
Zoek.exe v5.0.0.0 Updated 30-08-2014
Tool run by Fred on zo 31-08-2014 at 21:16:44,02.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Fred\Pictures\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

31-8-2014 21:19:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\Malwarebytes' Anti-Malware deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\QuickTime deleted successfully
C:\PROGRA~2\BoostSoftware deleted successfully
C:\Users\Fred\AppData\Roaming\Google deleted successfully
C:\Users\Fred\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Fred\AppData\Roaming\Validity deleted successfully
C:\Users\Fred\AppData\Local\StormFall deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully
HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4} deleted successfully
HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Partner Service deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{83FF80F4-8C74-4b80-B5BA-C8DDD434E5C4}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] 
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\Partner deleted
C:\Users\Fred\AppData\Roaming\ParetoLogic deleted
C:\ProgramData\ParetoLogic deleted
C:\Program Files\SearchProtect deleted
C:\Program Files\NETGEAR ReadyNAS deleted
C:\Program Files\SopCast deleted
C:\Program Files\Mozilla Firefox\.autoreg deleted
C:\Program Files\Eusing Free Registry Cleaner deleted
C:\Users\Fred\AppData\Roaming\DriverCure deleted
C:\Users\Fred\AppData\Local\SearchProtect deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted
C:\Users\Fred\Downloads\SoftonicDownloader_voor_incredimail-2.exe deleted
C:\Users\Fred\Downloads\SoftonicDownloader_voor_winrar.exe deleted
C:\Windows\wininit.ini deleted
C:\Windows\system32\tasks\AVG_SYS_TASK_0614i deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-13 13:55:30	D07D4C3038F3578FFCE1C0237F2A1253	2926592	----a-w-	C:\Windows\explorer.exe
2014-08-10 15:37:59	70727E4147ABC5CF9BF8362FB4F4A911	92	----a-w-	C:\Windows\GridV.UNI
2014-08-10 15:37:07	7171E197044E987B1094F4E98021720F	83	----a-w-	C:\Windows\LManager.UNI
2014-08-10 15:36:25	D1996DD9C2E35E7B943AB684C73C0924	4838	----a-w-	C:\Windows\Suyin.reg
2014-08-10 15:36:25	B0AD95433FBEBE095BE12EEA3F8F3641	626688	----a-w-	C:\Windows\Image.dll
2014-08-10 15:36:25	798F20E016232FB3AC3D497AE699295B	200704	----a-w-	C:\Windows\PLFSetI.exe
2014-08-10 15:36:25	6E46242BCB8EBBD8B5D119266D73A9D3	222382	----a-w-	C:\Windows\Acer Crystal Eye webcam.ico
2014-08-10 15:36:25	5D44B215D018CEB64A7B0F64C0333240	36	----a-w-	C:\Windows\PidList.ini
2014-08-10 15:36:25	5A92317E6933CE2D90EF221135D1324A	352256	----a-w-	C:\Windows\Acer Crystal Eye webcam.EXE
2014-08-10 15:36:25	15D08BD1CCE6761813377FF501DE482E	9216	----a-w-	C:\Windows\usbvideo_reg.exe
====== C:\Users\Fred\AppData\Local\Temp ====
2014-08-29 19:04:04	AA2EB5B959B8C0719A2A5B435E6CDC82	53248	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292104-00001abc-zgy5v6pbyg\wlremoteclientlang-i386.msi
2014-08-29 19:04:04	1EC34913B32993787E46983A3F9DFF76	37888	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292104-00001abc-gqrtsmfvpm\wlremoteservicelang-i386.msi
2014-08-29 19:04:02	8D9112876329031F42A1BCF476FB5D37	4278272	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292104-00001abc-dc8oyrlrm9\PhotoLibraryLang.msi
2014-08-29 19:04:00	35406A4509E8750281B2C0632C23DFFA	5416448	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292104-00001abc-jljah49hge\writerlang.msi
2014-08-29 19:03:58	D1C58A643A8CF95B8E8F2DA01881E964	69120	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-9e4czm1f3w\UXPlatformLang.msi
