
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Jan Wesdijk on do 24-04-2014 at 15:38:26,50.
Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Jan Wesdijk\Bureaublad\zoek (1).exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-04-24-132731.log	39454 bytes

==== Policies Found ======================

DisableRegistryTools Found -> PUM - Fixed

==== Empty Folders Check ======================

C:\Program Files\PlurPush deleted successfully
C:\Program Files\Common Files\Blizzard Entertainment deleted successfully
C:\Program Files\Common Files\Symantec Shared deleted successfully
C:\Documents and Settings\Jan Wesdijk\Menu Start\Programma's\GamersFirst deleted successfully
C:\DOCUME~1\ALLUSE~1\APPLIC~1\Media Get LLC deleted successfully
C:\Documents and Settings\Jan Wesdijk\Application Data\Publish Providers deleted successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\MediaGet2 deleted successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Unity deleted successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7f232128-6f42-4f37-8efe-2e6020b2d478}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C9C42510-9B41-42c1-9DCD-7282A2D07C61}C] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"WindowsUpdate"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastSvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AvastUI.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avconfig.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgcsrvx.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgidsagent.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgnt.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgrsx.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgui.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avgwdsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avscan.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccuac.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ComboFix.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\elogsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\instup.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keyscrambler.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamgui.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbampt.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamscheduler.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbamservice.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nhs.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Njeeves.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nnf.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Nprosec.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nvoy.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rstrui.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\scheduler.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wireshark.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Zanda.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlclient.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlhh.exe] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Shell"="explorer.exe"

==== Deleting Files \ Folders ======================

C:\Program Files\Spring Smart not found
C:\Program Files\BearShare Applications not found
C:\found.000 not found
C:\Program Files\PlurPush not found
C:\Documents and Settings\Jan Wesdijk\Application Data\Systweak not found

==== Files Found In C:\Documents and Settings\Jan Wesdijk\Application Data\A82XcgxW ======================

2014-04-24 13:28:15	919	----a-w-	3C926F0CAA8676CA753FE22388E7A821	C:\Documents and Settings\Jan Wesdijk\Application Data\A82XcgxW\MGCvRNf.exe.lnk

