
Zoek.exe v5.0.0.0 Updated 15-November-2014
Tool run by Brenda on za 15/11/2014 at 20:42:13,07.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Brenda\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4CNGZCW\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-08-01-202507.log	23718 bytes
C:\zoek-results2014-08-05-201514.log	27494 bytes
C:\zoek-results2014-08-06-163026.log	12726 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Movies App deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\GlarySoft deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\Soulseek deleted successfully
C:\Users\Brenda\AppData\Roaming\GlarySoft deleted successfully
C:\Users\Brenda\AppData\Roaming\Systweak deleted successfully
C:\Users\Brenda\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SmdmFService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SmdmFService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\F06DEFF2-5B9C-490D-910F-35D3A9119622 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Nucleus Kernel IncrediMail Evaluation version deleted
C:\PROGRA~2\Photo Notifier and Animation Creator deleted
C:\PROGRA~2\BearShare Applications deleted
C:\Users\Brenda\AppData\Roaming\VOPackage deleted
C:\PROGRA~3\APN deleted
C:\PROGRA~3\smdmf deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Brenda\AppData\Local\CrashRpt deleted
C:\Users\Brenda\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\Brenda\AppData\LocalLow\DataMngr deleted
C:\windows\SysNative\Tasks\LaunchSignup deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension\iedll.dll" deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension\iedll64.dll" deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension\iedll.dll" deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension\iedll64.dll" deleted
"C:\Users\Brenda\AppData\Local\Linkey" not deleted
"C:\Users\Brenda\AppData\Local\Linkey" not deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension" not deleted
"C:\Users\Brenda\AppData\Local\Linkey\IEExtension" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Brenda\AppData\Local\Temp ====
2014-11-15 10:05:29	B80DD7A010ED62E0DE7524A5EAF70C4C	20492848	----a-w-	C:\Users\Brenda\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.235_NetStorage.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-11-12 10:01:56	980EEEE8815DA7593708774D1225BD35	681984	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2014-11-12 10:01:55	9AB39ADD28C7C1A685B1EA8C6A25CF08	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2014-11-12 10:01:55	9216ABFD53F5EC1F35C3554AD1A175DE	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-11-12 10:01:55	13E5B1CD503A4B21E9F0A2D55A00198B	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-11-12 10:01:43	537184E7306E06BB22C5B93D2AFA4DF8	1237504	----a-w-	C:\Windows\SysWOW64\msxml3.dll
2014-11-12 10:01:43	09FA271EE1F9AD68B2D1C1C210F4B71F	2048	----a-w-	C:\Windows\SysWOW64\msxml3r.dll
2014-11-12 10:01:41	5FDBDEECA34E73325D87C5ACD16A3EEC	701440	----a-w-	C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 10:01:40	8D338464B851DDD76E2B876A3E09EB70	442880	----a-w-	C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-12 10:01:39	FD79B005E849DF3D7E9B5EB7A637C528	374784	----a-w-	C:\Windows\SysWOW64\AudioEng.dll
2014-11-12 10:01:39	AA7325057A1E1CC401798C0B1238E182	195584	----a-w-	C:\Windows\SysWOW64\AudioSes.dll
2014-11-12 10:01:32	8FE6AB488ECDC60930CE973A7051B0D4	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-11-12 10:01:32	8CFAEFCD7F1E004950FCAE870A501B3E	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-11-12 10:01:31	B580A6B9932669DE703001AEE66D5BB1	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-11-12 10:01:31	9CEA80FFC617E6B6DD7B52E6225C0D38	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-11-12 10:01:31	8205E55DFB11809E5F2AAD1C48840535	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-11-12 10:01:31	3B3B8BA16DC999EA17D075D2F1064DE4	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-11-12 10:01:31	37BC079204BF9B087D6DE6B728908B4B	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-11-12 10:01:16	0F39AC3274312EFFD03928291E8BA7CA	67584	----a-w-	C:\Windows\SysWOW64\packager.dll
2014-11-12 10:01:13	CB55B9AAB060C803BE4AD229AA0FEC28	2363904	----a-w-	C:\Windows\SysWOW64\msi.dll
2014-11-12 10:00:59	EDA54D2E17C0271D2CDA946ABE344110	571904	----a-w-	C:\Windows\SysWOW64\oleaut32.dll
