B9FCF6A0CA74E95FADB8B7	20832	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-math-l1-1-0.dll
2016-02-26 23:19:31	C2F694722F8D98990B218ECAB729B0FE	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-heap-l1-1-0.dll
2016-02-26 23:19:31	A98EC7EDB339CD967E5CBD5EEC174CEB	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-conio-l1-1-0.dll
2016-02-26 23:19:31	A4FA9CA07855A7F237D1908E62B5B1C7	12640	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-process-l1-1-0.dll
2016-02-26 23:19:31	92375150AD3F19431B49793DC7111962	63840	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-private-l1-1-0.dll
2016-02-26 23:19:31	6A2C655BC6B7E2EDFC98B632B521697D	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-string-l1-1-0.dll
2016-02-26 23:19:31	62ED9DA33AFE5624A08D9427527536FE	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-locale-l1-1-0.dll
2016-02-26 23:19:31	4CDCE034568C1177325799A60F987F27	16224	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-runtime-l1-1-0.dll
2016-02-26 23:19:31	1EB17F650462EEA820F4CD727D2D3AB1	994760	----a-w-	C:\Windows\Sysnative\ucrtbase.dll
2016-02-26 23:19:31	1EA4F3D5312C15A64904A6E9E457612D	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-utility-l1-1-0.dll
2016-02-26 23:19:31	0753722E5BD0AF130C1B465F2981477C	12128	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-environment-l1-1-0.dll
2016-02-26 23:19:31	020E0DCC82A7C5AFDEE3FBA57C5F30D3	17760	----a-w-	C:\Windows\Sysnative\api-ms-win-crt-stdio-l1-1-0.dll
====== C:\Windows\Sysnative\drivers =====
2016-02-26 23:19:31	47B2D0B31BDC3EBE6090228E2BA3764D	1684416	----a-w-	C:\Windows\Sysnative\drivers\ntfs.sys
2016-02-16 18:27:39	D812362E8AF615B521AD4DF19A93BD5A	205456	----a-w-	C:\Windows\Sysnative\drivers\nvhda64v.sys
2016-02-16 18:27:39	40E48E5A23200529913399C88674FE4D	12383288	----a-w-	C:\Windows\Sysnative\drivers\nvlddmkm.sys
2016-02-13 19:26:39	95314C3A08589471983C2C8173F23CDA	16376	----a-w-	C:\Windows\Sysnative\drivers\TVMonitor.sys
2016-02-11 11:12:23	351533ACC2A069B94E80BBFC177E8FDF	35344	----a-w-	C:\Windows\Sysnative\drivers\npf.sys
2016-02-10 12:31:44	D7ADC2B83CA0B0381F75A98351F72CEE	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2016-02-10 12:31:35	BA500732D160C61E889E8180EE53C86F	154560	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2016-02-10 12:31:35	A16FC9323A85CAEA5804D04646A91CF9	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2016-02-10 12:31:35	7BDDD24C5A148534D3737DBFA96B3E69	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2016-02-10 12:31:35	355DF71D1DD1999E8AEDF986534B233C	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2016-02-10 12:31:35	2539BE615440BA1EA4CF84A66B6C0AF9	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
====== C:\Windows\Tasks ======
2016-03-01 11:23:45	5B2BBFD3718A6B8AF922A1C80D050E6B	3162	----a-w-	C:\Windows\Sysnative\Tasks\SamsungMagician
2016-02-13 19:24:38	D8CE092F71E593744218900558B0A72A	332	----a-w-	C:\Windows\Tasks\HPCeeScheduleForrajni.job
2016-02-13 19:24:38	74C7E8AEC208463C3EAC4B616EE8C5B6	3186	----a-w-	C:\Windows\Sysnative\Tasks\HPCeeScheduleForrajni
2016-02-10 19:26:37	--------	d-----w-	C:\Windows\Sysnative\Tasks\OfficeSoftwareProtectionPlatform
2016-02-01 15:14:02	A68B434F0EDA058667AAC01E91BC90F2	3880	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2016-02-01 15:14:02	1E0A38892F6992B33DAA53AA4A02B34F	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-01 15:12:26	0C20CCEF6687A291F80B504D642A63A8	3888	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-03-01 10:56:42	--------	d-----w-	C:\Program Files\trend micro
2016-02-14 15:41:54	--------	d-----w-	C:\Program Files\nodejs
2016-02-10 19:24:57	--------	d-----w-	C:\Program Files\Microsoft Office
======= C:\PROGRA~2 =====
2016-02-11 19:16:16	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2016-02-10 19:24:57	--------	d-----w-	C:\PROGRA~2\Microsoft Analysis Services
2016-02-01 18:10:16	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe AIR
2016-02-01 15:12:21	--------	d-----w-	C:\PROGRA~2\COMMON~1\Adobe
2016-02-01 15:12:21	--------	d-----w-	C:\PROGRA~2\Adobe
======= C: =====
====== C:\Users\rajni\AppData\Roaming ======
2016-03-01 22:58:08	--------	d-----w-	C:\Users\rajni\AppData\Local\NVIDIA Corporation
2016-02-16 18:05:31	--------	d-----w-	C:\Users\rajni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Node.js
2016-02-11 11:12:34	--------	d-----w-	C:\Users\rajni\AppData\Local\NETGEARGenie
2016-02-11 10:33:58	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2016-02-11 10:33:58	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2016-02-10 19:24:48	--------	d-----w-	C:\Users\rajni\AppData\Local\Microsoft Help
2016-02-09 12:17:06	--------	d-----w-	C:\Users\rajni\AppData\Local\CEF
2016-02-03 20:09:17	--------	d-----w-	C:\Users\rajni\AppData\Local\Diagnostics
2016-02-01 21:50:57	--------	d-----w-	C:\Users\rajni\AppData\Locallow\Adobe
====== C:\Users\rajni ======
2016-03-01 20:04:28	5550351D9394EC55C26F98F89CBEBF6A	16266496	----a-w-	C:\Users\rajni\Downloads\tsetup.0.9.28.exe
2016-03-01 13:50:28	--------	d-----w-	C:\ProgramData\BootRacer
2016-03-01 11:23:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Magician
2016-03-01 11:23:29	--------	d-----w-	C:\ProgramData\Samsung
2016-03-01 10:55:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\rajni\Downloads\RSITx64.exe
2016-02-21 18:07:42	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\Desktop
2016-02-16 18:28:33	--------	d-----w-	C:\ProgramData\NVIDIA
2016-02-10 19:27:02	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2016-02-10 19:24:47	--------	d-----w-	C:\ProgramData\Microsoft Help
2016-02-01 15:12:14	--------	d-----w-	C:\ProgramData\Adobe

