
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Geert on do 21/04/2016 at 19:34:06,77.
Microsoft® Windows Vista™ Home Basic  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Geert\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

21/04/2016 19:36:23 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\ScanSoft deleted successfully
C:\PROGRA~2\Babylon deleted successfully
C:\Users\Geert\AppData\Roaming\PeerNetworking deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\SearchScopes\{2DE4F85C-3F78-457B-B630-9746CE39A505} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110011501160} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\URLSearchHooks\{00000000-6E41-4FD3-8538-502F5495E5FC} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

Objects\{11111111-1111-1111-1111-110011501160}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
""=- 
"ApnUpdater"=- 
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"bProtector Start Page"=-
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"bProtectorDefaultScope"=-

==== Deleting Files \ Folders ======================

C:\Program Files\ScanSoft not found
C:\Program Files\Ask.com deleted
C:\Program Files\MLPS deleted
C:\Program Files\Mozilla Firefox\user.js deleted
C:\Program Files\Uninstall Information\ib_uninst_0 deleted
C:\Program Files\Uninstall Information\ib_uninst_349 deleted
C:\Program Files\Uninstall Information\ib_uninst_398 deleted
C:\Program Files\Uninstall Information\ib_uninst_527 deleted
C:\Program Files\SamsungPrinterLiveUpdateInstaller deleted
C:\Program Files\Savings Sidekick deleted
C:\Users\Geert\AppData\Roaming\Babylon deleted
C:\PROGRA~2\Ask deleted
C:\PROGRA~2\InstallBrainService deleted
C:\Users\Geert\AppData\Local\APN deleted
C:\Users\Geert\AppData\Local\Savings Sidekick deleted
C:\Windows\System32\Tasks\Browser Manager deleted
C:\Users\Geert\Downloads\IdealStandard_E5041-E5042_price-list-drawing_5f1e051c37251094bcd5997b81dcd01a.gif deleted
C:\Users\Geert\Downloads\IdealStandard_V3906_product-sheet_86c9c484e6fa15dca81ca5b2cc55e426.pdf deleted
C:\Users\Geert\AppData\LocalLow\AskToolbar deleted
C:\Windows\SYSTEM32\TASKS\Scheduled Update for Ask Toolbar deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted
C:\Users\Geert\g2ax_customer_downloadhelper_win32_x86.exe deleted
"C:\Users\Geert\AppData\Local\{B07B8557-BCB7-4728-9E99-D8ECAF19C41B}" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Geert\AppData\Local\Temp ====
2016-04-20 17:49:38	F1E090F4D1F10A7ABE586D49012DBD52	739904	----a-w-	C:\Users\Geert\AppData\Local\Temp\jre-8u91-windows-au.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2016-04-21 07:36:02	F321650316B2AB7D5562705B5AF71A89	501760	----a-w-	C:\Windows\System32\kerberos.dll
2016-04-19 18:29:25	95BCEF4C0F685CDADDD6F3C143DC7FE6	1253376	----a-w-	C:\Windows\System32\msxml3.dll
2016-04-19 18:26:32	50C22CD47F6E7A3A2BEEC05580AB210F	206336	----a-w-	C:\Windows\System32\ncrypt.dll
2016-04-19 18:26:18	EE38397559808BE103EA5D1E790F4B97	72704	----a-w-	C:\Windows\System32\secur32.dll
2016-04-19 18:26:17	23FF265796AE724D41832CA95195A144	57344	----a-w-	C:\Windows\System32\samlib.dll
2016-04-19 18:26:15	0F16F94B10EE0246E51B92CC75ECB1EB	486912	----a-w-	C:\Windows\System32\samsrv.dll
2016-04-19 18:26:13	0975988CB3B7B6CE00DDFFC00D485930	1259520	----a-w-	C:\Windows\System32\lsasrv.dll
2016-04-19 18:24:15	7FA44D16D6F5471B586693552C6E1258	2048	----a-w-	C:\Windows\System32\tzres.dll
2016-04-19 17:04:35	27FA730227F9BAE751277BEFADE66FDB	1316864	----a-w-	C:\Windows\System32\ole32.dll
2016-04-19 17:04:34	A14BE5B772474BD68734EFA0F9426134	1208568	----a-w-	C:\Windows\System32\ntdll.dll
2016-04-19 17:04:34	09DEC1D7DB89FAC3719DCF0AF7CD363F	894976	----a-w-	C:\Windows\System32\kernel32.dll
2016-04-19 17:02:06	DF9F45804C71EF831A309233F0649D14	180224	----a-w-	C:\Windows\System32\msorcl32.dll
2016-04-19 17:02:05	A978034EB69D0D6683FFF03D11D33682	105472	----a-w-	C:\Windows\System32\mtxoci.dll
2016-04-19 17:01:29	935F004EBD0AF2B59AC7BFCF54DD7DDD	2070016	----a-w-	C:\Windows\System32\win32k.sys
2016-04-19 14:55:06	62F04451011BF49AF9D68FCD40A9D8F8	41472	----a-w-	C:\Windows\System32\msfeedsbs.dll
