
Zoek.exe Version 4.0.0.5 Updated 14-November-2013
Tool run by Carl on di 19-11-2013 at 20:31:55,09.
Microsoft Windows 7 Professional  6.1.7600  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Carl\Desktop\zoek\zoek.exe [Script inserted] [Checkboxes used]

==== System Restore Info ======================

19-11-2013 20:33:29 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Carl\AppData\Roaming\Wave Systems Corp deleted successfully
C:\Users\Carl\AppData\Local\Acer PowerSaver deleted successfully
C:\Users\Carl\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully
HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Partner Service deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partner Service deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 

==== Deleting Files \ Folders ======================

C:\ProgramData\Partner deleted
"C:\Users\Carl\AppData\Local\WavXMapDrive.bat" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2013-11-19 23:18:20	6FBB766EB79F9EED3684194EEAF838DF	11453	----a-w-	C:\Windows\ChangeLang_Done.tag
2013-11-19 14:33:01	E4DCB0E98F697ADEAF54294B98E5B432	831488	----a-w-	C:\Windows\RtlExUpd.dll
2013-11-19 14:29:43	1767A50EC75EFFCA6D15A64A712D521B	32578	----a-w-	C:\Windows\ATIDetect.txt
====== C:\Users\Carl\AppData\Local\Temp ====
2013-11-19 15:21:40	9D7C72D189CBE55D24F5312F17D8B56F	509552	----a-w-	C:\Users\Carl\AppData\Local\Temp\Low\Google Toolbar\gtb2656.tmp.exe
====== C:\Windows\system32 =====
2013-11-19 23:16:05	B7B191D209DB9CA3428846EB72B20F29	154956	----a-w-	C:\Windows\System32\perfc013.dat
2013-11-19 23:16:05	4615E407D239B6D02B274DA6C4F987C9	749314	----a-w-	C:\Windows\System32\perfh013.dat
2013-11-19 23:16:05	2BCC97CF89164E6AB9C6F583B2A0C8E5	43068	----a-w-	C:\Windows\System32\perfd013.dat
2013-11-19 23:16:05	099814DA329A976F8E2DBE5EC3F073D0	341322	----a-w-	C:\Windows\System32\perfi013.dat
2013-11-19 23:10:14	FD0258EC51FD9B7A8C62810B822F8093	14848	----a-w-	C:\Windows\System32\vpchbuspipe.dll
2013-11-19 23:10:14	EE22B2FA68EDCE69358DEC69F0B5FABE	3329536	----a-w-	C:\Windows\System32\vpc.exe
2013-11-19 23:10:14	ED9178210E11FF24392395EAF54987B9	1002496	----a-w-	C:\Windows\System32\VMWindow.exe
2013-11-19 23:10:14	E18BF6343FC3B373FB5722AEFFDD9E4F	2169856	----a-w-	C:\Windows\System32\VPCWizard.exe
2013-11-19 23:10:14	7567CAD694545CEF70414443F1F2ED6D	793600	----a-w-	C:\Windows\System32\vmsal.exe
2013-11-19 23:10:14	58515DEEB011DD1B9636F6F81431C390	559616	----a-w-	C:\Windows\System32\VMCPropertyHandler.dll
2013-11-19 23:10:14	1377867A789482C672BB005DC3BEF144	1260032	----a-w-	C:\Windows\System32\VPCSettings.exe
2013-11-19 15:01:51	F0868AE44C7D9492B209288E4B60A5FD	29480	----a-w-	C:\Windows\System32\msxml3a.dll
2013-11-19 14:57:17	E4907CC7E2E8E3F268C714ADC834FF3E	22016	----a-w-	C:\Windows\System32\TSP1.dll
2013-11-19 14:56:09	79BBBAF998CD574B25CA75071C68DA6B	143360	----a-w-	C:\Windows\System32\bioapi_mds300.dll.bak
2013-11-19 14:56:09	79BBBAF998CD574B25CA75071C68DA6B	143360	----a-w-	C:\Windows\System32\bioapi_mds300.dll
2013-11-19 14:56:09	316C7D3A5EDF47C602A35CF4AAB606A9	106496	----a-w-	C:\Windows\System32\bioapi100.dll.bak
2013-11-19 14:56:09	316C7D3A5EDF47C602A35CF4AAB606A9	106496	----a-w-	C:\Windows\System32\bioapi100.dll
2013-11-19 14:40:22	AC843F4A4825F7C7711A8CDA512AD777	14714	----a-w-	C:\Windows\System32\results.xml
2013-11-19 14:40:00	F7B80F83BFA4748214BFF9366A8BC7C9	398336	----a-w-	C:\Windows\System32\TVWizudlg.exe
2013-11-19 14:40:00	48BA23373D43BDCD0CEAC891AF7B7226	121232	----a-w-	C:\Windows\System32\IScrNB.bmp
