
Zoek.exe Version 4.0.0.5 Updated 26-October-2013
Tool run by Bart Esprit on zo 27/10/2013 at 10:05:20,19.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Bart Esprit\Downloads\zoek.exe [Script inserted] [Checkboxes used]

==== System Restore Info ======================

27/10/2013 10:06:53 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AVS4YOU deleted successfully
C:\PROGRA~2\GUM4D45.tmp deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\Program Files\log deleted successfully
C:\Program Files\mcafee deleted successfully
C:\Program Files\Symantec deleted successfully
C:\ProgramData\Evernote deleted successfully
C:\ProgramData\McAfee deleted successfully
C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully
C:\Users\Bart Esprit\AppData\Roaming\TP deleted successfully
C:\Users\Bart Esprit\AppData\Local\Secunia PSI deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-218453439-456519775-2849796511-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_USERS\S-1-5-21-218453439-456519775-2849796511-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411411158}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\Program Files (x86)\Common Files\DVDVideoSoft deleted
C:\Users\Bart Esprit\AppData\Roaming\DVDVideoSoftIEHelpers deleted
C:\Users\Bart Esprit\Desktop\Optimizer Pro.lnk deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-10-26 19:24:37	F6DB54E80D325CC46E046AA9A1FF71AD	40	----a-w-	C:\Windows\avast5.ini
2013-10-26 19:23:27	3D57EC3DDD0A4B5A9DF9A676C7DD771D	34	----a-w-	C:\Windows\AvastEmUpdate.ini
2013-10-26 19:23:19	D0FBC21805855396820D9C8A6A082A6A	43152	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\BARTES~1\AppData\Local\Temp ====
2013-10-26 19:17:31	A49868D134933005DA22B22C6E7D96A7	713032	----a-w-	C:\Users\Bart Esprit\AppData\Local\Temp\sketchup_install\setup.exe
2013-10-26 19:17:31	90CD546809F52BE4DCDACE97AEEE9C35	112013312	----a-w-	C:\Users\Bart Esprit\AppData\Local\Temp\sketchup_install\SketchUp2013.msi
2013-10-18 18:46:09	8B64BCD9EAF292636E68CA78C6DE79D4	5668624	----a-w-	C:\Users\Bart Esprit\AppData\Local\Temp\{F1922AEC-D9D5-4824-8F20-31C4EE2A174E}\setup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2013-10-26 20:26:53	9223A2810B73069F4A03A636052EF14A	264616	----a-w-	C:\Windows\SysWOW64\javaws.exe
2013-10-26 20:26:48	DC1342498BEE7EF1646E9D63138B69CC	175016	----a-w-	C:\Windows\SysWOW64\javaw.exe
2013-10-26 20:26:48	9B0B14B405E0EDF76B5F5E31A49EB753	96168	----a-w-	C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2013-10-26 20:26:48	658633D255FEF154EA1CB8705B4468C5	174504	----a-w-	C:\Windows\SysWOW64\java.exe
2013-10-26 19:20:57	E6C2CC7AF2868ED5C28F700B2355F877	3120	----a-w-	C:\Windows\SysWOW64\ALLFSAF13a.ocx
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-10-26 20:30:17	D3035E7C890D45AEC9A2F6B388593B2D	312744	----a-w-	C:\Windows\Sysnative\javaws.exe
2013-10-26 20:30:13	6653906AFCCC8179315A889B4AC29172	108968	----a-w-	C:\Windows\Sysnative\WindowsAccessBridge-64.dll
2013-10-26 20:30:13	5B11EB00AC6B39FDC78222FF88429ACF	189352	----a-w-	C:\Windows\Sysnative\javaw.exe
2013-10-26 20:30:13	5AE4FBF3B0A57CCA5260F18483B13085	189352	----a-w-	C:\Windows\Sysnative\java.exe
2013-10-26 19:23:19	B6E80D5B88B2BA12C20E12E2386D3BF8	334648	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2013-10-26 19:23:20	DF97409EBD35C5A40AF5594806724F75	1032416	----a-w-	C:\Windows\Sysnative\drivers\aswSnx.sys