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\DOCUME~1\JANWES~1\LOCALS~1\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2014-04-23 14:00:19	FF5E1F27193CE51EEC318714EF038BEF	56320	----a-w-	C:\WINDOWS\System32\ie4uinitSrv.exe
2014-04-21 19:04:56	!HASH: COULD NOT OPEN FILE !!!!!	266752	--sha-r-	C:\WINDOWS\System32\Microsoft.com
2014-04-18 06:21:45	DAB02E4C509EBAA96C6F3BFABCCF37F9	145408	----a-w-	C:\WINDOWS\System32\javacpl.cpl
2014-04-18 06:21:45	6EA69D2312F3571F6F8BEADD224165E8	264616	----a-w-	C:\WINDOWS\System32\javaws.exe
2014-04-18 06:21:39	B42338F92D3BDADA79B6BE553E72587C	94632	----a-w-	C:\WINDOWS\System32\WindowsAccessBridge.dll
2014-04-18 06:21:39	9533FE0A942E00114047140B42DF8E3D	175016	----a-w-	C:\WINDOWS\System32\java.exe
2014-04-18 06:21:39	37C15684482B4D596316735DCEEE939A	175528	----a-w-	C:\WINDOWS\System32\javaw.exe
====== C:\WINDOWS\system32\drivers =====
2014-04-21 20:27:46	B9F5C797EBBF55ADCCDD8539A65A0241	8	----a-w-	C:\WINDOWS\System32\drivers\mconfig.sys
2014-04-19 08:54:07	25571D8C71B8BEFB1CDB049A4F11FCAC	26084	----a-w-	C:\WINDOWS\System32\drivers\RTAIODAT.DAT
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-04-23 19:00:57	--------	d-----w-	C:\Program Files\trend micro
2014-04-22 18:44:52	--------	d-----w-	C:\Program Files\TeamViewer
2014-04-21 20:09:45	--------	d-----w-	C:\Program Files\Microsoft
2014-04-21 19:04:38	--------	d-sh--w-	C:\Program Files\Windows Manager
2014-04-19 08:31:43	--------	d-----w-	C:\Program Files\foobar2000
2014-04-04 19:00:28	--------	d-----w-	C:\Program Files\Goat Simulator
======= C: =====
====== C:\Documents and Settings\Jan Wesdijk\Application Data ======
2014-04-21 21:41:19	19ADE4F498D4556A31F3A86244559D71	134	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\fusioncache.dat
2014-04-21 21:41:19	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\ApplicationHistory
2014-04-21 19:39:13	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\DynamicPricer
2014-04-21 19:04:26	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Application Data\A82XcgxW
2014-04-21 18:56:17	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Orbitum
2014-04-20 14:02:10	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai
2014-04-19 08:31:49	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\Application Data\foobar2000
====== C:\Documents and Settings\Jan Wesdijk ======
2014-04-23 15:21:27	D10D2FEFCE01DEA2DA6728333A6FAB90	11335	----a-w-	C:\Documents and Settings\Warrock EU\WR_Privacy Policy.txt
2014-04-23 15:21:27	2A17FB34390E62063A773CEBD38CAA17	17177	----a-w-	C:\Documents and Settings\Warrock EU\WR_EULA.txt
2014-04-23 15:21:27	257B0070BE47948BEA1609539FC0922B	27108	----a-w-	C:\Documents and Settings\Warrock EU\WR_TOU.txt
2014-04-23 15:21:26	FA8CA9919B361D112FAE100781F94D36	1455616	----a-w-	C:\Documents and Settings\Warrock EU\WRLauncher.exe
2014-04-23 15:21:26	BF72FE25C810570DE127AAA94F7E8053	135	----a-w-	C:\Documents and Settings\Warrock EU\version.cfg
2014-04-23 15:21:26	A3F10D8892D037894139389288782992	108079	----a-w-	C:\Documents and Settings\Warrock EU\uninstall.exe
2014-04-23 15:21:26	2D42FD59CE59D5B911005078F5C9B055	766	----a-w-	C:\Documents and Settings\Warrock EU\WarRock.ico
2014-04-23 15:21:26	28F02F84D6480D7250B0E656E8C6A174	1697	----a-w-	C:\Documents and Settings\Warrock EU\WarRock.ini
2014-04-23 15:21:26	099CAB127D6993502C774355EB6DFCF7	10479240	----a-w-	C:\Documents and Settings\Warrock EU\WRUpdater.exe
2014-04-23 15:17:35	CB91AE7B408933654DC409F96A573A69	198088	----a-w-	C:\Documents and Settings\Warrock EU\system\VxPortManager.dll
2014-04-23 15:17:35	9A2FD4F0C4514A3105F78613DB65483B	151552	----a-w-	C:\Documents and Settings\Warrock EU\system\VivoxWrap.dll