====== C: exe-files ==
2016-03-01 23:53:20	F9D931B157E731186C795634B31EF704	1487000	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\Installer\setup.exe
2016-03-01 23:53:19	E4AF19EF1F88946F9AE64186245608D0	852632	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\delegate_execute.exe
2016-03-01 23:52:57	0082A2BFD969204B570A60232EBA787E	1220696	----a-w-	C:\Users\rajni\AppData\Local\Google\Update\Install\{1D43E1C7-4B23-4F58-B879-C52DE205D2E7}\51.0.2664.1_51.0.2664.0_chrome_updater.exe
2016-03-01 23:52:57	0082A2BFD969204B570A60232EBA787E	1220696	----a-w-	C:\Users\rajni\AppData\Local\Google\Update\Download\{4EA16AC7-FD5A-47C3-875B-DBF4A2008C20}\51.0.2664.1\51.0.2664.1_51.0.2664.0_chrome_updater.exe
2016-03-01 22:58:21	F23F9ABB73EF2862DED6CF414A891C2D	610744	----a-w-	C:\Users\rajni\AppData\Local\NVIDIA\NvBackend\Packages\00008767\CoProc update.20490610.exe
2016-03-01 22:58:18	E9D34EBE25CFDAB12F7CCA30698685DC	7346288	----a-w-	C:\Users\rajni\AppData\Local\NVIDIA\NvBackend\Packages\0000876c\DAO.20490968.exe
2016-03-01 22:57:55	88E80D32781DABAA4E0FAB32A92C647D	1880960	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\installer.{64CEEDA4-2778-46A7-AE80-01BDBFC3BD23}\NVNetworkService.exe
2016-03-01 22:57:55	83C0F861BCDBF9B86F84A178F914ED8C	420800	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{FE00B877-1872-4878-9620-FECCAA3DF016}\setup.exe
2016-03-01 20:04:28	5550351D9394EC55C26F98F89CBEBF6A	16266496	----a-w-	C:\Users\rajni\Downloads\tsetup.0.9.28.exe
2016-03-01 14:32:14	EC47AFE4CE2D2DB2ABE6E6FB76E7E5E3	630200	----a-w-	C:\Users\rajni\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
2016-03-01 14:32:10	78D128FC0EDE8E063DE9BED9139ED6AA	172984	----a-w-	C:\Users\rajni\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\OAWrapper.exe
2016-03-01 11:23:54	262E4DDD5D3350218D722A009A879E5A	19032760	----a-w-	C:\ProgramData\Samsung\Backup\Samsung_Magician_ML_Setup_Backup.exe
2016-03-01 10:56:42	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\rajni.exe
2016-03-01 10:55:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\rajni\Downloads\RSITx64.exe
2016-03-01 10:52:11	AA1DB90B5604A7861B8D5B931D2A607F	1487000	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\Installer\setup.exe
2016-03-01 10:52:10	1E903B58BDC0D3543661A220E6A7571E	852632	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\delegate_execute.exe
2016-02-28 23:59:54	8D677EE90317A10D3369C3885C93B268	1579416	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\SwReporter\6.44.4\software_reporter_tool.exe
2016-02-26 22:58:45	EF8734A6337EA8EE02CAC1A1E8A2AB6E	444416	----a-w-	C:\Windows\SysWOW64\GWX\GWX.exe
2016-02-26 22:58:45	C37C03EFE49DBC4CE3DA1B31FFCA345A	355328	----a-w-	C:\Windows\System32\GWX\GWXDetector.exe
2016-02-26 22:58:45	7149E33CBE7E8413A160CA338CB9CE43	520704	----a-w-	C:\Windows\System32\GWX\GWX.exe
2016-02-26 22:58:45	6DABFABC761F2DC1F0D159CC591C2A3B	119296	----a-w-	C:\Windows\System32\GWX\GWXUX.exe