2013-10-26 19:23:20	C04F7B373881009D7994D9BF55D24AB4	65776	----a-w-	C:\Windows\Sysnative\drivers\aswRvrt.sys
2013-10-26 19:23:20	9FB1012D9EE3B9510FAA4C8D34DECD1C	84328	----a-w-	C:\Windows\Sysnative\drivers\aswMonFlt.sys
2013-10-26 19:23:20	79EB7B1733F0EA220C95335795C806EB	38984	----a-w-	C:\Windows\Sysnative\drivers\aswFsBlk.sys
2013-10-26 19:23:20	679712B7A353EE665B9301592164A172	92544	----a-w-	C:\Windows\Sysnative\drivers\aswRdr2.sys
2013-10-26 19:23:20	59787B95DD9CA44CB139D96863438587	205320	----a-w-	C:\Windows\Sysnative\drivers\aswVmm.sys
2013-10-26 19:23:20	511595FFE2E06D6E1947E0A0C8C7AD27	409832	----a-w-	C:\Windows\Sysnative\drivers\aswSP.sys
2013-10-26 19:23:20	47BC12AC7D5B4F8D2086C6EAD759355E	65264	----a-w-	C:\Windows\Sysnative\drivers\aswTdi.sys
2013-10-14 10:04:42	DD3FD48D69F5FBBB21D46D1514C1C2DB	18456	----a-w-	C:\Windows\Sysnative\drivers\psi_mf_amd64.sys
2013-10-10 05:47:59	E2C933EDBC389386EBE6D2BA953F43D8	785624	----a-w-	C:\Windows\Sysnative\drivers\Wdf01000.sys
2013-10-10 05:47:59	80B0F7D5CCF86CEB5D402EAAF61FEC31	100864	----a-w-	C:\Windows\Sysnative\drivers\usbcir.sys
2013-10-10 05:47:58	9661DA76B4531B2DA272ECCE25A8AF24	42496	----a-w-	C:\Windows\Sysnative\drivers\usbscan.sys
2013-10-10 05:47:58	856E76B3641746ABBC2946BED1372098	32896	----a-w-	C:\Windows\Sysnative\drivers\hidparse.sys
2013-10-10 05:47:58	597C3699384E53CC59587ED50CCE5CA2	76800	----a-w-	C:\Windows\Sysnative\drivers\hidclass.sys
2013-10-10 05:47:57	1A4F75E63C9FB84B85DFFC6B63FD5404	140800	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
2013-10-10 05:47:56	40AF23633D197905F03AB5628C558C51	1903552	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
2013-10-10 05:47:56	314C17917AC8523EC77A710215012A65	497152	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2013-10-10 05:47:37	88612F1CE3BF42256913BF6E61C70D52	983488	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-10-26 20:29:01	--------	d-----w-	C:\Program Files\iTunes
2013-10-26 20:29:01	--------	d-----w-	C:\Program Files\iPod
2013-10-26 18:50:40	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2013-10-26 20:29:01	--------	d-----w-	C:\PROGRA~2\iTunes
2013-10-26 19:20:48	--------	d-----w-	C:\PROGRA~2\SketchUp
2013-10-26 19:13:01	--------	d-----w-	C:\PROGRA~2\Secunia
======= C: =====
====== C:\Users\Bart Esprit\AppData\Roaming ======
2013-10-26 20:28:43	--------	d-----w-	C:\Users\Default\AppData\Roaming\Apple Computer
2013-10-26 20:28:43	--------	d-----w-	C:\Users\Default\AppData\Local\Apple Computer
2013-10-26 20:28:43	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Apple Computer
2013-10-26 20:28:43	--------	d-----w-	C:\Users\Default User\AppData\Local\Apple Computer
2013-10-26 19:24:59	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\CrashDumps
2013-10-26 19:17:19	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Adobe
2013-10-26 19:17:19	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Adobe
2013-10-18 18:47:40	--------	d-----w-	C:\Users\Bart Esprit\AppData\Roaming\Google
2013-10-18 18:46:10	--------	d-----w-	C:\Users\Bart Esprit\AppData\Local\Programs
====== C:\Users\Bart Esprit ======
2013-10-26 20:29:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2013-10-26 20:29:01	--------	d-----w-	C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-10-26 20:26:48	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-10-26 19:23:29	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2013-10-26 19:22:22	24F3708CF5504C67F1CB2685C7BBAD78	85444160	----a-w-	C:\Users\Bart Esprit\Downloads\avast_free_antivirus_setup.exe
