
Zoek.exe v5.0.0.0 Updated 08-February-2015
Tool run by Antwerp on ma 09/02/2015 at 20:00:46,32.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Antwerp\Downloads\Programs\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

9/02/2015 20:03:19 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Citrix deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~2\Sony Ericsson deleted successfully
C:\Program Files\McAfee deleted successfully
C:\PROGRA~3\IDM deleted successfully
C:\PROGRA~3\Sony Ericsson deleted successfully
C:\Users\Antwerp\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Antwerp\AppData\Roaming\TaiG deleted successfully
C:\Users\Antwerp\AppData\Roaming\TP deleted successfully
C:\Users\Antwerp\AppData\Roaming\TunnelBear deleted successfully
C:\Users\Antwerp\AppData\Local\calibre-cache deleted successfully
C:\Users\Antwerp\AppData\Local\CrashDumps deleted successfully
C:\Users\Antwerp\AppData\Local\DriverToolkit deleted successfully
C:\Users\Antwerp\AppData\Local\HockeyCrashes deleted successfully
C:\Users\Guest\AppData\Local\CrashDumps deleted successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}] 

==== Deleting Files \ Folders ======================

C:\Windows\AutoKMS deleted
C:\ProgramData\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted
C:\Users\Antwerp\.android deleted
C:\PROGRA~2\SamsungPrinterLiveUpdateInstaller deleted
C:\PROGRA~3\Package Cache deleted
C:\PROGRA~3\Trymedia deleted
C:\Users\Antwerp\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Download Manager deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\sho1074.tmp deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Windows\tasks\AutoKMSDaily.job" deleted
"C:\Windows\KMSEmulator.exe" deleted
"C:\Program Files (x86)\Internet Download Manager\IDMan.exe" deleted
"C:\Program Files (x86)\Internet Download Manager\idmftype.dll" deleted
"C:\Program Files (x86)\Internet Download Manager\idmindex.dll" deleted
"C:\Program Files (x86)\Internet Download Manager\IDMIntegrator64.exe" deleted
"C:\Program Files (x86)\Internet Download Manager\idmmkb.dll" deleted
"C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll" deleted
"C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll" deleted
"C:\Program Files (x86)\Internet Download Manager\IEMonitor.exe" deleted
"C:\PROGRA~2\Internet Download Manager\IDMan.exe" deleted
"C:\PROGRA~2\Internet Download Manager\idmftype.dll" deleted
"C:\PROGRA~2\Internet Download Manager\idmindex.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMIntegrator64.exe" deleted
"C:\PROGRA~2\Internet Download Manager\idmmkb.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMNetMon64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IDMShellExt64.dll" deleted
"C:\PROGRA~2\Internet Download Manager\IEMonitor.exe" deleted
"C:\Program Files (x86)\Internet Download Manager" not deleted
"C:\PROGRA~2\Internet Download Manager" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Antwerp\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-02-09 18:49:02	BD6CF5354EAE95D6C2807E6DAE79D3FF	111016	----a-w-	C:\Windows\Sysnative\WindowsAccessBridge-64.dll
====== C:\Windows\Sysnative\drivers =====
2015-01-14 13:21:12	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-02-09 18:47:07	--------	d-----w-	C:\Program Files\Java
2015-02-09 12:56:16	--------	d-----w-	C:\Program Files\trend micro
2015-01-31 21:24:30	--------	d-----w-	C:\Program Files\iTunes
2015-01-31 21:24:30	--------	d-----w-	C:\Program Files\iPod
======= C:\PROGRA~2 =====
2015-02-09 18:50:20	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-01-31 21:24:31	--------	d-----w-	C:\PROGRA~2\iTunes
2015-01-15 20:42:38	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\Antwerp\AppData\Roaming ======
2015-02-09 18:50:19	--------	d-----w-	C:\Users\Antwerp\AppData\Locallow\Oracle
2015-02-01 19:21:01	--------	d-----w-	C:\Users\Antwerp\AppData\Local\CDF5F268-4A20-44FB-B5BB-E86282FE726A.aplzod
2015-01-31 21:46:46	--------	d-----w-	C:\Users\Antwerp\AppData\Local\Apple Inc
2015-01-31 21:21:52	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Apple Computer
2015-01-14 17:27:21	--------	d-----w-	C:\Users\Antwerp\AppData\Local\Citrix
====== C:\Users\Antwerp ======
2015-02-09 18:48:01	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-02-01 19:21:11	--------	d-----r-	C:\Users\Antwerp\iCloudDrive
2015-01-31 21:25:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2015-01-31 21:08:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud

====== C: exe-files ==
2015-02-09 19:03:10	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_5169c65f-9541-4f85-a3fc-b6f638ea05c3\PCGAppControlPluginLoader.exe
2015-02-09 19:03:07	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_8a26e187-9a61-41af-a4f4-0130f8044c9b\PCGAppControlPluginLoader.exe
2015-02-09 18:48:02	F951A8D249C943E7ECDF66D2FE16CDCD	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-02-09 18:48:02	F40410CE27DE0823A93B2BD4BFE4F3F6	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-02-09 18:48:02	12B174AA182C0C98ACAE637EEA9C52A0	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-02-09 18:47:49	FA78A9BBAF7352401B7F982464160448	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-02-09 18:47:49	B9BAB51EDBBF27E480A07F904124F810	197544	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\unpack200.exe
2015-02-09 18:47:49	B53F3B97AA13A200F8DB5BFA2684F953	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\servertool.exe
2015-02-09 18:47:49	886C21FEA39553EA786355C58379AB75	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\tnameserv.exe
2015-02-09 18:47:49	4AE110AC85558EF04CB3677754A98427	66472	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ssvagent.exe
2015-02-09 18:47:49	3B65C09A8A823334CE0EB9AA3F9BDFE5	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\rmid.exe
2015-02-09 18:47:48	F37694550A132DB95F52A14D65C3BF7D	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\kinit.exe
2015-02-09 18:47:48	CB836597AE26F0D031CF7A0C934EC218	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\pack200.exe
2015-02-09 18:47:48	C7FDEF85040A4602C3547E4C5B700CF9	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\keytool.exe
2015-02-09 18:47:48	B4614F21174A2F1DAA5394062885C8E5	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\ktab.exe
2015-02-09 18:47:48	713DBD861EC396B286A1970A4F0F6951	16808	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\policytool.exe
2015-02-09 18:47:48	5657E104B156F043BC002C3EDC1C79E4	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\orbd.exe
2015-02-09 18:47:48	0F19A5EE1E440C0F05554FA3A48EF000	100264	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-02-09 18:47:48	06CE06172AA1185E701647429A9C18C9	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jjs.exe
2015-02-09 18:47:48	03597BDF891C9FDB3A4F1C2DA591A4C4	16296	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\klist.exe
2015-02-09 18:47:47	F951A8D249C943E7ECDF66D2FE16CDCD	191400	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaw.exe
2015-02-09 18:47:47	F40410CE27DE0823A93B2BD4BFE4F3F6	319912	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javaws.exe
2015-02-09 18:47:46	F1D678998EDEAE9DF3300E6521A119F2	77224	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\javacpl.exe
2015-02-09 18:47:46	12B174AA182C0C98ACAE637EEA9C52A0	190888	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java.exe
2015-02-09 18:47:46	1125B37F1D6BAF143AF129831B06D1BD	15784	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\java-rmi.exe
2015-02-09 18:47:45	6E23278A38DCB78C29B19386B1D509DC	34216	----a-w-	C:\Program Files\Java\jre1.8.0_31\bin\jabswitch.exe
2015-02-09 18:16:33	A1E56496869C6CAD9169AD723A2CCF82	93427112	----a-w-	C:\Users\Antwerp\Downloads\Programs\jre-8u31-windows-x64.exe
2015-02-09 13:00:31	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_3bb6a788-3d70-461c-a11c-d24d5f40e59f\PCGAppControlPluginLoader.exe
2015-02-09 12:59:42	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_4a843a83-c211-4d1e-bbef-c52fd5901352\PCGAppControlPluginLoader.exe
2015-02-09 12:56:19	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Antwerp.exe
2015-02-09 12:54:34	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Antwerp\Downloads\Programs\RSITx64.exe
2015-02-09 07:01:11	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_8d1f379c-885b-429b-a5d8-6c8b4d812a72\PCGAppControlPluginLoader.exe
2015-02-09 07:01:01	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_094b16ca-db98-4410-b015-e709a610150f\PCGAppControlPluginLoader.exe
2015-02-08 13:32:16	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_edf67bc0-1552-489d-b2a7-086f45555af8\PCGAppControlPluginLoader.exe
2015-02-08 13:32:15	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_098d4e15-2113-4abb-8e1b-18e6e8b3d250\PCGAppControlPluginLoader.exe
2015-02-08 07:17:00	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_98bc5401-2cc4-4d7f-93ec-025d0c3fd97a\PCGAppControlPluginLoader.exe
2015-02-08 07:16:59	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_a44e12f4-be29-4f71-81d3-a64e228d966a\PCGAppControlPluginLoader.exe
2015-02-07 20:29:10	1F9A2717F6C6D3440B1F4A59FF96C708	1043024	----a-w-	C:\Program Files (x86)\Google\Update\Install\{DC5370DD-205E-4C21-906A-59EC1A6A5EB9}\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-07 20:29:10	1F9A2717F6C6D3440B1F4A59FF96C708	1043024	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.111\40.0.2214.111_40.0.2214.94_chrome_updater.exe
2015-02-07 20:23:55	5F0A3AA68785C49454F56C9F2DDA0237	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-07 20:23:54	FD98434B6A06FE31A35E4BFBC827B290	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-07 20:23:54	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-07 20:23:54	4C02536F4CA35911FB3EA5715F300C57	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-07 20:23:48	F3B6470DA7CE34E559D3BA7365CC909C	115528	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-07 20:23:48	E1B44A75947137F4143308D566889837	107848	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-07 20:23:48	83BB030C71C9727DCFB2737005772C4E	232264	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-07 20:23:48	323CFFFDAF253AC65CD194A101BE6231	287048	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-07 20:23:44	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\Install\{F00C68A0-1687-4EAD-9F33-47A27F4ACF94}\GoogleUpdateSetup.exe
2015-02-07 20:23:44	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
2015-02-07 20:22:21	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_174f2514-3f95-49d1-9355-31afa25e185f\PCGAppControlPluginLoader.exe
2015-02-07 20:22:20	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_2b3ca6de-6c4e-4f8c-b4ae-71d111d27ed5\PCGAppControlPluginLoader.exe