2016-04-19 14:55:02	FB95C4EE795477F15816EB88EB97DAEE	11776	----a-w-	C:\Windows\System32\mshta.exe
2016-04-19 14:55:02	B960F75D0FF99BB25CFAA3395ECA0570	1140224	----a-w-	C:\Windows\System32\urlmon.dll
2016-04-19 14:55:02	B42F7A5BE1172033091225D005054A8B	10752	----a-w-	C:\Windows\System32\msfeedssync.exe
2016-04-19 14:55:01	D61BCA3E64C4A0976E0CA9964AFEA7C6	142848	----a-w-	C:\Windows\System32\ieUnatt.exe
2016-04-19 14:55:01	C1A9525FF0BEF206F95BEF525D8E0EAC	607744	----a-w-	C:\Windows\System32\msfeeds.dll
2016-04-19 14:55:01	B12C304FD2A16FF1C0FA538723ACCC14	2382848	----a-w-	C:\Windows\System32\mshtml.tlb
2016-04-19 14:55:01	82DC9484318346679083716C50191BBA	65536	----a-w-	C:\Windows\System32\jsproxy.dll
2016-04-19 14:55:00	BCAC4522554A85D266D6DC83B2E25765	1427968	----a-w-	C:\Windows\System32\inetcpl.cpl
2016-04-19 14:55:00	4075A76FF501A9D9AE54A4E78F82A91D	1804800	----a-w-	C:\Windows\System32\iertutil.dll
2016-04-19 14:55:00	19FDBE2995B1EFA68BBEEB88BA6B0AF3	231936	----a-w-	C:\Windows\System32\url.dll
2016-04-19 14:54:59	EE5BCB206136E8C4B9A9898809DD8143	9753600	----a-w-	C:\Windows\System32\ieframe.dll
2016-04-19 14:54:59	9AC0B7CE169F703FA95148B76DA4128A	354304	----a-w-	C:\Windows\System32\dxtmsft.dll
2016-04-19 14:54:57	B4F0580786BEB44A7F39CA23E33FC590	1129984	----a-w-	C:\Windows\System32\wininet.dll
2016-04-19 14:54:57	5B5E38F2F1453834DB8FF27E48E4F8A7	424960	----a-w-	C:\Windows\System32\vbscript.dll
2016-04-19 14:54:52	AF661E55EBC3634FDC90D9CB61E1898D	176640	----a-w-	C:\Windows\System32\ieui.dll
2016-04-19 14:54:52	47C20EB9B1BDCB7BCD397FA29F40F50F	223744	----a-w-	C:\Windows\System32\dxtrans.dll
2016-04-19 14:54:51	887F9DDE0014787F69595694160B0807	367616	----a-w-	C:\Windows\System32\html.iec
2016-04-19 14:54:50	E248C677CC8C4E9DF1A82F684EFAC2E0	718848	----a-w-	C:\Windows\System32\jscript.dll
2016-04-19 14:54:50	34F70F99DF12F939E78D8C15F09CAB6B	72704	----a-w-	C:\Windows\System32\mshtmled.dll
2016-04-19 14:54:49	71F586526F70898280DF44699027F829	12841472	----a-w-	C:\Windows\System32\mshtml.dll
2016-04-19 14:54:48	BCA8FA2367DC9D6109F511D7141C3B10	1815552	----a-w-	C:\Windows\System32\jscript9.dll
====== C:\Windows\system32\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-04-20 17:52:32	--------	dc----w-	C:\Program Files\Common Files\Java
2016-04-19 18:48:19	--------	dc----w-	C:\Program Files\Speccy
2016-04-19 18:00:50	--------	dc----w-	C:\Program Files\trend micro
2016-03-29 13:39:16	--------	dc----w-	C:\Program Files\Mozilla Maintenance Service
======= C: =====
====== C:\Users\Geert\AppData\Roaming ======
2016-04-20 17:52:21	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Sun
2016-04-19 19:14:16	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2016-04-19 18:48:55	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2016-03-29 13:39:32	--------	d-----w-	C:\Users\Geert\AppData\Roaming\Mozilla
2016-03-29 13:39:32	--------	d-----w-	C:\Users\Geert\AppData\Local\Mozilla
====== C:\Users\Geert ======
2016-04-20 17:52:21	--------	d-----w-	C:\Users\Geert\.oracle_jre_usage
2016-04-20 17:29:33	0CB6F89AFC44CECD411191296383A85B	738368	----a-w-	C:\Users\Geert\Downloads\chromeinstall-8u91.exe
2016-04-19 18:58:20	FF70EB133BE86B9F9EB18E274DAA6B6C	5111240	----a-w-	C:\Users\Geert\Downloads\spsetup129 (2).exe
2016-04-19 18:58:05	FF70EB133BE86B9F9EB18E274DAA6B6C	5111240	----a-w-	C:\Users\Geert\Downloads\spsetup129 (1).exe
2016-04-19 18:48:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2016-04-19 18:38:40	FF70EB133BE86B9F9EB18E274DAA6B6C	5111240	----a-w-	C:\Users\Geert\Downloads\spsetup129.exe
2016-04-19 17:58:43	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT (5).exe
2016-04-19 17:58:33	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT (4).exe
2016-04-19 17:55:33	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT (3).exe
2016-04-19 17:54:06	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT (2).exe
2016-04-19 17:53:46	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT (1).exe
2016-04-19 17:49:01	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geert\Downloads\RSIT.exe