2014-04-23 15:17:35	932832C906ABE458B539B14255B4CC0B	3127778	----a-w-	C:\Documents and Settings\Warrock EU\system\WarRock.exe
2014-04-23 15:17:35	86C93789E9006F1AC47ED9DD47D4C8A1	251672	----a-w-	C:\Documents and Settings\Warrock EU\system\xactengine2_5.dll
2014-04-23 15:17:35	74EF574F2155BFE39FD8C09AD887F195	475136	----a-w-	C:\Documents and Settings\Warrock EU\system\wrap_oal.dll
2014-04-23 15:17:35	191D12C5E7E84C818E94632A39310D10	640456	----a-w-	C:\Documents and Settings\Warrock EU\system\VxRTCCORE.dll
2014-04-23 15:17:35	121B131EAA369D8F58DACC5C39A77D80	15128	----a-w-	C:\Documents and Settings\Warrock EU\system\x3daudio1_1.dll
2014-04-23 15:17:35	007BADDEAFB4D74CE754EB753F710F30	267720	----a-w-	C:\Documents and Settings\Warrock EU\system\Vxc.dll
2014-04-23 15:17:35	--------	d-----w-	C:\Documents and Settings\Warrock EU\texture
2014-04-23 15:17:34	F0A06BD3D354C14F014B4E1AE05430F2	200704	----a-w-	C:\Documents and Settings\Warrock EU\system\vivoxplatform.dll
2014-04-23 15:17:34	BBD434C5E460A7339174CFA1DF408A18	1943368	----a-w-	C:\Documents and Settings\Warrock EU\system\nmconew.dll
2014-04-23 15:17:34	A977B2B724FAEBF27681FD5FC78E9A07	432128	----a-w-	C:\Documents and Settings\Warrock EU\system\mss32.dll
2014-04-23 15:17:34	85A5DBA7368F9747F6D1E1F54962A387	382792	----a-w-	C:\Documents and Settings\Warrock EU\system\nmcogame.dll
2014-04-23 15:17:34	76C0CB098970178C0A90722090458B95	93184	----a-w-	C:\Documents and Settings\Warrock EU\system\DSETUP.dll
2014-04-23 15:17:34	687FF777C0F4BF6D1AEB3D640350B998	409600	----a-w-	C:\Documents and Settings\Warrock EU\system\msvcr71.dll
2014-04-23 15:17:34	5477E649981223BF67356788C2B29DAE	204800	----a-w-	C:\Documents and Settings\Warrock EU\system\ortp.dll
2014-04-23 15:17:34	3AC63BA291CDCC358D44E676BBBC9220	2199552	----a-w-	C:\Documents and Settings\Warrock EU\system\vivoxsdk.dll
2014-04-23 15:17:33	E40612CFBBEBE77CE55EB05B2F721667	192512	----a-w-	C:\Documents and Settings\Warrock EU\system\alut.dll
2014-04-23 15:17:33	E20494BD347514118D93BD2B0FE37A82	643728	----a-w-	C:\Documents and Settings\Warrock EU\system\DFEngine.dll
2014-04-23 15:17:33	E02226F8D28844741D8D0424A5C7F7E3	217088	----a-w-	C:\Documents and Settings\Warrock EU\system\DecMPA.dll
2014-04-23 15:17:33	5B3839E1E505DF4EF306960C93477EBB	28160	----a-w-	C:\Documents and Settings\Warrock EU\system\de_vxc_lib.dll
2014-04-23 15:17:33	4DD7403DEFAC7CF21670C994A76C81C6	194560	----a-w-	C:\Documents and Settings\Warrock EU\system\binkw32.dll
2014-04-23 15:17:33	1CA939918ED1B930059B3A882DE6F648	3497832	----a-w-	C:\Documents and Settings\Warrock EU\system\d3dx9_34.dll
2014-04-23 15:17:33	--------	d-----w-	C:\Documents and Settings\Warrock EU\system
2014-04-23 15:16:53	--------	d-----w-	C:\Documents and Settings\Warrock EU\staticmesh
2014-04-23 15:16:19	420639AA340B30AB5FF2EAA8BB83EB35	12369	----a-w-	C:\Documents and Settings\Warrock EU\Readme.txt
2014-04-23 15:16:19	--------	d-----w-	C:\Documents and Settings\Warrock EU\sound
2014-04-23 15:16:16	--------	d-----w-	C:\Documents and Settings\Warrock EU\music
2014-04-23 15:13:57	--------	d-----w-	C:\Documents and Settings\Warrock EU\maps
2014-04-23 15:13:53	6AC0D3619D56FFF12E7199E49FB7D2DE	117	----a-w-	C:\Documents and Settings\Warrock EU\connection.cfg
2014-04-23 15:13:53	--------	d-----w-	C:\Documents and Settings\Warrock EU\data
2014-04-23 15:13:43	--------	d-----w-	C:\Documents and Settings\Warrock EU\animation
2014-04-23 13:44:54	--------	d--h--r-	C:\Documents and Settings\Jan Wesdijk\Onlangs geopend
2014-04-18 06:27:27	--------	d-----w-	C:\Documents and Settings\Jan Wesdijk\.ss2
2014-04-03 15:06:05	--------	d-sh--w-	C:\Documents and Settings\Jan Wesdijk\IECompatCache