2013-10-26 19:20:51	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SketchUp 2013
2013-10-26 19:20:48	--------	d-----w-	C:\ProgramData\SketchUp
2013-10-26 19:12:48	3423D8A42D373494D014C58CAD5F3ADF	3864904	----a-w-	C:\Users\Bart Esprit\Downloads\PSISetup.exe
2013-10-26 18:50:31	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Bart Esprit\Downloads\RSITx64.exe
2013-10-26 18:23:00	76B1717148C114D3A47147B1A5CCFFEA	4379048	----a-w-	C:\Users\Bart Esprit\Downloads\ccsetup407.exe
2013-10-18 18:47:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
2013-10-18 18:47:05	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google SketchUp 8
2013-10-18 18:46:01	77681B1C47F1A67523610F4F0953F169	40747328	----a-w-	C:\Users\Bart Esprit\Desktop\googlesketchupwnl.exe

====== C: exe-files ==
2013-10-27 06:04:12	7DB7EB376E974685593F935590E1B096	41559552	----a-w-	C:\Program Files (x86)\Secunia\PSI\SUA\f2231c88705aaaf267443a8e6ac62ca5b6806acc\QuickTime_7.7.4_SPS.exe
2013-10-26 20:30:17	D3035E7C890D45AEC9A2F6B388593B2D	312744	----a-w-	C:\Windows\System32\javaws.exe
2013-10-26 20:30:13	5B11EB00AC6B39FDC78222FF88429ACF	189352	----a-w-	C:\Windows\System32\javaw.exe
2013-10-26 20:30:13	5AE4FBF3B0A57CCA5260F18483B13085	189352	----a-w-	C:\Windows\System32\java.exe
2013-10-26 20:30:11	F75DB1EDADFDB648CB1ED860734FD3D6	15784	----a-w-	C:\Program Files\Java\jre7\bin\ktab.exe
2013-10-26 20:30:11	F20A7105CDBDE6CF30D6ACA73B228E0F	15784	----a-w-	C:\Program Files\Java\jre7\bin\java-rmi.exe
2013-10-26 20:30:11	D4CA36BB34EF411F52801151515DF80E	64424	----a-w-	C:\Program Files\Java\jre7\bin\ssvagent.exe
2013-10-26 20:30:11	D39A773F618FF26FDE3111E90841F766	76200	----a-w-	C:\Program Files\Java\jre7\bin\javacpl.exe
2013-10-26 20:30:11	D3035E7C890D45AEC9A2F6B388593B2D	312744	----a-w-	C:\Program Files\Java\jre7\bin\javaws.exe
2013-10-26 20:30:11	C61605A5A8CA9DBD067CE5B3AD962D91	16296	----a-w-	C:\Program Files\Java\jre7\bin\orbd.exe
2013-10-26 20:30:11	BC7127BC1B7E9D190769A14D2D823AC2	15784	----a-w-	C:\Program Files\Java\jre7\bin\rmid.exe
2013-10-26 20:30:11	BB165574A5C1B86E5BFB4AE6493AE51B	15784	----a-w-	C:\Program Files\Java\jre7\bin\policytool.exe
2013-10-26 20:30:11	B809FD8ACECCF9F91315C16D93170B9A	15784	----a-w-	C:\Program Files\Java\jre7\bin\klist.exe
2013-10-26 20:30:11	B6F3B4749210AEAFD61390D38CE7687D	15784	----a-w-	C:\Program Files\Java\jre7\bin\kinit.exe
2013-10-26 20:30:11	B3A8D0406A8413EB8E97CA27C2464DE6	55720	----a-w-	C:\Program Files\Java\jre7\bin\jabswitch.exe
2013-10-26 20:30:11	9E1B6ED8973A89A83A27665FC5873F0B	181160	----a-w-	C:\Program Files\Java\jre7\bin\unpack200.exe
2013-10-26 20:30:11	729646BB9E6EDE36DC1938CB91F59FA6	15784	----a-w-	C:\Program Files\Java\jre7\bin\rmiregistry.exe
2013-10-26 20:30:11	5B11EB00AC6B39FDC78222FF88429ACF	189352	----a-w-	C:\Program Files\Java\jre7\bin\javaw.exe
2013-10-26 20:30:11	5AE4FBF3B0A57CCA5260F18483B13085	189352	----a-w-	C:\Program Files\Java\jre7\bin\java.exe
2013-10-26 20:30:11	4602D94DAE5DED0B4DB3E07F21AA5E4A	67496	----a-w-	C:\Program Files\Java\jre7\bin\jp2launcher.exe
2013-10-26 20:30:11	35A0A79F81C54BB08A912546D4C684DB	15784	----a-w-	C:\Program Files\Java\jre7\bin\keytool.exe
2013-10-26 20:30:11	2F292B53979D03CD601F3FD5BE6C99FD	15784	----a-w-	C:\Program Files\Java\jre7\bin\servertool.exe
2013-10-26 20:30:11	1E33EDB6B92211B8B3FA860A3D069109	16296	----a-w-	C:\Program Files\Java\jre7\bin\tnameserv.exe