====== C: exe-files ==
2016-04-20 17:51:21	6C58D1081EC589813A197E81CA5CB85C	159296	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\unpack200.exe
2016-04-20 17:51:21	1F3D5C9A2D230CDE5B2120AA0F3721B6	16448	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\tnameserv.exe
2016-04-20 17:51:20	76E017B33C2C0F72CBBDB77251B00658	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\rmid.exe
2016-04-20 17:51:20	56B31942246558D41498912CA9868DF2	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\servertool.exe
2016-04-20 17:51:20	2C02E97DF732010028B565DA92F3CB0F	51776	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\ssvagent.exe
2016-04-20 17:51:20	1CB2916C0CC541F2A4AC28DAC03F1833	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\rmiregistry.exe
2016-04-20 17:51:19	BA45896DE4744CC7AB7EAECF59D6758C	16448	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\orbd.exe
2016-04-20 17:51:19	AFB89E0B881A2F9F0135AB8984B9FC53	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\pack200.exe
2016-04-20 17:51:19	38E67313028C22B78E26D7860494015E	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\policytool.exe
2016-04-20 17:51:17	D8065554BA4D664A55F57F76E1B4F9E3	77888	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\jp2launcher.exe
2016-04-20 17:51:17	D26A12768BFA19B5565F82DF16B85192	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\kinit.exe
2016-04-20 17:51:17	B6AAFABF90E5FE4683690793F2963388	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\keytool.exe
2016-04-20 17:51:17	2EBB23647400B52B56815FEBC59DCCF7	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\ktab.exe
2016-04-20 17:51:17	2ABC222E2C3E728136516D6390BDF447	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\klist.exe
2016-04-20 17:51:16	DE2D3B374C6EFA769028B811A1203FB1	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\jjs.exe
2016-04-20 17:51:14	D117B71E46E9156F1C88146E6F5EDB03	191552	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\javaw.exe
2016-04-20 17:51:14	CCCE1ACFFBFCB34B5F3CD157A78522F8	68672	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\javacpl.exe
2016-04-20 17:51:14	28AC474C021D764DF31736CB9B47DD88	191040	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\java.exe
2016-04-20 17:51:14	0BA64EAF4F4080DA2FB79DCC05CB2A14	268352	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\javaws.exe
2016-04-20 17:51:13	AFD756C629D5527D1CFE3BE9D6EBB416	30784	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\jabswitch.exe
2016-04-20 17:51:13	09EABD6F36ECC85644DCE5C3BD709F29	15936	----a-w-	C:\Program Files\Java\jre1.8.0_91\bin\java-rmi.exe
2016-04-19 18:00:51	9A2347903D6EDB84C10F288BC0578C1C	388608	-c--a-w-	C:\Program Files\trend micro\Geert.exe
2016-04-19 14:55:05	8784A951253723B318DABE02E10E631D	223232	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2016-04-19 14:55:02	93B5982552DE463C297F5D444760183C	22528	----a-w-	C:\Program Files\Internet Explorer\ExtExport.exe
2016-04-19 14:55:00	C089892C9F9D2630585E14D8335411FB	474624	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2016-04-19 14:54:58	596E41110232A86D73E3E2EBF8B9FC41	758512	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2016-04-18 20:10:26	F4FF5B6ABB94537232B49ADDB8D87EE1	1581016	----a-w-	C:\Users\Geert\AppData\Local\Google\Chrome\User Data\SwReporter\6.48.4\software_reporter_tool.exe
=== C: other files ==
2016-04-20 17:51:21	CB600FFB53D99A9B07EB870111BA7470	14130	----a-w-	C:\Program Files\Java\jre1.8.0_91\lib\deploy\ffjcext.zip