====== C: exe-files ==
2014-04-24 12:23:42	440301FAF59A2C2EBACFB95DE3549360	10552320	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\installer_no_upload_silent.exe
2014-04-23 19:00:49	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\RSIT.exe
2014-04-23 15:21:26	FA8CA9919B361D112FAE100781F94D36	1455616	----a-w-	C:\Documents and Settings\Warrock EU\WRLauncher.exe
2014-04-23 15:21:26	A3F10D8892D037894139389288782992	108079	----a-w-	C:\Documents and Settings\Warrock EU\uninstall.exe
2014-04-23 15:21:26	099CAB127D6993502C774355EB6DFCF7	10479240	----a-w-	C:\Documents and Settings\Warrock EU\WRUpdater.exe
2014-04-23 15:17:35	932832C906ABE458B539B14255B4CC0B	3127778	----a-w-	C:\Documents and Settings\Warrock EU\system\WarRock.exe
2014-04-23 15:13:54	F38DFD2C5111BBBBE073F2579F19ED29	256112	----a-w-	C:\Documents and Settings\Warrock EU\data\HShield\Update\autoup.exe
2014-04-23 15:13:54	E0B9DDCBD70ED0066E268652068E7C0D	159072	----a-w-	C:\Documents and Settings\Warrock EU\data\HShield\HSUpdate.exe
2014-04-23 15:13:54	1457D33A5B3C019005410BCC59A8CAE4	779088	----a-w-	C:\Documents and Settings\Warrock EU\data\HShield\ahnrpt.exe
2014-04-23 15:10:43	850CC1F57702650BD3EEAB04B26311CA	3754328	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\Setup (2).exe
2014-04-23 14:12:43	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\mbam-setup-2.0.1.1004 (1).exe
2014-04-23 13:42:15	EB4CC6983DD97A37138CE9DE7EE59B8E	230	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\FindyKill.exe
2014-04-23 13:41:22	302103AF95A8F43AD85F80DAE14BDB9C	17305616	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\mbam-setup-2.0.1.1004.exe
2014-04-23 13:37:40	850CC1F57702650BD3EEAB04B26311CA	3754328	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\Setup (1).exe
2014-04-23 13:37:27	850CC1F57702650BD3EEAB04B26311CA	3754328	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\Setup.exe
2014-04-23 13:36:02	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient (5).exe
2014-04-23 13:35:26	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient (4).exe
2014-04-23 13:34:40	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient (3).exe
2014-04-22 18:51:57	DD43BC3F03A11FBC48E11C62A4579916	195936	----a-w-	C:\Program Files\TeamViewer\Version8\tv_w32.exe
2014-04-22 18:51:57	C1901FDC536089B66B2F05DD4D93624B	232800	----a-w-	C:\Program Files\TeamViewer\Version8\tv_x64.exe
2014-04-22 18:51:57	9C5C8799D69290084EE65203B1F670C5	626224	----a-w-	C:\Program Files\TeamViewer\Version8\uninstall.exe
2014-04-22 18:51:56	9FCEE09F232CB4985D4DFD5B4446D662	4537184	----a-w-	C:\Program Files\TeamViewer\Version8\TeamViewer_Desktop.exe
2014-04-22 18:51:56	8B485AC47C446C9FBEA8641DA36D35DC	12641632	----a-w-	C:\Program Files\TeamViewer\Version8\TeamViewer.exe
2014-04-22 18:51:56	775A7C4B689C0F112A12AD62064E57D1	5093216	----a-w-	C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe
2014-04-22 18:44:53	CC907C2FB839D3F92690A25FF8E463BE	4972864	----a-w-	C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
2014-04-22 18:44:53	B1CC5A127BCCD419E3C80C8F405F6088	464496	----a-w-	C:\Program Files\TeamViewer\Version9\uninstall.exe
2014-04-22 18:44:53	952DB5C0640FD7BA5DD12FAFF5B84DC4	4529472	----a-w-	C:\Program Files\TeamViewer\Version9\TeamViewer_Desktop.exe
2014-04-22 18:44:53	904B78DD60B85A6A5145FAB3876FF285	238400	----a-w-	C:\Program Files\TeamViewer\Version9\tv_w32.exe
2014-04-22 18:44:53	8561466282D2B93AE99AA2C336AF26CB	273216	----a-w-	C:\Program Files\TeamViewer\Version9\tv_x64.exe
2014-04-22 18:44:52	7E27BA11C41A05436DF334C604724E5D	12877632	----a-w-	C:\Program Files\TeamViewer\Version9\TeamViewer.exe
2014-04-22 18:15:59	5547AB584CA80A42F1A0CFC6405D0EE7	37003992	----a-w-	C:\Program Files\Google\Update\Install\{8ED5E408-1998-4418-BB6E-0D04C4E07822}\34.0.1847.116_chrome_installer.exe
2014-04-22 18:15:57	5547AB584CA80A42F1A0CFC6405D0EE7	37003992	----a-w-	C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\34.0.1847.116\34.0.1847.116_chrome_installer.exe