2014-08-29 19:03:53	90609FA5EBAF95ED0EFACEAAE278E4A9	1524736	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-5oxluuz0zt\WLXSuiteLang.msi
2014-08-29 19:03:50	BFA96F447C1AC451C3FBEB910AFC98D3	1073664	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-yl1vb4hfnp\PhotoCommonLang.msi
2014-08-29 19:03:48	DFF5EAD062D14A42D5FF69B5BD4F61C8	5864960	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-pcd4onn2hg\MessengerLang.msi
2014-08-29 19:03:42	EE6D22BD2D2E45F3CB2A37373B6BE0DE	6219776	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-gog7rzb0kp\MailLang.msi
2014-08-29 19:03:40	470FA875FCF6B66A7EC0C362A49E8BDB	166912	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-ewz03hsjy2\MovieMakerLang.msi
2014-08-29 19:03:39	0ED1D1113904BE004CA579A1F22E31C7	29696	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-v1aptac7ei\writerprodlang.msi
2014-08-29 19:03:36	26D64CA82D9096D03EB4EF06E82D0D58	80384	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-vobk0txjor\WindowsLiveSyncLang.msi
2014-08-29 19:03:35	372B8AC2A2A7F1FD169DF548B5A4ADD1	71168	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-90i1ka9m6p\FSSClientLang_x86.msi
2014-08-29 19:03:33	269AE4E9C2EEECA56C85AA51BC97401A	57344	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-ngts2ob0bu\companion.mui.msi
2014-08-29 19:03:30	14FC74E93DF8BE0E71861CC95F32396B	3454976	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-yugol050fg\companion.core.msi
2014-08-29 19:03:22	C65BA80302268711530E3AE935E299A0	8979968	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-y3klytl41e\FSSClient_Suite_x86.msi
2014-08-29 19:03:13	7BA384F20EF53983C85BB946477AC817	6363136	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-gtl4wbpcsa\MeshRuntime.msi
2014-08-29 19:03:11	CB52DD64209A85C1EEB7F2550FD979F9	2480640	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-ibhasp9nqt\WLRemoteClient-i386.msi
2014-08-29 19:03:07	5B720025DF207C9510625E86F44BDFE5	6195200	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292103-00001abc-5h4hz5tioz\WindowsLiveSync.msi
2014-08-29 19:02:55	46D2FF77084C4A39393953A4FEF91FDE	775168	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-90a3ylyvvs\writerprod.msi
2014-08-29 19:02:48	54854BAC91E616BF8F71184C05AD0355	1819136	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-x2wj7d63cn\SQLServerCE31-EN.msi
2014-08-29 19:02:41	6064694D99DEB4279425C2099425B0B7	34193408	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-nwtf30xb9x\PhotoLibrary.msi
2014-08-29 19:02:30	B7D4BEEE971D2678A40E8809113D0083	11846656	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-239m7imvyw\MovieMaker.msi
2014-08-29 19:02:28	09541EFC85C7D64F369688D71F768F41	3664384	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-ljvmjzvlpd\SpamFilterData.msi
2014-08-29 19:02:25	10B41377AB309ECE8C8BA829FFC7F1FC	70144	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-hbn7vj4jbr\WLMimeFilter-i386.msi
2014-08-29 19:02:21	2C972DE1E1A1130C5BD834F434A0E28F	13850624	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-1fdyh2oxwf\Mail.msi
2014-08-29 19:02:17	175C3A569723F93B8D0D37B90EB71698	8313856	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-1fbhl5tt4d\Writer.msi
2014-08-29 19:02:15	1C26A77F50BFCA590760BDAC24E84E03	4680704	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-c57mcdyny9\crt90.msi
2014-08-29 19:02:12	58A2CF21B51D41CF1872EE547CF81777	147968	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-36tq7srs98\soxe.definitions.msi
2014-08-29 19:02:09	595975A12B8BBEEB39DDB29833E5C5F6	429056	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-e9fszsf9z6\soxe.core.msi