2016-02-26 22:58:45	5D0B8192510ADAF8A579C3647AAADA50	753152	----a-w-	C:\Windows\System32\GWX\GWXConfigManager.exe
2016-02-26 22:58:45	4A5EB6541A61048377C9E8C8DE898134	396080	----a-w-	C:\Windows\System32\GWX\GWXUXWorker.exe
2016-02-25 12:14:42	61F36BD0779DFCAE01FCA273688FC99B	614456	----a-w-	C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe
=== C: other files ==
2016-03-01 23:53:17	D2F6A1B11344D9AC7BCFB75900D4ADE1	23668	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\default_apps\youtube.crx
2016-03-01 23:53:17	71E1283B8440F6264CEC99DF9AD81F5B	25561	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\default_apps\drive.crx
2016-03-01 23:53:17	2E2E328E5BF6BE61203164B3E9EA8094	24040	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\default_apps\gmail.crx
2016-03-01 23:53:17	2C71C49F991095A1848624907BACBB08	4578	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.1\default_apps\docs.crx
2016-03-01 22:57:57	9D9CAD70EA640AB8D3EB77BFAE6CABE2	28344	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F22BC674-5741-4505-BBCC-E5DF6DF6A074}\NVSWCFilter64.sys
2016-03-01 22:57:57	7ABD081BB7A1A8CF7E3B1E64183AB812	24760	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\ShieldWirelessController.{F22BC674-5741-4505-BBCC-E5DF6DF6A074}\NVSWCFilter32.sys
2016-03-01 22:57:57	64E8275CEAD43D3CA8E3A311B2F4B64A	47760	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{B4E9D7BF-DD38-4D5E-8CD9-8C8B9CD9FCFA}\nvvad64v.sys
2016-03-01 22:57:57	0AAE6C356F1F7C723BA99FB41E32DE12	42128	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\VirtualAudio.Driver.{B4E9D7BF-DD38-4D5E-8CD9-8C8B9CD9FCFA}\nvvad32v.sys
2016-03-01 22:57:55	B31469A4AAE4D8CA6DFAB73A4F791131	22912	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{FE00B877-1872-4878-9620-FECCAA3DF016}\NVI2SystemService32.sys
2016-03-01 22:57:55	888E5B86F853F3287A31385F280BDAA0	23936	----a-w-	C:\Program Files\NVIDIA Corporation\Installer2\CoreTemp.{FE00B877-1872-4878-9620-FECCAA3DF016}\NVI2SystemService64.sys
2016-03-01 20:04:29	CCB4ED000FD8C2C16169D0DFB1CABCEB	17929017	----a-w-	C:\Users\rajni\Downloads\tportable.0.9.28.zip
2016-03-01 11:33:25	560EDC0912BDB68290930E2542823A24	135760	----a-w-	C:\Users\rajni\AppData\Local\Temp\ehdrv.sys
2016-03-01 10:52:08	D2F6A1B11344D9AC7BCFB75900D4ADE1	23668	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\youtube.crx
2016-03-01 10:52:08	71E1283B8440F6264CEC99DF9AD81F5B	25561	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\drive.crx
2016-03-01 10:52:08	2E2E328E5BF6BE61203164B3E9EA8094	24040	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\gmail.crx
2016-03-01 10:52:08	2C71C49F991095A1848624907BACBB08	4578	----a-w-	C:\Users\rajni\AppData\Local\Google\Chrome SxS\Application\51.0.2664.0\default_apps\docs.crx
2016-02-26 23:19:31	47B2D0B31BDC3EBE6090228E2BA3764D	1684416	----a-w-	C:\Windows\System32\drivers\ntfs.sys