2014-04-22 16:47:41	EEF8E37F32AC6A8320ED514443140D7C	1455616	----a-w-	C:\Nexon\Warrock EU\WRLauncher.exe
2014-04-22 16:47:41	A3F10D8892D037894139389288782992	108079	----a-w-	C:\Nexon\Warrock EU\uninstall.exe
2014-04-22 16:47:41	099CAB127D6993502C774355EB6DFCF7	10479240	----a-w-	C:\Nexon\Warrock EU\WRUpdater.exe
2014-04-22 16:44:03	932832C906ABE458B539B14255B4CC0B	3127778	----a-w-	C:\Nexon\Warrock EU\system\WarRock.exe
2014-04-22 16:38:52	F38DFD2C5111BBBBE073F2579F19ED29	256112	----a-w-	C:\Nexon\Warrock EU\data\HShield\Update\autoup.exe
2014-04-22 16:38:52	E0B9DDCBD70ED0066E268652068E7C0D	159072	----a-w-	C:\Nexon\Warrock EU\data\HShield\HSUpdate.exe
2014-04-22 16:38:51	1457D33A5B3C019005410BCC59A8CAE4	779088	----a-w-	C:\Nexon\Warrock EU\data\HShield\ahnrpt.exe
2014-04-22 16:24:51	693F06C6AB35AB7623DE27D43BA7DBFD	5061957	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\WRManualPatcher (2).exe
2014-04-22 14:50:47	693F06C6AB35AB7623DE27D43BA7DBFD	5061957	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\WRManualPatcher (1).exe
2014-04-21 20:09:45	FF5E1F27193CE51EEC318714EF038BEF	56320	----a-w-	C:\Program Files\Microsoft\DesktopLayer.exe
2014-04-21 20:05:25	DAABA1EA7BB39F05C075832A16A41B8E	674304	--sh--w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\MSDCSC\msdcsc.exe
2014-04-21 19:50:28	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient (2).exe
2014-04-21 19:39:20	99A0413E16F0F76297F7604BB7692940	483328	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\DynamicPricer\DynamicPricerInstaller.exe
2014-04-21 19:07:16	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient (1).exe
2014-04-21 19:04:38	0A1C0CBFB5B07BC032521CC8F3F1E463	266752	--sh--w-	C:\Program Files\Windows Manager\winmgr.exe
2014-04-21 18:10:44	693F06C6AB35AB7623DE27D43BA7DBFD	5061957	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\WRManualPatcher.exe
2014-04-21 08:05:18	B744CBD076FA6ECBA3C9298467660E87	147456	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheatsClient.exe
2014-04-20 14:19:08	60D605E12A284D4EEA37F4EA12D4065C	1214299916	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\WRInstallerEU.exe
2014-04-20 14:02:15	CF7E0CB1E591DE610585BE6026396642	4570000	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\ControlPanel.exe
2014-04-19 08:54:12	F17B4E7A49505C578B06C9F5F6299216	475752	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil64.exe
2014-04-19 08:54:12	D94DA294C79A1F6CB4D9BC5DABF6C2A4	359016	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\vncutil.exe
2014-04-19 08:54:12	798C0C1FF4E0FCE646CA82AE0379CCB0	84584	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\SoundMan.exe
2014-04-19 08:54:11	F94A32C687926F21B1885D4AE7B9A419	1523416	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd.exe
2014-04-19 08:54:11	99E6CFDB24E47E68B7110067F19BD030	1719000	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RtlUpd64.exe
2014-04-19 08:54:11	992B653A9B3405BA903CEE7B3D4709B0	9721960	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RTLCPL.exe
2014-04-19 08:54:09	D3227E66A9DAEC1CE909D37098F9D241	177768	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService64.exe
2014-04-19 08:54:09	129BBDFFE4D3AE373DFA1779E6ED8989	129640	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RtkAudioService.exe
2014-04-19 08:54:07	529ABF7BC07F5688EF22B8F7FE2C76BF	20145368	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RTHDCPL.exe
2014-04-19 08:54:06	3616DDC4353F49360DD2EFED8FE4A6C4	2180712	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\MicCal.exe
2014-04-19 08:54:04	FFE0524419FE67CAF3F699EEF6EDF91C	44136	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\CPLUtl64.exe
2014-04-19 08:54:04	39C913873B3AB8593116BD4A7B9BB82B	2815592	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\AlcWzrd.exe