2013-11-19 14:40:00	27C77C5B75032FB0D55E52887BC87BDE	140288	----a-w-	C:\Windows\System32\igfxtvcx.dll
2013-11-19 14:33:02	E5639080A7FFA5F03642F4D4CDB1E9CE	339968	----a-w-	C:\Windows\System32\SRSTSXT.dll
2013-11-19 14:33:02	E067361E60FCAE24790B88135895F3C8	135168	----a-w-	C:\Windows\System32\SRSWOW.dll
2013-11-19 14:33:02	D77D08FE03362C426079D9344657484B	1528864	----a-w-	C:\Windows\System32\RtkPgExt.dll
2013-11-19 14:33:02	D175A215DF2ECC0D3B3AFBDFFEAE4087	167936	----a-w-	C:\Windows\System32\SRSHP360.dll
2013-11-19 14:33:02	C79B776CFE784A745CB6BDF2D17169B2	348160	----a-w-	C:\Windows\System32\RTEEP32A.dll
2013-11-19 14:33:02	BA21C4B843B4B1DD787A660E17589F4D	185776	----a-w-	C:\Windows\System32\SRSTSHD.dll
2013-11-19 14:33:02	9D0592681978DE7928AAFC703231A10D	551456	----a-w-	C:\Windows\System32\RTSndMgr.cpl
2013-11-19 14:33:02	9BF8BC576BF94A7EF80D71A34E270171	346656	----a-w-	C:\Windows\System32\RtkApoApi.dll
2013-11-19 14:33:02	8DDF80959676FE4BA993FB844D4F2BB9	73216	----a-w-	C:\Windows\System32\RTEEL32A.dll
2013-11-19 14:33:02	86C8CBB806D3F668AA3E82554BB1AD9A	55328	----a-w-	C:\Windows\System32\RtkCoInst.dll
2013-11-19 14:33:02	719B9D7F20279979F8F06B4A546F97E1	59392	----a-w-	C:\Windows\System32\RTEEG32A.dll
2013-11-19 14:33:02	2EFE73B70AFD33D3352789D186A2BB8A	165376	----a-w-	C:\Windows\System32\RTEED32A.dll
2013-11-19 14:33:02	0BA12A71064602D78C1EB642BE82084D	2795552	----a-w-	C:\Windows\System32\RtkAPO.dll
2013-11-19 14:33:02	0640026E67033DDD7B841F8A84980147	1777664	----a-w-	C:\Windows\System32\WavesLib.dll
2013-11-19 14:33:01	E632610FCED015F420C445F4E76A978E	290816	----a-w-	C:\Windows\System32\FMAPO.dll
2013-11-19 14:33:01	C8D30EA2E09EB35B2741CA2F7A93249E	142848	----a-w-	C:\Windows\System32\AERTACap.dll
2013-11-19 14:33:01	BF552612D85456F964B163293350B79B	306176	----a-w-	C:\Windows\System32\MaxxAudioAPO20.dll
2013-11-19 14:33:01	7E2B73200E4169AED13F955A62FC8D47	290304	----a-w-	C:\Windows\System32\RP3DHT32.dll
2013-11-19 14:33:01	7458B8F9AC005CA29BCD6C133B2E4DF4	1933312	----a-w-	C:\Windows\System32\MaxxAudioEQ.dll
2013-11-19 14:33:01	6DFB7FB4BF8BC0EFBD2786261E732888	125952	----a-w-	C:\Windows\System32\AERTARen.dll
2013-11-19 14:33:01	26AE7FE6953D584D349A91A72849A771	126976	----a-w-	C:\Windows\System32\MaxxAudioAPO.dll
2013-11-19 14:33:01	0FE8E6440F9CFD5F32BB0BDDE4347A55	290304	----a-w-	C:\Windows\System32\RP3DAA32.dll
====== C:\Windows\system32\drivers =====
2013-11-19 23:10:14	625088D6EE9EDE977FD03CF18D1CD5C5	78336	----a-w-	C:\Windows\System32\drivers\vpcusb.sys
2013-11-19 23:10:14	5F04362CEB5FB5901037E9D9EADD3760	55040	----a-w-	C:\Windows\System32\drivers\vpcnfltr.sys
2013-11-19 23:10:14	5ED378D91E32134F3C0B3810860FFD71	294912	----a-w-	C:\Windows\System32\drivers\vpcvmm.sys
2013-11-19 23:10:14	33E74DF34753FCAAB06F6F2BDC8CABF5	165376	----a-w-	C:\Windows\System32\drivers\vpchbus.sys
2013-11-19 18:26:18	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-11-19 14:33:02	7CB41A5E5C24F9F50E6533693E2BB74D	2807392	----a-w-	C:\Windows\System32\drivers\RTKVHDA.sys
====== C:\Windows\Tasks ======
2013-11-19 14:41:07	1198DCDEBD0C046FE7A1D87E579E7657	3682	----a-w-	C:\Windows\system32\Tasks\McDefragTask
2013-11-19 14:41:07	0CD42BE1BCFBC16111F43444129AF209	342	----a-w-	C:\Windows\Tasks\McDefragTask.job
2013-11-19 14:41:06	CD74E8436BB53544CD0175DC07A85BD8	320	----a-w-	C:\Windows\Tasks\McQcTask.job
2013-11-19 14:41:06	622BEB42B1B8B253E5C850FA05CE4C19	3746	----a-w-	C:\Windows\system32\Tasks\McQcTask
====== C:\Windows\Temp ======
======= C:\Program Files =====
2013-11-19 23:10:25	--------	d-----w-	C:\Program Files\Windows Virtual PC