2014-11-12 10:00:53	9E693725F153CD9EF08E90D58EBEBC54	14368768	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-11-12 10:00:47	25675CBC95EFE46BADB77517E6BC4DAA	13758464	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-11-12 10:00:45	D7B42130AAE3AED8E487619A9E1BF351	1762816	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-11-12 10:00:44	8D4A22F77C915F95BD43D0B87EF9DD16	2055168	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-11-12 10:00:43	FA76509E854E2B56D86B519515DEB941	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2014-11-12 10:00:43	8B9B8B299EA8F3459258651F2715800A	1441280	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-11-12 10:00:43	005C724A03D515C021B5C99DF233D626	1181696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-11-12 10:00:42	DA243158233832634ED12CB4DC10A1B1	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-11-12 10:00:42	D790BF4857C770303BAD1EFAB9B019C2	2861568	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-11-12 10:00:42	1D3967BB5CF911B10C59BD9B8A9B2C30	226816	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-11-12 10:00:41	D7B77882917701A566275A77FD096F01	391168	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-11-12 10:00:41	A1D78619335089E7CC8C492B7A8E4133	523776	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2014-11-12 10:00:41	8D3B447D5C77D51878B765D1E8412999	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2014-11-12 10:00:40	F20D4C62654EA7AE56D001F33523529B	226816	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-11-12 10:00:40	CE3C1060585125EA8471969106BFC2DB	357888	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-11-12 10:00:40	989FF71C719526B95264AAA15DA4058C	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-11-12 10:00:40	6C9C9A3DB148AFC5F77BD0D84BC9248C	80384	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-11-12 10:00:40	46A456C8E7D2D9A08F56390FF328C27E	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-11-12 10:00:39	8D471DA9EF322368D93FC4DC0D3A4F85	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-11-12 10:00:39	5934C1A21DB8CB58A1FADD9CBA142D9D	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-11-12 10:00:39	19B1DC0ED949D5BA2F96EC68CE792F3E	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-11-12 10:00:39	048E882BD570E31639757F079FD80E14	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-11-12 10:01:59	F992AAE3F2DF1D7D2A75B681B0C5280E	304640	----a-w-	C:\Windows\Sysnative\generaltel.dll
2014-11-12 10:01:58	9F1FA4F36406693C77CC5779AA7E532D	228864	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-11-12 10:01:58	6021CF6A11DE9B5FC1BD210B6855C497	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-11-12 10:01:56	C4C1B73FC2FF151BA08E1EAFDE2A2FAF	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-11-12 10:01:56	58F87BF5659C8EBC61EB439C916F2F9A	681984	----a-w-	C:\Windows\Sysnative\adtschema.dll
2014-11-12 10:01:56	008CD4EBFABCF78D0F19B3778492648C	683520	----a-w-	C:\Windows\Sysnative\termsrv.dll
2014-11-12 10:01:55	7184AEACDA13E64B10F84E9DD79C8A01	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2014-11-12 10:01:44	364ECFF4ABD9D575F4F7CF7EB7928EF3	1882624	----a-w-	C:\Windows\Sysnative\msxml3.dll
2014-11-12 10:01:43	D005697F0467BBDDAB7638496DA5DB52	2048	----a-w-	C:\Windows\Sysnative\msxml3r.dll
2014-11-12 10:01:41	1FEBD408F32DFC523882E7DA5AC57819	878080	----a-w-	C:\Windows\Sysnative\IMJP10K.DLL
2014-11-12 10:01:40	DE3E38431B00C2EA247C53675DCF01A0	680960	----a-w-	C:\Windows\Sysnative\audiosrv.dll
2014-11-12 10:01:40	B1BB7B91C3C878FDB2874138CE81C4EF	284672	----a-w-	C:\Windows\Sysnative\EncDump.dll
2014-11-12 10:01:40	A2C9E45F4069A002E985D1563D16813B	440832	----a-w-	C:\Windows\Sysnative\AudioEng.dll
2014-11-12 10:01:40	9383B21A4B77C130940262DDC5F3F49B	500224	----a-w-	C:\Windows\Sysnative\AUDIOKSE.dll
2014-11-12 10:01:39	FAFCB80D42A65964B6F4945283B8C10F	296448	----a-w-	C:\Windows\Sysnative\AudioSes.dll
2014-11-12 10:01:32	A71B81AC2C14ABA013CCF1225D9E3E36	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-11-12 10:01:32	109CC0DF72CC07A6CB59D2995255A1DA	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-11-12 10:01:31	DF30FC54FFF79BC744B22A4850A3CF92	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-11-12 10:01:31	55F0CF40479A1FC89CFA578909A540F2	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-11-12 10:01:31	47C48C705F4F1EFC99B50B43AE4301FE	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-11-12 10:01:31	336BA030AB7B05300CB0B5C6AFB27176	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-11-12 10:01:31	028D99F83CBB31DB7995530B89EA13CF	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-11-12 10:01:16	934735F508E297504460935B71E99F0B	77824	----a-w-	C:\Windows\Sysnative\packager.dll
2014-11-12 10:01:15	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-11-12 10:01:13	2720C94ADCC1727A66365CCB1CE456C4	3241984	----a-w-	C:\Windows\Sysnative\msi.dll
2014-11-12 10:00:59	B938AF16A521C913791C6F7AFF032757	861696	----a-w-	C:\Windows\Sysnative\oleaut32.dll