2013-10-26 20:30:11	1749CE291FECB59C8C3AFDC11123FF60	15784	----a-w-	C:\Program Files\Java\jre7\bin\pack200.exe
2013-10-26 20:26:53	9223A2810B73069F4A03A636052EF14A	264616	----a-w-	C:\Windows\SysWOW64\javaws.exe
2013-10-26 20:26:48	DC1342498BEE7EF1646E9D63138B69CC	175016	----a-w-	C:\Windows\SysWOW64\javaw.exe
2013-10-26 20:26:48	658633D255FEF154EA1CB8705B4468C5	174504	----a-w-	C:\Windows\SysWOW64\java.exe
2013-10-26 20:26:44	DC1342498BEE7EF1646E9D63138B69CC	175016	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaw.exe
2013-10-26 20:26:44	CE10E75E10EB6952A7D813FA587EC632	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ktab.exe
2013-10-26 20:26:44	CC27986F45EF9FD700BC347355B002B3	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmid.exe
2013-10-26 20:26:44	CBFE91C51D4FA69FE9D140ABEB7E51DC	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\kinit.exe
2013-10-26 20:26:44	A9743D2D69B80800FEA5F24E7C4B02B3	48040	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jabswitch.exe
2013-10-26 20:26:44	9223A2810B73069F4A03A636052EF14A	264616	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javaws.exe
2013-10-26 20:26:44	83D790AA563347A026771D50E3D07A9B	66984	----a-w-	C:\Program Files (x86)\Java\jre7\bin\javacpl.exe
2013-10-26 20:26:44	80A79264302910C7C24BA7E44267EFEF	182696	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jqs.exe
2013-10-26 20:26:44	7F55715977ECF32633857F16980F008E	52648	----a-w-	C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
2013-10-26 20:26:44	7814B0A3E6FE8FFF31B7108D16FC4591	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\keytool.exe
2013-10-26 20:26:44	738AF811C60870FB218D47C628D350AA	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\rmiregistry.exe
2013-10-26 20:26:44	707BFE32E04720B9D50562669A30F86C	49064	----a-w-	C:\Program Files (x86)\Java\jre7\bin\ssvagent.exe
2013-10-26 20:26:44	658633D255FEF154EA1CB8705B4468C5	174504	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java.exe
2013-10-26 20:26:44	5FA3FFE74E893E8A9443C2CF3DFA7A64	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\pack200.exe
2013-10-26 20:26:44	5721DA732075E01569A287767CBCFA5A	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\klist.exe
2013-10-26 20:26:44	555651269833A415E1F9E594E8DD829F	146344	----a-w-	C:\Program Files (x86)\Java\jre7\bin\unpack200.exe
2013-10-26 20:26:44	54A30377949D4984EE72C5510C58B83D	16296	----a-w-	C:\Program Files (x86)\Java\jre7\bin\tnameserv.exe
2013-10-26 20:26:44	464358DE0429ABB319DFE3F5E5C85F77	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\orbd.exe
2013-10-26 20:26:44	3FB1EAAB3CD35126D1F3B9A0A5B7B2DC	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\policytool.exe
2013-10-26 20:26:44	2F7EBCD8FB6557997F0583508FFFE6B1	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\java-rmi.exe
2013-10-26 20:26:44	15EBB4D4B54FCE42D8CB116145BB7EBA	15784	----a-w-	C:\Program Files (x86)\Java\jre7\bin\servertool.exe
2013-10-26 19:23:19	B6E80D5B88B2BA12C20E12E2386D3BF8	334648	----a-w-	C:\Windows\System32\aswBoot.exe
2013-10-26 19:22:22	24F3708CF5504C67F1CB2685C7BBAD78	85444160	----a-w-	C:\Users\Bart Esprit\Downloads\avast_free_antivirus_setup.exe
2013-10-26 19:17:35	53406E9988306CBD4537677C5336ABA4	889416	----a-w-	C:\Users\Bart Esprit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\068I935L\dotNetFx40_Full_setup[1].exe