2013-11-19 17:30:11	--------	d-----w-	C:\Program Files\VoipBuster.com
2013-11-19 16:58:37	--------	d-----w-	C:\Program Files\trend micro
2013-11-19 15:06:04	--------	d-----w-	C:\Program Files\Microsoft Small Business
2013-11-19 15:03:30	--------	d-----w-	C:\Program Files\Microsoft SQL Server
2013-11-19 15:02:32	--------	d-----w-	C:\Program Files\Common Files\CyberLink
2013-11-19 15:02:07	--------	d-----w-	C:\Program Files\CyberLink
2013-11-19 14:56:31	--------	d-----w-	C:\Program Files\Fingerprint Sensor
2013-11-19 14:55:39	--------	d-----w-	C:\Program Files\Wave Systems Corp
2013-11-19 14:53:04	--------	d-----w-	C:\Program Files\Microsoft Visual Studio 8
2013-11-19 14:49:35	--------	d---a-w-	C:\Program Files\Virtual Windows XP
2013-11-19 14:40:28	--------	d-----w-	C:\Program Files\Acer Accessory Store
2013-11-19 14:33:01	--------	d--h--w-	C:\Program Files\Temp
2013-11-19 14:33:01	--------	d-----w-	C:\Program Files\Realtek
2013-11-19 14:32:59	--------	d-----w-	C:\Program Files\Common Files\InstallShield
2013-11-19 14:28:39	--------	d-----w-	C:\Program Files\Common Files\Intel
======= C: =====
====== C:\Users\Carl\AppData\Roaming ======
2013-11-19 17:30:15	--------	d-----w-	C:\Users\Carl\AppData\Roaming\VoipBuster
2013-11-19 17:29:57	--------	d-----w-	C:\Users\Carl\AppData\Local\Programs
2013-11-19 15:21:19	--------	d-----w-	C:\Users\Carl\AppData\Roaming\Adobe
2013-11-19 15:21:11	--------	d-----w-	C:\Users\Carl\AppData\Locallow\Google
2013-11-19 15:21:09	--------	d-----w-	C:\Users\Carl\AppData\Roaming\Google
2013-11-19 15:21:08	--------	d-----w-	C:\Users\Carl\AppData\Local\Google
2013-11-19 15:19:50	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Carl\AppData\Local\WavXMapDrive.bat
2013-11-19 14:57:23	--------	d-----w-	C:\Users\Carl\AppData\Local\Wave Systems Corp
2013-11-19 14:52:32	--------	d-----w-	C:\Users\Carl\AppData\Local\Microsoft Help
2013-11-19 14:48:45	--------	d-----r-	C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-19 14:48:45	--------	d-----r-	C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-11-19 14:48:36	--------	d-----w-	C:\Users\Carl\AppData\Roaming\Identities
2013-11-19 14:41:14	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2013-11-19 14:40:50	A2DEBA93AC5DCF66C85DD3D210FB7CE0	111344	----a-w-	C:\Users\Carl\AppData\Local\GDIPFONTCACHEV1.DAT
2013-11-19 14:40:40	--------	d-s---w-	C:\Users\Carl\AppData\Locallow\Microsoft
2013-11-19 14:39:44	--------	d-s---w-	C:\Users\Carl\AppData\Roaming\Microsoft
2013-11-19 14:39:44	--------	d-----w-	C:\Users\Carl\AppData\Roaming\Media Center Programs
2013-11-19 14:39:44	--------	d-----w-	C:\Users\Carl\AppData\Local\Temp
2013-11-19 14:39:44	--------	d-----w-	C:\Users\Carl\AppData\Local\Microsoft
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-11-19 14:39:08	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2013-11-19 14:32:58	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Local\Programs
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
====== C:\Users\Carl ======
2013-11-19 23:10:25	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Virtual PC
2013-11-19 18:25:47	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Carl\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-19 17:30:12	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VoipBuster
2013-11-19 17:29:31	E52EB4B5BB8F8A07C27207A38B3BECAF	6831984	----a-w-	C:\Users\Carl\Downloads\setupVoipBuster.exe
2013-11-19 16:57:57	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Carl\Desktop\RSIT.exe