2015-02-06 13:54:46	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_bae4caef-de6e-41c0-8cc3-1c43221f7cc3\PCGAppControlPluginLoader.exe
2015-02-06 13:54:45	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_de1abd2e-0f4e-48af-91f2-c91a5c6920ce\PCGAppControlPluginLoader.exe
2015-02-06 07:56:40	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_fa87872b-02a6-4151-b76f-5bfc011c46ba\PCGAppControlPluginLoader.exe
2015-02-06 07:56:34	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_4ddf840e-a407-4464-9351-faf46e55479c\PCGAppControlPluginLoader.exe
2015-02-05 20:56:03	723B70A5229599F1A1A540168F6580D8	437456	----a-w-	C:\ProgramData\NVIDIA\Updatus\Download\6F01\updatus.19296794_RUNASUSER.exe
2015-02-05 20:55:48	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_dff1c0a1-9375-4142-8fa7-1496e0fdb9df\PCGAppControlPluginLoader.exe
2015-02-05 12:46:58	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_d0de2d95-a95c-4e2a-bf73-00d1f192f477\PCGAppControlPluginLoader.exe
2015-02-05 12:46:56	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_e3b249b5-b2fb-4a12-8760-72e3a41548c1\PCGAppControlPluginLoader.exe
2015-02-05 06:50:15	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_5b2c4058-5544-49ae-9fca-4ebfb345f203\PCGAppControlPluginLoader.exe
2015-02-05 06:49:54	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_c82712ca-143b-4029-89ac-c3eee892385e\PCGAppControlPluginLoader.exe
2015-02-04 20:39:56	31861F955C8B75804AC37DF3BCD02C41	436816	----a-w-	C:\ProgramData\NVIDIA\Updatus\Download\6E88\updatus.19293086_RUNASUSER.exe
2015-02-04 19:13:27	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_7b695c7a-cfe3-41ca-b063-d626b513a12a\PCGAppControlPluginLoader.exe
2015-02-04 19:13:25	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_f9324599-0d5f-4335-9457-ba968db97ef3\PCGAppControlPluginLoader.exe
2015-02-04 18:25:25	FD98434B6A06FE31A35E4BFBC827B290	52040	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-04 18:25:25	5F0A3AA68785C49454F56C9F2DDA0237	52040	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-04 18:25:25	4C02536F4CA35911FB3EA5715F300C57	52040	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-04 18:25:24	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-04 18:25:18	F3B6470DA7CE34E559D3BA7365CC909C	115528	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-04 18:25:18	E1B44A75947137F4143308D566889837	107848	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-04 18:25:18	83BB030C71C9727DCFB2737005772C4E	232264	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-04 18:25:18	323CFFFDAF253AC65CD194A101BE6231	287048	----atw-	C:\Users\Antwerp\AppData\Local\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-04 18:25:15	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Antwerp\AppData\Local\Google\Update\Install\{1AE9DDA9-394F-4CCD-98E7-B512C742E07D}\GoogleUpdateSetup.exe
2015-02-04 18:25:14	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Users\Antwerp\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
2015-02-04 18:24:36	58299DF39FB1669A259E81EBEA6EF07A	73336	----a-w-	C:\Program Files (x86)\Opera\27.0.1689.66\wow_helper.exe
2015-02-04 18:24:36	2B777D2CDD5173F86048B1DCD0B29348	552056	----a-w-	C:\Program Files (x86)\Opera\27.0.1689.66\opera_crashreporter.exe
2015-02-04 18:24:35	CEEFB1EB6672EDD79A5F0655360C87F9	1284728	----a-w-	C:\Program Files (x86)\Opera\27.0.1689.66\installer.exe
2015-02-04 18:24:35	66EBDB6C0AC13BBB9014A5CC0B5365B0	2152056	----a-w-	C:\Program Files (x86)\Opera\27.0.1689.66\opera_autoupdate.exe
2015-02-04 18:24:35	549EEC77E8A87A0783A967A630B1A82B	51365496	----a-w-	C:\Program Files (x86)\Opera\27.0.1689.66\opera.exe
2015-02-04 13:14:25	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_34571e5b-6a33-4b31-9005-4f9db274beb8\PCGAppControlPluginLoader.exe
2015-02-04 13:14:24	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_f7c67be9-a675-4696-bfb2-ecd7dfe58a00\PCGAppControlPluginLoader.exe
2015-02-04 07:16:17	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_615fd417-bbfc-470d-8a15-aab1b98687fa\PCGAppControlPluginLoader.exe
2015-02-04 07:16:04	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_23c849a2-10e3-4cd6-b285-a54e6d2ee378\PCGAppControlPluginLoader.exe
2015-02-03 21:00:05	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_70dd8245-4745-4dcb-b5a3-5bf6df8ab60c\PCGAppControlPluginLoader.exe
2015-02-03 21:00:04	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_04024d95-2736-4eba-9817-7d1c5187403a\PCGAppControlPluginLoader.exe
2015-02-03 20:39:23	1B21B1D379332490D6F2FF12CFD4DDC5	436752	----a-w-	C:\ProgramData\NVIDIA\Updatus\Download\6E71\updatus.19289113_RUNASUSER.exe
2015-02-03 14:45:36	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_b5322258-df80-4745-a4ff-c12bece13e74\PCGAppControlPluginLoader.exe
2015-02-03 14:45:18	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_2c7b0d0f-3fa4-427b-b8f7-b21dc631da78\PCGAppControlPluginLoader.exe
2015-02-03 07:05:44	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_e8dc43c6-f5e1-40c1-9c02-c4c47a6d09aa\PCGAppControlPluginLoader.exe
2015-02-03 07:05:44	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_37405596-5fe1-433b-99d3-74ff0075cc72\PCGAppControlPluginLoader.exe
2015-02-02 20:39:13	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\SkypeAppControl_ccc7219d-fb65-4102-beea-2a16c01ab59a\PCGAppControlPluginLoader.exe
2015-02-02 20:39:11	D173389F27DD1E512D0743FA4A904E33	49216	----a-w-	C:\ProgramData\Soluto\Temp\DropboxAppControl_c73a771e-e11e-4cd0-af66-e184f6fd6c84\PCGAppControlPluginLoader.exe
2015-02-02 20:07:41	2193843C5CFF1D54BB29CD5FB9962C49	434072	----a-w-	C:\ProgramData\NVIDIA\Updatus\Download\6DC3\updatus.19284438_RUNASUSER.exe
=== C: other files ==
2015-02-09 18:47:49	CE38122121C784E6380EF424637DBC3F	14130	----a-w-	C:\Program Files\Java\jre1.8.0_31\lib\deploy\ffjcext.zip
2015-02-09 08:02:56	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Antwerp\AppData\Local\Temp\{F4F774B5-3C84-4C8B-94ED-8638500FEAEB}.bat
2015-02-09 08:02:27	875E9DF77B895A8819D5CCE50895DC1F	92	----a-w-	C:\Users\Antwerp\AppData\Local\Temp\{979523C1-5F46-45A0-B84C-9684D3FBE457}.bat