2013-10-26 19:17:31	A49868D134933005DA22B22C6E7D96A7	713032	----a-w-	C:\Users\Bart Esprit\AppData\Local\Temp\sketchup_install\setup.exe
2013-10-26 19:17:18	EAD0E24B0245F29DC0A0E522B519AED5	103272	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
2013-10-26 19:17:18	BC666CA53CA5656CD758D78A04521ADB	54632	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
2013-10-26 19:17:18	BC666CA53CA5656CD758D78A04521ADB	54632	----a-w-	C:\Program Files (x86)\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
2013-10-26 19:17:18	9EF58F1E7C9070EBF0EC4C85BBA221A1	59392	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
2013-10-26 19:17:18	1E9FB3D13D467C170E52FAFA9E94171E	130408	----a-w-	C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
2013-10-26 19:13:03	5BB7E539B89EE807D53E8BE2CB96BE33	485210	----a-w-	C:\Program Files (x86)\Secunia\PSI\Uninstall.exe
2013-10-26 19:12:48	3423D8A42D373494D014C58CAD5F3ADF	3864904	----a-w-	C:\Users\Bart Esprit\Downloads\PSISetup.exe
2013-10-26 18:50:40	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Bart Esprit.exe
2013-10-26 18:50:31	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Bart Esprit\Downloads\RSITx64.exe
2013-10-26 18:23:00	76B1717148C114D3A47147B1A5CCFFEA	4379048	----a-w-	C:\Users\Bart Esprit\Downloads\ccsetup407.exe
=== C: other files ==
2013-10-26 20:30:11	1FC90745848A4C3C832252B216340F8A	18633	----a-w-	C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip
2013-10-26 20:26:44	0A35B7026416325DE4A3EEC131F6EE2C	18636	----a-w-	C:\Program Files (x86)\Java\jre7\lib\deploy\ffjcext.zip
2013-10-26 19:23:20	DF97409EBD35C5A40AF5594806724F75	1032416	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
2013-10-26 19:23:20	C04F7B373881009D7994D9BF55D24AB4	65776	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
2013-10-26 19:23:20	9FB1012D9EE3B9510FAA4C8D34DECD1C	84328	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
2013-10-26 19:23:20	79EB7B1733F0EA220C95335795C806EB	38984	----a-w-	C:\Windows\System32\drivers\aswFsBlk.sys
2013-10-26 19:23:20	679712B7A353EE665B9301592164A172	92544	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys
2013-10-26 19:23:20	59787B95DD9CA44CB139D96863438587	205320	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
2013-10-26 19:23:20	511595FFE2E06D6E1947E0A0C8C7AD27	409832	----a-w-	C:\Windows\System32\drivers\aswSP.sys
2013-10-26 19:23:20	47BC12AC7D5B4F8D2086C6EAD759355E	65264	----a-w-	C:\Windows\System32\drivers\aswTdi.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-218453439-456519775-2849796511-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Bart Esprit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Bart Esprit\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Google Update"="C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe /c"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Bart Esprit\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Bart Esprit\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Google Update"="C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe /c"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"LogMeIn GUI"="C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Bart Esprit\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"


==== Startup Folders ======================