2013-11-19 15:05:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2005
2013-11-19 15:02:39	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 8
2013-11-19 15:01:41	--------	d-----w-	C:\ProgramData\Temp
2013-11-19 14:55:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Beveiliging door Wave Systems
2013-11-19 14:55:14	--------	d-----w-	C:\ProgramData\Wave Systems Corp
2013-11-19 14:49:01	--------	d---a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AcerSystem
2013-11-19 14:48:45	--------	d-----r-	C:\Users\Carl\Virtual Machines
2013-11-19 14:48:45	--------	d-----r-	C:\Users\Carl\Searches
2013-11-19 14:48:33	--------	d-----r-	C:\Users\Carl\Contacts
2013-11-19 14:39:45	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Carl\ntuser.ini
2013-11-19 14:39:44	--------	d--h--w-	C:\Users\Carl\AppData
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Videos
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Saved Games
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Pictures
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Music
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Links
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Favorites
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Downloads
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Documents
2013-11-19 14:39:44	--------	d-----r-	C:\Users\Carl\Desktop
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Virtual Machines
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Videos
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Searches
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Saved Games
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Pictures
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Music
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Links
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Favorites
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Downloads
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Documents
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Desktop
2013-11-19 14:32:58	--------	d-----r-	C:\Windows\system32\config\systemprofile\Contacts
2013-11-19 14:28:40	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel

====== C: exe-files ==
2013-11-19 23:10:14	EE22B2FA68EDCE69358DEC69F0B5FABE	3329536	----a-w-	C:\Windows\System32\vpc.exe
2013-11-19 23:10:14	ED9178210E11FF24392395EAF54987B9	1002496	----a-w-	C:\Windows\System32\VMWindow.exe
2013-11-19 23:10:14	E18BF6343FC3B373FB5722AEFFDD9E4F	2169856	----a-w-	C:\Windows\System32\VPCWizard.exe
2013-11-19 23:10:14	7567CAD694545CEF70414443F1F2ED6D	793600	----a-w-	C:\Windows\System32\vmsal.exe
2013-11-19 23:10:14	1377867A789482C672BB005DC3BEF144	1260032	----a-w-	C:\Windows\System32\VPCSettings.exe
2013-11-19 18:25:47	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Carl\Downloads\mbam-setup-1.75.0.1300.exe
2013-11-19 17:30:11	ECE1995CDB12079FF51BD92415A80C90	1221399	----a-w-	C:\Program Files\VoipBuster.com\VoipBuster\unins000.exe
2013-11-19 17:30:11	CE9FA29E2D7A9F3CDE913EDA6EB84F6C	19569472	----a-w-	C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe
2013-11-19 17:29:31	E52EB4B5BB8F8A07C27207A38B3BECAF	6831984	----a-w-	C:\Users\Carl\Downloads\setupVoipBuster.exe
2013-11-19 16:58:38	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Carl.exe
2013-11-19 16:57:57	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Carl\Desktop\RSIT.exe
2013-11-19 15:21:40	9D7C72D189CBE55D24F5312F17D8B56F	509552	----a-w-	C:\Users\Carl\AppData\Local\Temp\Low\Google Toolbar\gtb2656.tmp.exe