==== Orphaned Tasks deleted from Registry ======================

Norton Product Installer deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1436889673-3769462199-2881324936-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3AH513C60602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"
"NETGEARGenie"="P:\Netgear\NETGEAR Genie\bin\NETGEARGenie.exe -mini -redirect"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"LWS"="P:\Logitech\LWS\Webcam Software\LWS.exe -hide"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN3AH513C60602:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1"
"NETGEARGenie"="P:\Netgear\NETGEAR Genie\bin\NETGEARGenie.exe -mini -redirect"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"UMonit"="C:\Windows\SysWOW64\UMonit.exe"
"ShadowPlay"="C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"iTunesHelper"="P:\Itunes\iTunesHelper.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^rajni^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Logitech . Productregistratie.lnk]
"item"="Logitech . Productregistratie"
"path"="C:\\Users\\rajni\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Logitech . Productregistratie.lnk"
"backup"="C:\\Windows\\pss\\Logitech . Productregistratie.lnk.Startup"
"backupExtension"=".Startup"
"command"="P:\\Logitech\\Ereg\\eReg.exe"


==== Startup Folders ======================

2016-01-28 14:10:44	1952	----a-w-	C:\Users\rajni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk
2016-01-14 18:01:56	1110	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10-02-2016 13:38]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436889673-3769462199-2881324936-1000Core.job --a------ C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe [14-01-2016 18:41]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1436889673-3769462199-2881324936-1000UA.job --a------ C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe [14-01-2016 18:41]
C:\Windows\tasks\HPCeeScheduleForrajni.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["P:\Ccleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1436889673-3769462199-2881324936-1000Core" [C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1436889673-3769462199-2881324936-1000UA" [C:\Users\rajni\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForrajni" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"]
"C:\Windows\SysNative\tasks\SamsungMagician" ["T:\Samsung Magician\Samsung Magician.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Active Health Launcher" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\rajni\AppData\Roaming\Mozilla\Firefox\Profiles\vzd4t30y.default
user_pref("browser.startup.homepage", "www.google.nl");

==== Firefox Extensions ======================

ProfilePath: C:\Users\rajni\AppData\Roaming\Mozilla\Firefox\Profiles\vzd4t30y.default
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- YouTube AdBlock - %ProfilePath%\extensions\jid1-w4wG5nJhx4LJZr@jetpack.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\rajni\AppData\Roaming\Mozilla\Firefox\Profiles\vzd4t30y.default
9F9E2E37C8455FCC7E2716E3AFD3EF88	- P:\Vlc\npvlc.dll -	VLC Web Plugin
C788C801C5FAE1BEC62C7D2F1BBC9255	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1223183.dll -	Shockwave for Director / Shockwave for Director
6FE651F6E3025AD51CC1D54913AEEADC	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll -	Shockwave Flash
AF8A94BCB98C299C49B28CC12EBC0ED2	- C:\Users\rajni\AppData\Local\Google\Update\1.3.29.5\npGoogleUpdate3.dll -	Google Update


==== Chromium Look ======================

Google Slides - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Adblock for Youtube - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
Google Search - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Word search - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ggckablhhmjagmokplgnbamljajnhanm
Google Docs Offline - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Preferences was reset successfully
C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Secure Preferences was reset successfully
C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Web Data was reset successfully
C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rajni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\rajni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\rajni\AppData\Local\Mozilla\Firefox\Profiles\vzd4t30y.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\rajni\AppData\Local\Google\Chrome SxS\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1754 folders=224 206898119 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\rajni\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\rajni\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 02-03-2016 at 16:07:32,41 ======================