2014-04-19 08:54:03	EEB2E393B7EB8EBC1E9E56ED005806EC	64104	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\Alcmtr.exe
2014-04-18 06:20:36	9E81F303A86EE0DAD38CCBB06F311C7B	203264	----a-w-	C:\Documents and Settings\Jan Wesdijk\Application Data\Sun\Java\jre1.7.0_55\lzma.exe
2014-04-17 19:07:28	CC78200C3ECFFA178E78308A0E160D80	4672920	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\netsession_win.exe
2014-04-17 19:07:28	B5B1834B63D6E23421BC8840846F13B9	2402192	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\uninstall.exe
2014-04-17 19:07:26	65EC9C8E14DFC3D78212C33151B00D7C	6502792	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\rswinui.exe
2014-04-17 17:54:58	7E43A0BD7E2A70A41D3F756F6DCA30EE	140168	----a-w-	C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\admintool.exe
=== C: other files ==
2014-04-23 15:20:47	BF96460BF04A4DC9F4F54AD8CC0D4A06	4684209	----a-w-	C:\Documents and Settings\Warrock EU\texture\UI\Temp\Temp.zip
2014-04-22 16:47:15	BF96460BF04A4DC9F4F54AD8CC0D4A06	4684209	----a-w-	C:\Nexon\Warrock EU\texture\UI\Temp\Temp.zip
2014-04-21 20:27:46	B9F5C797EBBF55ADCCDD8539A65A0241	8	----a-w-	C:\WINDOWS\system32\drivers\mconfig.sys
2014-04-21 19:06:56	9F7A719FDF7C79DE84B81227A165D739	149720	----a-w-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\XTCheats Public D3D.zip
2014-04-21 19:04:56	!HASH: COULD NOT OPEN FILE !!!!!	266752	--sha-r-	C:\WINDOWS\system32\Microsoft.com
2014-04-19 08:54:22	F6AF59D6EEE5E1C304F7F73706AD11D8	1684736	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\Ambfilt.sys
2014-04-19 08:54:22	9FA7207D1B1ADEAD88AE8EED9CDBBAA5	1389056	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\Monfilt.sys
2014-04-19 08:54:18	E82A496C3961EFC6828B508C310CE98F	146048	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\portcls.sys
2014-04-19 08:54:18	6CB08593487F5701D2D2254E693EAFCE	60160	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\drmk.sys
2014-04-19 08:54:18	5F2CE51D5CA5E5473F1E9307D93A58D7	5940736	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\RtkHDAud.sys
2014-04-19 08:54:18	3E5D89099DED9E86E5639F411693218F	49408	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\stream.sys
2014-04-19 08:54:18	0753515F78DF7F271A5E61C20BCD36A1	141056	----a-w-	C:\WINDOWS\system32\ReinstallBackups\0011\DriverFiles\i386\ks.sys
2014-04-19 08:54:10	A916995CB503172020DA3C35E1227AC7	5589720	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RTKHDAUD.sys
2014-04-19 08:54:09	CF22B2FCB88785E847152F93EDE1ADA1	7400152	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\RTKHDA64.sys
2014-04-19 08:54:07	DD37C4C7BA28332D3D3444D3E634D794	140888	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\OAO17Afx.sys
2014-04-19 08:54:07	CAA4BD0FBF4BBC0C259146E1FFD00C24	1861720	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\Monft64.sys
2014-04-19 08:54:07	C7D9F9717916B34C1B00DD4834AF485C	1395800	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\Monfilt.sys
2014-04-19 08:54:04	267FC636801EDC5AB28E14036349E3BE	1691480	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\AMBFilt.sys
2014-04-19 08:54:04	1DFC5D5CD2E655D67C9CB0E4E8B2CB72	1801304	------w-	C:\Program Files\Realtek\Audio\Drivers\WDM\AMBFt64.sys
2014-04-19 08:29:51	0B79F08C22A4075F67F0F3D89CA62A19	534115	----a-r-	C:\Documents and Settings\Jan Wesdijk\Mijn documenten\Downloads\Virtual Audio Cable v4.13-AiR [deepstatus][h33t][1337x][flashtorrents]\vac413full.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-1614895754-413027322-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"Steam"="C:\Program Files\Steam\Steam.exe -silent"
"Akamai NetSession Interface"="C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\netsession_win.exe"
"MicroUpdate"="C:\Documents and Settings\Jan Wesdijk\Mijn documenten\MSDCSC\msdcsc.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_USERS\S-1-5-21-1614895754-413027322-1417001333-1004\Software\Microsoft\Windows\CurrentVersion\RunOnce]