2013-11-19 15:02:43	07F9B39AB7D6CF3DE214362B126E6149	316712	----a-w-	C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\SETUP.EXE
2013-11-19 15:01:41	92405A3EEB9D74DB7CCFBF32CC720176	53319	----a-w-	C:\ProgramData\Temp\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\PostBuild.exe
2013-11-19 15:00:25	DBAD0A4635DE835596FDB17620808543	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{53333479-6A52-4816-8497-5C52B67ED339}\setup.exe
2013-11-19 14:59:53	784D5E2CA55305108FAA6BC0A49D08D8	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{E738A392-F690-4A9D-808E-7BAF80E0B398}\setup.exe
2013-11-19 14:59:27	9C9A886630031979BD70913BC7370EC2	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{D1E829E9-88B8-47C6-A75E-0D40E2C09D50}\setup.exe
2013-11-19 14:59:03	925CE9B2F1CECAD213E1C2810F92C5D9	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{0B0A2153-58A6-4244-B458-25EDF5FCD809}\setup.exe
2013-11-19 14:58:34	AB2F8484D1244AEC69B934470AC215B6	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{51AE9E42-640D-4C14-A9B6-43F64AA4E3E2}\setup.exe
2013-11-19 14:57:59	C059CD242898182A1760EB395022DCD1	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{131A2659-99A9-4A89-B012-22A898EAE9DA}\setup.exe
2013-11-19 14:55:52	D20C47AA9A6952987895926A44C14569	2020664	----a-w-	C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\Installer.exe
2013-11-19 14:55:52	9DE10DD6102130E32AA49AD02C83218E	40960	----a-w-	C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\infra_clean.exe
2013-11-19 14:55:52	9D204FD59EE5C3E600989974D3D5B950	319488	----a-w-	C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\Configure.exe
2013-11-19 14:55:52	71840DD6960EF0DA793B5D2338BB502C	77312	----a-w-	C:\Windows\Downloaded Installations\{ABBA2EA4-740E-4052-902B-9CA70B081E3F}\devFind.exe
2013-11-19 14:55:45	263A01309B91C0A7D175E20884661CC0	311296	----a-w-	C:\Program Files\InstallShield Installation Information\{07D618CD-B016-438A-ADC9-A75BD23F85CE}\setup.exe
2013-11-19 14:41:08	FA7DE905835669BCB7C7245552F99A43	316312	----a-w-	C:\Windows\Temp\0322751384872068mcinst.exe
2013-11-19 14:40:28	4FEDD1B12D0AA7B5782D4BF7A9700939	29728	----a-w-	C:\Program Files\Acer Accessory Store\StartURL.exe
2013-11-19 14:40:00	F7B80F83BFA4748214BFF9366A8BC7C9	398336	----a-w-	C:\Windows\System32\TVWizudlg.exe
2013-11-19 14:40:00	8EF149A92751B6DDB723EECE8B240674	2768896	----a-w-	C:\Program Files\Intel\TVWiz10f\TVWizard.exe
2013-11-19 14:39:59	71298D2F8C1D9E8EFBF787FB82BCF0E8	2647552	----a-w-	C:\Program Files\Intel\TVWiz2ft\TvWizard2ft.exe
2013-11-19 14:33:15	D04A60CB15FB84CAC3787B97446C8127	1489440	----a-w-	C:\Program Files\Realtek\Audio\InstallShield\Rtkupd.exe
2013-11-19 14:33:02	F64849B03789E250BBABAA620288FCB5	358944	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\vncutil.exe
2013-11-19 14:33:02	F64849B03789E250BBABAA620288FCB5	358944	------w-	C:\Program Files\Realtek\Audio\HDA\vncutil.exe
2013-11-19 14:33:02	F5D10840950B25B2AD9603DF0A8273E0	8092192	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\RtHDVCpl.exe
2013-11-19 14:33:02	F5D10840950B25B2AD9603DF0A8273E0	8092192	------w-	C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
2013-11-19 14:33:02	D04A60CB15FB84CAC3787B97446C8127	1489440	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\RtlUpd.exe
2013-11-19 14:33:02	D04A60CB15FB84CAC3787B97446C8127	1489440	------w-	C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe
2013-11-19 14:33:02	D04A60CB15FB84CAC3787B97446C8127	1489440	------w-	C:\Program Files\Realtek\Audio\Drivers\RtlUpd.exe