2012-11-25 15:36:18	1064	----a-w-	C:\Users\Bart Esprit\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2013-10-26 19:13:02	1070	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/10/2013 07:32]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2013 19:48]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/02/2013 19:48]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-218453439-456519775-2849796511-1001Core.job --a------ C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe [04/10/2012 10:38]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-218453439-456519775-2849796511-1001UA.job --a------ C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe [04/10/2012 10:38]
C:\Windows\tasks\RMAutoUpdate.job --a------ C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe [18/03/2013 03:16]
C:\Windows\tasks\RMSchedule.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\clear.fi" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fi.exe"]
"C:\Windows\SysNative\tasks\clear.fiAgent" ["C:\Program Files (x86)\Acer\clear.fi\MVP\clear.fiAgent.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\DMREngine" ["C:\Program Files (x86)\Acer\clear.fi\MVP\.\Kernel\DMR\DMREngine.exe"]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-218453439-456519775-2849796511-1001Core" [C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-218453439-456519775-2849796511-1001UA" [C:\Users\Bart Esprit\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe"]
"C:\Windows\SysNative\tasks\RMAutoUpdate" [C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe]
"C:\Windows\SysNative\tasks\RMSchedule" [C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\PROGRA~1\AVASTS~1\Avast\WebRep\FF" [26/10/2013 20:23]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\PROGRA~1\AVASTS~1\Avast\WebRep\Chrome\aswWebRepChrome.crx[26/10/2013 20:23]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[31/05/2013 02:49]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

LyricsSay-16 - Bart Esprit - Default\Extensions\akhhdakpodeopjboaakapkhakhlbmlfd
Docs - Bart Esprit - Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Bart Esprit - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Bart Esprit - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Bart Esprit - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Norton Identity Protection - Bart Esprit - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
DVDVideoSoft Browser Extension - Bart Esprit - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp
Gmail - Bart Esprit - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Bart Esprit\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
C:\Users\Bart Esprit\AppData\Local\Google\Chrome\User Data\Default\Extensions\akhhdakpodeopjboaakapkhakhlbmlfd deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.festerssolutions.be/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.festerssolutions.be/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

C:\Users\Bart Esprit\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Bart Esprit\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\belgiumeid@eid.belgium.be deleted successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bart Esprit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Bart Esprit\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Bart Esprit\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Bart Esprit\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\BARTES~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 27/10/2013 at 10:26:54,08 ======================