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"_nltide_3"="rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"nwiz"="C:\Program Files\NVIDIA Corporation\nView\nwiz.exe /installquiet"
"NvMediaCenter"="RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit"
"NvCplDaemon"="RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"Hercules DJ Series TrayAgent"="C:\Program Files\Guillemot\HDJTray\HDJSeries2TrayBar.exe /boot"
"RTHDCPL"="RTHDCPL.EXE"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe"
"Steam"="C:\Program Files\Steam\Steam.exe -silent"
"Akamai NetSession Interface"="C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Akamai\netsession_win.exe"
"MicroUpdate"="C:\Documents and Settings\Jan Wesdijk\Mijn documenten\MSDCSC\msdcsc.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10-05-2013 13:10]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [10-05-2013 13:10]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [10-05-2013 12:55]

==== Chrome Look ======================

Google Wallet - Jan Wesdijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Custom VK Themes 2nd Gen - Jan Wesdijk\Local Settings\Application Data\Orbitum\User Data\Default\Extensions\dknfpeijjbkjekoogamecgefdalcmakj
Social Authentication Plugin - Jan Wesdijk\Local Settings\Application Data\Orbitum\User Data\Default\Extensions\hdpfeicgddgckmimbaednkieaehgccec
Sidebar Chat Window - Jan Wesdijk\Local Settings\Application Data\Orbitum\User Data\Default\Extensions\kbhkpllebbhhdlgmdfmmonjjlldnfmij
Google Wallet - Jan Wesdijk\Local Settings\Application Data\Orbitum\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4FC1B895-E129-4345-B101-CF4EF5EF80C8}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4FC1B895-E129-4345-B101-CF4EF5EF80C8} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Tijdelijke Internet-bestanden\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Application Data\Orbitum\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1577 folders=169 204296451 bytes)

==== Empty Temp Folders ======================

C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully
C:\Documents and Settings\Jan Wesdijk\Local Settings\Temp will be emptied at reboot
C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\JANWES~1\LOCALS~1\Temp successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Jan Wesdijk\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Program Files\Malwarebytes' Anti-Malware" not deleted
"C:\Program Files\McAfee Security Scan" not deleted
"C:\Program Files\Norman" not deleted
"C:\Program Files\trend micro" not deleted

==== EOF on do 24-04-2014 at 15:53:27,92 ======================