2013-11-19 14:33:02	8C540E29D96910A8B36746320C5ACC3F	674336	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\RtHDVBg.exe
2013-11-19 14:33:02	8C540E29D96910A8B36746320C5ACC3F	674336	------w-	C:\Program Files\Realtek\Audio\HDA\RtHDVBg.exe
2013-11-19 14:33:02	82FE3247DD385219512C92C84E71E430	133664	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\RtkAudioService.exe
2013-11-19 14:33:02	82FE3247DD385219512C92C84E71E430	133664	------w-	C:\Program Files\Realtek\Audio\HDA\RtkAudioService.exe
2013-11-19 14:33:02	07EEE1003A453E74D9C6010300ADFFD6	1833504	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\SkyTel.exe
2013-11-19 14:33:02	07EEE1003A453E74D9C6010300ADFFD6	1833504	------w-	C:\Program Files\Realtek\Audio\HDA\SkyTel.exe
2013-11-19 14:33:01	7A841462AD4749F8A07B27AE8E8947B8	81920	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\AERTSrv.exe
2013-11-19 14:33:01	7A841462AD4749F8A07B27AE8E8947B8	81920	------w-	C:\Program Files\Realtek\Audio\HDA\AERTSrv.exe
2013-11-19 14:33:01	49B3D2077199C44C1F3BBB16B4094AE6	121064	----a-w-	C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe
2013-11-19 14:33:00	D87A2C80695F22C428BD4A64291D45E3	5632	----a-w-	C:\Program Files\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe
2013-11-19 14:28:40	956AB4ABE6D814857402274049D63131	510464	----a-w-	C:\Program Files\Intel\Intel Control Center\IntelControlCenter.exe
2013-11-19 14:28:40	8F51B10A4430AE42ABD14FF0E206BAE0	809496	----a-w-	C:\Program Files\Intel\Intel Control Center\Uninstaller\SetupICC.exe
2013-11-19 14:28:39	81367DD41FE11AD26EEF30D8229A472E	764440	----a-w-	C:\Program Files\Intel\Intel(R) Graphics Media Accelerator Driver\uninstall\Setup.exe
=== C: other files ==
2013-11-19 23:14:59	DD8B5F63475C12CB58928ECF2CE49F00	81922	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prnmngr.vbs
2013-11-19 23:14:59	BE3CAFFC29EA4AA95223820FDE895A4D	70444	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prnjobs.vbs
2013-11-19 23:14:59	B31692B8E5973B3CFD9E869B2DC0AA7C	52506	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prndrvr.vbs
2013-11-19 23:14:59	9A6975698B3B3123B0F17CEDAA958D8B	106640	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prncnfg.vbs
2013-11-19 23:14:59	7A1649C295C8A84462A9C0DE4FD35889	57516	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prnport.vbs
2013-11-19 23:14:59	6A5715017741BF56029F6D29471EC62C	7466	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\pubprn.vbs
2013-11-19 23:14:59	30C9CE82DD57D90AA4B899C5F9DB60D9	51788	----a-w-	C:\Windows\System32\Printing_Admin_Scripts\nl-NL\prnqctl.vbs
2013-11-19 23:10:14	F49C0D1F8DAE860EE47E5F34AC0F6008	12800	----a-w-	C:\Windows\System32\DriverStore\FileRepository\vpcuxd.inf_x86_neutral_e8ba01fbe07eba73\vpcuxd.sys
2013-11-19 23:10:14	625088D6EE9EDE977FD03CF18D1CD5C5	78336	----a-w-	C:\Windows\System32\DriverStore\FileRepository\vpcusb.inf_x86_neutral_7ac717ebd0e9f321\vpcusb.sys
2013-11-19 23:10:14	625088D6EE9EDE977FD03CF18D1CD5C5	78336	----a-w-	C:\Windows\System32\drivers\vpcusb.sys
2013-11-19 23:10:14	5F04362CEB5FB5901037E9D9EADD3760	55040	----a-w-	C:\Windows\System32\drivers\vpcnfltr.sys
2013-11-19 23:10:14	5ED378D91E32134F3C0B3810860FFD71	294912	----a-w-	C:\Windows\System32\drivers\vpcvmm.sys
2013-11-19 23:10:14	33E74DF34753FCAAB06F6F2BDC8CABF5	165376	----a-w-	C:\Windows\System32\DriverStore\FileRepository\wvpchbus.inf_x86_neutral_d5224e02c0dedaa2\vpchbus.sys
2013-11-19 23:10:14	33E74DF34753FCAAB06F6F2BDC8CABF5	165376	----a-w-	C:\Windows\System32\drivers\vpchbus.sys
2013-11-19 18:26:18	4470E3C1E0C3378E4CAB137893C12C3A	22856	----a-w-	C:\Windows\System32\drivers\mbam.sys