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenuX"="C:\Program Files\Start Menu X\StartMenuX.exe"
"StickyPassword"="C:\Program Files (x86)\Sticky Password\stpass.exe"
"Google Update"="C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
"uTorrent"="C:\Users\Antwerp\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-309751335-345351341-2133874925-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"ACMON"="C:\Program Files (x86)\ASUS\Splendid\ACMON.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenuX"="C:\Program Files\Start Menu X\StartMenuX.exe"
"StickyPassword"="C:\Program Files (x86)\Sticky Password\stpass.exe"
"Google Update"="C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\MyDriveConnect.exe"
"uTorrent"="C:\Users\Antwerp\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"CDAServer"="C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe Reader Speed Launcher]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe Reader Speed Launcher"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Adobe\\Reader 10.0\\Reader\\Reader_sl.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppleIEDAV]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AppleIEDAV"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\AppleIEDAV.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUS Screen Saver Protector"
"hkey"="HKLM"
"command"="C:\\Windows\\AsScrPro.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.143.296\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BCSSync]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BCSSync"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Microsoft Office\\Office14\\BCSSync.exe\" /DelayServices"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner64.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Copy]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Copy"
"hkey"="HKCU"
"command"="\"C:\\Users\\Antwerp\\AppData\\Roaming\\Copy\\CopyAgent.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Antwerp\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_6016AC0B5C3A7C81F1A4FC411B2FD7EF]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_6016AC0B5C3A7C81F1A4FC411B2FD7EF"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn GUI]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn GUI"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\LogMeIn\\x64\\LogMeInSystray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\mcui_exe]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="mcui_exe"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\McAfee.com\\Agent\\mcagent.exe\" /runkey"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Sony PC Companion]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Sony PC Companion"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Sony\\Sony PC Companion\\PCCompanion.exe\" /Background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StickyPassword]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StickyPassword"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Sticky Password\\stpass.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="\"C:\\Users\\Antwerp\\AppData\\Roaming\\uTorrent\\uTorrent.exe\"  /MINIMIZED"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AsusVibeLauncher.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AsusVibeLauncher.lnk"
"backup"="C:\\Windows\\pss\\AsusVibeLauncher.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\ASUS\\AsusVibe\\ASUSVI~2.EXE /start"
"item"="AsusVibeLauncher"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Virtual Router Manager.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Virtual Router Manager.lnk"
"backup"="C:\\Windows\\pss\\Virtual Router Manager.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\Windows\\Installer\\{8DB05F7E-1F7A-4CC0-882F-375B97F04CD4}\\_E6D9769DD20AF384865041.exe /min"
"item"="Virtual Router Manager"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Antwerp^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"path"="C:\\Users\\Antwerp\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Antwerp\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup"
"item"="Dropbox"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05/02/2015 14:28]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/10/2014 11:27]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/10/2014 11:27]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-309751335-345351341-2133874925-1001Core.job --a------ C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe [02/03/2013 20:27]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-309751335-345351341-2133874925-1001UA.job --a------ C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe [02/03/2013 20:27]
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []
C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job --a------ C:\Program Files (x86)\Intel\IntelR ME FW Recovery Agent\bin\Bootstrap.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x86\QuickGesture.exe]
"C:\Windows\SysNative\tasks\ASUS Quick Gesture (x64)" [C:\Program Files (x86)\ASUS\ASUS Virtual Touch\QuickGesture\x64\QuickGesture64.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ASUS USB Charger Plus" ["C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe"]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-309751335-345351341-2133874925-1001Core" [C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-309751335-345351341-2133874925-1001UA" [C:\Users\Antwerp\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" [C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe]
"C:\Windows\SysNative\tasks\Opera scheduled Autoupdate 1405683322" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{8F6BD723-3BC5-4737-813B-50B4C63F6E6B}" ["c:\program files (x86)\google\chrome\application\chrome.exe"]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04/04/2014 11:36]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Antwerp\AppData\Roaming\Mozilla\Firefox\Profiles\fqsh540f.default
2D684F0DDF782C73847BED9503250991	- C:\Users\Antwerp\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
6C3E34E303DBDCB9F7EC1F7A7F6B1629	- C:\Users\Antwerp\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
E3B4EA121F7BDEB0F6366E2BA9608CB5	- C:\Users\Antwerp\AppData\Local\Citrix\Plugins\104\npappdetector.dll -	Citrix Online Web Deployment Plugin 1.0.0.104