2014-11-12 10:00:56	BB9EDB136C117014C9ECC281E15568F3	19284480	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-11-12 10:00:50	71882DBD92A58EC265508E5F4F5894B3	15399424	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-11-12 10:00:46	4E0BA41211B870111B8DE9B03B49C18E	2237952	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-11-12 10:00:44	CAFB7296295D473364DE6B57C970A445	1409536	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-11-12 10:00:44	237DD0E5230B0E78C09836D888798380	2655232	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-11-12 10:00:43	624EA391F837DD143B649C62D0A661F9	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2014-11-12 10:00:43	469B033F7E48F7B9943523055FA1EAF9	1509376	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-11-12 10:00:42	71B20011967F1E4F550A8DDD095C8251	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-11-12 10:00:41	D39E6B207EEA4867BD62FBC511C320E0	255488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-11-12 10:00:41	9D2148EA842DF710FBA83042A1B656CA	526336	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-11-12 10:00:41	2094F0FBF3E4FF5B53DD46C2C4BFBD6D	3959296	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-11-12 10:00:40	D0FE275A6C25CD1BD6B40C726E87564A	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-11-12 10:00:40	CCA72EBB1E4B0849EA251211F7C1B4AE	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-11-12 10:00:40	C987F9E6981F1EDF7AAC65A8734D4267	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-11-12 10:00:40	A1D32506F067DF92455C9306669D933F	281600	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-11-12 10:00:40	832F007C4D313213B5B633357647324C	600064	----a-w-	C:\Windows\Sysnative\vbscript.dll
2014-11-12 10:00:40	305A20D511396D77C9A81EC1A6D4F243	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2014-11-12 10:00:40	124F008B1CEC1FA16A4B4665C34BC76B	451584	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-11-12 10:00:40	02D8C74F640D2116E07A46AD7D4064E4	97280	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-11-12 10:00:39	FBCCEDE1720306CBC2D448248CDA0772	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-11-12 10:00:39	7D996CEA7CDA7342FE091ADFF14DFAB0	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-11-12 10:00:39	345BEAB65EB2DD9A9813C97C559972AE	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-11-12 10:00:39	005438B4BC9A23620E29E860FDB43909	89600	----a-w-	C:\Windows\Sysnative\RegisterIEPKEYs.exe
====== C:\Windows\Sysnative\drivers =====
2014-11-12 10:01:56	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-10-31 10:47:12	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_csrpan_01009.Wdf
2014-10-31 10:46:54	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_csrserial_01009.Wdf
2014-10-31 10:46:31	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_Kernel_csrusb_01009.Wdf
2014-10-30 17:16:41	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\Sysnative\drivers\Msft_User_wpdcomp_01_09_00.Wdf
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-10-31 10:43:53	--------	d-----w-	C:\Program Files\CSR
2014-10-30 18:43:03	--------	d-----w-	C:\Program Files\Adobe
2014-10-30 18:37:16	--------	d-----w-	C:\Program Files\Common Files\Adobe
======= C:\PROGRA~2 =====
2014-11-11 18:22:27	--------	d-----w-	C:\PROGRA~2\OpenOffice 4
2014-10-31 10:44:31	--------	d-----w-	C:\PROGRA~2\CSR
2014-10-31 10:44:29	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2014-10-30 17:18:47	--------	d-----w-	C:\PROGRA~2\Sony
======= C: =====
2014-11-15 10:03:56	26DB3F538096DA58967F82B9D65A83A9	3288	------w-	C:\bootsqm.dat
====== C:\Users\Brenda\AppData\Roaming ======
2014-11-11 18:24:40	--------	d-----w-	C:\Users\Brenda\AppData\Roaming\OpenOffice
====== C:\Users\Brenda ======
2014-11-11 18:23:07	--------	d-s---w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1
2014-10-31 08:55:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-10-30 18:16:55	--------	d-----r-	C:\Users\Brenda\Creative Cloud Files
2014-10-30 17:18:53	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-10-30 17:18:47	--------	d-----w-	C:\ProgramData\Sony
2014-10-23 13:24:24	--------	d--h--w-	C:\ProgramData\CanonBJ

====== C: exe-files ==
2014-11-15 19:01:41	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Brenda.exe
2014-11-15 19:01:14	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Brenda\Contacts\Downloads\RSITx64.exe
2014-11-15 10:06:15	6E0105823B4FE91632C9DA8314418417	655536	----a-w-	C:\Program Files (x86)\InstallShield Installation Information\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}\setup.exe
2014-11-15 10:05:29	B80DD7A010ED62E0DE7524A5EAF70C4C	20492848	----a-w-	C:\Users\Brenda\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.235_NetStorage.exe
2014-11-14 11:29:05	5B4ED5734945619EE3BCDB9825D2F526	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateOnDemand.exe
2014-11-14 11:29:05	06036279056145E0F08FC095CB789E6A	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateBroker.exe
2014-11-14 11:29:04	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateSetup.exe
2014-11-14 11:29:00	F172AD4E906D97ED8F071896FC6789DC	107912	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdate.exe
2014-11-14 11:29:00	EDD3E562684CB4C50704B471BEAB1F86	114568	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleUpdateComRegisterShell64.exe
2014-11-14 11:29:00	CB8C1CC4F46FBAC78150754D77460C73	230792	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler.exe
2014-11-14 11:29:00	7161E8E31B7FD3B1CE083C2CA5FD5F44	285064	----atw-	C:\Program Files (x86)\Google\Update\1.3.25.11\GoogleCrashHandler64.exe
2014-11-14 11:28:56	87EB5AFD21E52CB08883E04605B55829	880784	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.25.11\GoogleUpdateSetup.exe