2013-11-19 15:19:50	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Carl\AppData\Local\WavXMapDrive.bat
2013-11-19 14:48:26	AD320031EBA375AC311F02451BAD6214	71	----a-w-	C:\Windows\OOBEOffer\OOBEOffer\res\Run\runBat.bat
2013-11-19 14:33:02	7CB41A5E5C24F9F50E6533693E2BB74D	2807392	----a-w-	C:\Windows\System32\DriverStore\FileRepository\hdart.inf_x86_neutral_b95248914b096303\RTKVHDA.sys
2013-11-19 14:33:02	7CB41A5E5C24F9F50E6533693E2BB74D	2807392	----a-w-	C:\Windows\System32\drivers\RTKVHDA.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2363558618-3587140998-43387575-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Global Registration"="C:\Program Files\Acer\Registration\GREG.exe BOOT"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"VoipBuster"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BackupManagerTray"="C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"AutoLockProcess"="C:\Program Files\Acer\Empowering Technology\eLock\autolockprocess\autolockprocess.exe"
"Acer PowerSaver"="C:\Program Files\Acer\Acer PowerSaver\PowerSaverTray.exe"
"Acer SmartBoot"="C:\Program Files\Acer\Acer SmartBoot\ASLTray.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NortonOnlineBackupReminder"="C:\Program Files\Symantec\Norton Online Backup\Activation\NobuActivation.exe UNATTENDED"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"mcagent_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"
"WavXMgr"="C:\Program Files\Wave Systems Corp\Services Manager\Docmgr\bin\WavXDocMgr.exe"
"SecureUpgrade"="C:\Program Files\Wave Systems Corp\SecureUpgrade.exe"
"EmbassySecurityCheck"=";C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe"
"RemoteControl8"="C:\Program Files\CyberLink\PowerDVD8\PDVD8Serv.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Global Registration"="C:\Program Files\Acer\Registration\GREG.exe BOOT"
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"VoipBuster"="C:\Program Files\VoipBuster.com\VoipBuster\VoipBuster.exe -nosplash -minimized"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\McDefragTask.job --a------ [Undetermined Task]
C:\Windows\tasks\McQcTask.job --a------ C:\PROGRA1\mcafee\mqc\QcConsol.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\McDefragTask" [c:\PROGRA~1\mcafee\mqc\QcConsol.exe]
"C:\Windows\system32\tasks\McQcTask" [c:\PROGRA~1\mcafee\mqc\QcConsol.exe]
"C:\Windows\system32\tasks\Recovery Management\Burn Notification" [C:\Program Files\Acer\Acer eRecovery Management\NotificationCenter\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{B7082FAA-CB62-4872-9106-E42DD88EDE45}"="C:\Program Files\McAfee\SiteAdvisor" [19-11-2013 15:41]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.nl/"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=veriton_m275&r=17051113r806pe415u245z4654r44r"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=veriton_m275&r=17051113r806pe415u245z4654r44r"
"Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&m=veriton_m275&r=17051113r806pe415u245z4654r44r"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_nlNL563"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYSGLK0T will be deleted at reboot
C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Carl\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Carl\AppData\Local\WavXMapDrive.bat"  not found
"C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Carl\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SYSGLK0T" not found

==== EOF on di 19-11-2013 at 20:45:32,17 ======================