==== Orphaned Tasks deleted from Registry ======================

Browser Manager deleted
Scheduled Update for Ask Toolbar deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe"
"TPFNF7"="C:\Program Files\Lenovo\NPDIRECT\TPFNF7SP.exe /r"
"TPWAUDAP"="C:\Program Files\Lenovo\HOTKEY\TpWAudAp.exe"
"SmartAudio"="C:\Program Files\CONEXANT\SMARTAUDIO\SMAUDIO.EXE /c"
"TVT Scheduler Proxy"="C:\Program Files\Common Files\Lenovo\Scheduler\scheduler_proxy.exe"
"LPManager"="C:\PROGRA~1\Lenovo\LENOVO~2\LPMGR.exe"
"AMSG"="C:\Program Files\ThinkVantage\AMSG\Amsg.exe /startup"
"ACTray"="C:\Program Files\ThinkPad\ConnectUtilities\ACTray.exe"
"ACWlIcon"="C:\Program Files\ThinkPad\ConnectUtilities\ACWlIcon.exe"
"PMHandler"="C:\PROGRA~1\Lenovo\PMDriver\PMHandler.exe"
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"
"StatusAlerts"="C:\Program Files\HP\StatusAlerts\bin\HPStatusAlerts.exe /enum:on /alerts:on /notifications:on /fl:on /fr:on /appData:on /tmcp:on"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CameraApplicationLauncher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CameraApplicationLauncher"
"hkey"="HKLM"
"command"="C:\\Program Files\\Lenovo\\Camera Center\\bin\\CameraApplicationLaunchpadLauncher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Logitech Vid]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Logitech Vid"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Logitech\\Vid HD\\Vid.exe\" -bootmode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LWS"
"hkey"="HKLM"
"command"="C:\\Program Files\\Logitech\\LWS\\Webcam Software\\LWS.exe -hide"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Message Center Plus]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Message Center Plus"
"hkey"="HKLM"
"command"="C:\\Program Files\\LENOVO\\Message Center Plus\\MCPLaunch.exe /start"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Bluetooth.lnk"
"backup"="C:\\Windows\\pss\\Bluetooth.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~1\\Lenovo\\BLUETO~1\\BTTray.exe "
"item"="Bluetooth"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 13:34]
C:\Windows\tasks\Google Software Updater.job --a------ C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [11/11/2011 20:12]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/08/2015 19:48]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/08/2015 19:48]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Ad-Aware Update (Daily 1)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Ad-Aware Update (Daily 2)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Ad-Aware Update (Daily 3)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Ad-Aware Update (Daily 4)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Ad-Aware Update (Weekly)" [C:\Program Files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe]
"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\Google Software Updater" [C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HPLJCustParticipation" ["C:\Program Files\HP\HPLJUT\HPLJUTSCH.exe"]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{37AA65E8-0AC0-44D3-BF90-2732BD0CE5B7}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [08/08/2009 14:57]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{b64982b1-d112-42b5-b1e4-d3867c4533f8}"="C:\ProgramData\Browser Manager\2.2.558.175\{16cdff19-861d-48e3-a751-d99a27784753}\FirefoxExtension" []