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.111 (Possible outdated, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
jeaohhlajejodfjadcponpnjgkiikocn - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

BIODIGITAL HUMAN - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\agoenciogemlojlhccbcpcfflicgnaak
Ads - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aleggpabliehgbeagmfhnodcijcmbonb
Google Drive - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Google Voice Search Hotword (Beta) - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
WOT - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp
Poper Blocker - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkkbcggnhapdmkeljlodobbkopceiche
MSS+ Extension - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh
FB Emoticons - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpgpffljkgjmijjdmjbdppndoojdgboe
selector is not a valid CSS selector - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Add to Amazon Wish List - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced
TypingWeb Typing Tutor - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\clcgempicojkfhpnepfecmklndooebjk
Spotify - Music for every moment - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh
Street Racers - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\cohkjfondhjjfehnehlpmjpljpihfhfc
Tampermonkey - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo
Gmail Offline - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk
Type Scout - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\fedokkaolmkkoeedicihicdeppjjeamj
Sticky Password Autofill Engine - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ggepjhbdgijjkbelnggboeoehacbphed
Cycling the Alps - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihklobncbkangkiiamccfgnlihbmjhlh
Instant Translate - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke
IDM Integration Module - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Free online speed typing tests find whats your WPM words per minute speed improve your typing skills and practice typing. - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkcieoaeooeidmpaopkpjpjfakidlabm
Calculator - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdkgihpbaofhkiliohfepioflkkbapao
Google Drive App Launcher - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Input Tools lets you type in the language of your choice. - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mclkkofklkfljcocdinagocijmpgbhab
FastestFox for Chrome - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm
F.B. Purity - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ncdlagniojmheiklojdcpdaeepochckl
Google Wallet - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Transcribe transcribe audio/interviews fast - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogokenmicnjdfhmhocanoemnddmpcjjm
Bejeweled 3 - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\onmcdiilacdmbmeimljopoipdmjhbajo
Trust My Web - Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\oofjodnmhgadalobpkdokibpgbjfoemi
Google Voice Search Hotword (Beta) - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn
IDM Integration Module - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn
Google Wallet - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Ghostery - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\bbkekonodcdmedgffkkbgmnnekbainbg
Adguard - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia
Sticky Password Autofill Engine - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\ggepjhbdgijjkbelnggboeoehacbphed
Download Chrome Extension - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\kipjbhgniklcnglfaldilecjomjaddfi
F.B. Purity - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\ncdlagniojmheiklojdcpdaeepochckl
SaveFrom.net helper - Antwerp\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak

==== Chromium Fix ======================

C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.savefrom.net_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_en.savefrom.net_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefrom.net_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_savefrom.net_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.2mdn.net_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.2mdn.net_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.ak.facebook.com_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.thefind.com_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.thefind.com_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_eservices.base.be_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_eservices.base.be_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slickdeals.net_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_slickdeals.net_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_slickdeals.net_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsitesearch.com_0.localstorage deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.similarsitesearch.com_0.localstorage-journal deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jeaohhlajejodfjadcponpnjgkiikocn deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Internet Download Manager deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Blue Coat K9 Web Protection deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Copy deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\mcui_exe deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sony PC Companion deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Guest\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Antwerp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6INDB43V will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Antwerp\AppData\Local\Mozilla\Firefox\Profiles\fqsh540f.default\cache2 emptied successfully
C:\Users\Guest\AppData\Local\Mozilla\Firefox\Profiles\o8u4k4rr.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache will be emptied at reboot
C:\Users\Guest\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Antwerp\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=317 folders=46 55216887 bytes)

==== Empty Temp Folders ======================

C:\Users\Antwerp\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Antwerp\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_0" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_1" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_2" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_3" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_4" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\data_5" deleted
"C:\Users\Antwerp\AppData\Local\Opera Software\Opera Stable\Cache\index" deleted
"C:\Program Files (x86)\Internet Download Manager"  not found
"C:\PROGRA~2\Internet Download Manager"  not found
"C:\Users\Antwerp\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6INDB43V" not found

==== EOF on ma 09/02/2015 at 20:46:58,19 ======================