2014-11-12 10:01:58	C265E023A65D7DA049E1B1D957F714EE	161960	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-11-12 10:01:58	037DF5FF4E17AD355309F0E4B15B48BE	46752	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-11-12 10:01:41	7EEB4D2A17421D337F970FB5C3B24410	106496	----a-w-	C:\Windows\SysWOW64\IME\IMEJP10\imjpuexc.exe
2014-11-12 10:01:41	73E0DAD52482E65C478EA46081C8785A	141312	----a-w-	C:\Windows\System32\IME\IMEJP10\imjpuexc.exe
2014-11-12 10:00:43	95F20403548F47822B6F96F2D6B2AA20	775312	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2014-11-12 10:00:43	0E144293FBAECD79A045B336FA6C0F0D	770704	----a-w-	C:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-11-12 10:00:40	EDBEE1FFEE2F0A804B32BBD5317C3B84	485376	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-11-12 10:00:40	CCA72EBB1E4B0849EA251211F7C1B4AE	51712	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-11-12 10:00:40	B62CEFF31A4CB18804727FA28381165A	470016	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-11-12 10:00:39	5934C1A21DB8CB58A1FADD9CBA142D9D	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-11-12 10:00:39	005438B4BC9A23620E29E860FDB43909	89600	----a-w-	C:\Windows\System32\RegisterIEPKEYs.exe
=== C: other files ==
2014-11-12 10:01:56	41774FF331F609EF442B7398EE6202B1	155064	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-11-12 10:01:15	93C055B6AAD76360A60CB7E59A491531	3198976	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1317670609-1908533779-1924947057-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Users\\Brenda\\AppData\\Local\\Linkey\\IEEXTE~1\\iedll.dll "

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"CsrHCRPServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe"
"CsrAudioguiCtrl"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe"
"CsrSyncMLServer"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe"
"vksts"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe"
"HarmonyUserStartup"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe"
"CSRHarmonySkypePlugin"="C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe"
"TrayApplication"="C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AdobeAAMUpdater-1.0"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LWBMOUSE]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LWBMOUSE"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\Browser Mouse\\Browser Mouse\\1.0\\lwbwheel.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Power Management]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Power Management"
"hkey"="HKLM"
"command"="C:\\Program Files\\Packard Bell\\Packard Bell Power Management\\ePowerTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="RtHDVCpl"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sidebar]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sidebar"
"hkey"="HKCU"
"command"="C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TkBellExe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TkBellExe"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Real\\RealPlayer\\update\\realsched.exe\"  -osboot"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Mobile Device Center"
"hkey"="HKLM"
"command"="%windir%\\WindowsMobile\\wmdc.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Microsoft Office.lnk"
"backup"="C:\\Windows\\pss\\Microsoft Office.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\MICROS~4\\Office10\\OSA.EXE -b -l"
"item"="Microsoft Office"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Brenda^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk]
"path"="C:\\Users\\Brenda\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\OpenOffice.org 3.4.1.lnk"
"backup"="C:\\Windows\\pss\\OpenOffice.org 3.4.1.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~2\\OPENOF~1.ORG\\program\\QUICKS~1.EXE "
"item"="OpenOffice.org 3.4.1"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/11/2014 19:59]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05/10/2013 19:41]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe ARM" ["C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe Reader Speed Launcher" ["C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Brenda-PC-Brenda" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\NBAgent" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\WSCStub.exe"]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-1317670609-1908533779-1924947057-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-1317670609-1908533779-1924947057-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{29BAA485-4E4C-4A94-8407-443CD4812E93}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Analyzer" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton AntiVirus\Norton Error Processor" [C:\Program Files (x86)\Norton AntiVirus\Engine\21.2.0.38\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F04D2D30-776C-4d02-8627-8E4385ECA58D}"="C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.6.0.27\coFFPlgn" [11/05/2014 19:07]