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Geert\AppData\Roaming\Mozilla\Firefox\Profiles\zc6wg3ci.default
F169116C1BA501AB4D0D66D41FF496B5	- C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
FC5D7AF1FC3A63782E19B375E2312D1C	- C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
AF8A94BCB98C299C49B28CC12EBC0ED2	- C:\Program Files\Google\Update\1.3.29.5\npGoogleUpdate3.dll -	Google Update
358878E398AB0FB8B1EE176C2E3EDF48	- C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll -	Google Updater
AB87EEFFD18F2BAAFC274E7075EA6C67	- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
0205ADAFFDDF04F0F69200E5CFB5FFD9	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
F8EFDCFC440A420D6C1ECD245AB20207	- C:\Windows\system32\Macromed\Flash\NPSWF32.dll -	Shockwave Flash
CAF78E18A9E1380A0A38065B3B1210E0	- C:\Users\Geert\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll -	VASCO Card Reader Plugin


==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Geert\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[]

Belfius Smart Card Reader Chrome Extension - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi
Google Docs - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Docs Offline - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.myway.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.myway.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_immo.trovit.fr_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_immo.trovit.fr_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad-emea.doubleclick.net_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.horyzon-media.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.horyzon-media.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.travelaudience.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.travelaudience.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsomenoise.cdn01.rambla.be_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adsomenoise.cdn01.rambla.be_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-site.soonnight.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static-site.soonnight.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d22j4fzzszoii2.cloudfront.net_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.tb.ask.com_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pconverter.dl.tb.ask.com_0.localstorage-journal deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.jeep-services.eu_0.localstorage deleted successfully
C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.jeep-services.eu_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Default_Page_URL"="http://lenovo.live.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://lenovo.live.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&FORM=LENIE
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} - No_Url_Value
HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - No_Url_Value

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3840249230-3880042740-1327267179-1003\Software\mozilla\Firefox\Extensions\{b64982b1-d112-42b5-b1e4-d3867c4533f8} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9416A209-B8AD-4FE5-A893-3BDA6E9BDEC5} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Installer\Products\902A6149DA8B5EF48A39B3ADE6B9ED5C deleted successfully

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Geert\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Geert\AppData\Local\Mozilla\Firefox\Profiles\zc6wg3ci.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Geert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3842 folders=514 1563589003 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Geert\AppData\Local\Temp will be emptied at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Geert\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on do 21/04/2016 at 20:18:16,66 ======================