2014-08-29 19:02:06	BF26EA65E2C3BBB49BB466E7765303C5	4004864	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-4jz5a1a0ch\Contacts.msi
2014-08-29 19:02:04	328BB3198A56A8C6A039543B232FF503	2310656	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-ct8dklc2s9\pimt.msi
2014-08-29 19:02:00	2F23F76A4B497A35499C00B4FC5E1D3B	9433088	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292102-00001abc-3aj4ki9n7k\UXPlatform.msi
2014-08-29 19:01:51	282791611C9DBA51A4425DE58CC8DF27	7710720	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-lyepkevhm8\WLXSuite.msi
2014-08-29 19:01:47	141021890289016535D5D12741A0CBEC	2343936	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-wbnxqjrbr5\d3dx10-x86.msi
2014-08-29 19:01:37	65F366F46B61E587AF159CF411CDE0EF	939008	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-l0zgo4rwou\SegoeFont.msi
2014-08-29 19:01:25	B702DAE20A021BC244A239A833C3D1FB	8332288	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-f22dovvnec\PhotoCommon.msi
2014-08-29 19:01:14	77F123231DE70036DFB0C080D5078B3C	22647296	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-hv0iwhr8x2\Messenger.msi
2014-08-29 19:01:04	B9D48264811438678F2D148A60A95DC7	3614208	----a-w-	C:\Users\Fred\AppData\Local\Temp\08292101-00001abc-ub7mo0p2em\WLRemoteService-i386.msi
====== Java Cache =====
====== C:\Windows\system32 =====
2014-08-29 08:00:21	9852A1B92487147563D83B638F1E8D37	297984	----a-w-	C:\Windows\System32\gdi32.dll
2014-08-29 08:00:21	7350631241943D434C9DF900C079D8F7	2054656	----a-w-	C:\Windows\System32\win32k.sys
====== C:\Windows\system32\drivers =====
2014-08-20 11:08:45	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2014-08-15 10:45:36	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2014-08-15 09:12:46	DE9D36F91A4DF3D911626643DEBF11EA	40448	----a-w-	C:\Windows\System32\drivers\WpdUsb.sys
2014-08-15 08:16:47	933222B19FF3E7EA5F65517EA1F7D57E	3	----a-w-	C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2014-08-15 08:16:38	867C301E8B790040AE9CF6486E8041DF	155136	----a-w-	C:\Windows\System32\drivers\WUDFRd.sys
2014-08-15 08:16:38	06E6F32C8D0A3F66D956F57B43A2E070	66560	----a-w-	C:\Windows\System32\drivers\WUDFPf.sys
2014-08-15 08:16:37	48704647CD2E9DAA2EB81BDE6D029EDB	47720	----a-w-	C:\Windows\System32\drivers\WdfLdr.sys
2014-08-15 07:51:15	F4EAA7ECBCB25DE901C9B7F2CDCDA0B3	24064	----a-w-	C:\Windows\System32\drivers\tssecsrv.sys
2014-08-15 07:50:32	C7B0746FCD576D7EEBA6A2530B0B2966	905664	----a-w-	C:\Windows\System32\drivers\tcpip.sys
2014-08-15 07:50:24	B9C2B89F08670E159F7181891E449CD9	53120	----a-w-	C:\Windows\System32\drivers\partmgr.sys
2014-08-15 07:50:23	6DBA75306DD9B242B6F1C343179AD201	167936	----a-w-	C:\Windows\System32\drivers\portcls.sys
2014-08-15 07:50:23	2A63675F6FA8EF0FF9F5C72695584CAA	130048	----a-w-	C:\Windows\System32\drivers\drmk.sys
2014-08-15 07:50:19	786DB5771F05EF300390399F626BF30A	224640	----a-w-	C:\Windows\System32\drivers\volsnap.sys
2014-08-15 07:50:18	5C2C209CDEFBC51D83D66E8A53B2BE89	638400	----a-w-	C:\Windows\System32\drivers\dxgkrnl.sys
2014-08-15 07:49:39	2C1121F2B87E9A6B12485DF53CD848C7	1082232	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2014-08-15 07:49:36	FE619ED13CE12F5B43C04E3EA061BBD6	6016	----a-w-	C:\Windows\System32\drivers\usbd.sys
2014-08-15 07:49:36	F5272A105F59A7B3B345D9D6D87DA7AD	273408	----a-w-	C:\Windows\System32\drivers\afd.sys
2014-08-15 07:49:36	B09C74A41F26B08149707EA5E7F956C2	226304	----a-w-	C:\Windows\System32\drivers\usbport.sys
2014-08-15 07:49:36	AAB0B5F72D2D726FBFDC895A2902DE1D	73216	----a-w-	C:\Windows\System32\drivers\usbccgp.sys
2014-08-15 07:49:36	2AE6BCEBD85D31317E433733DAF25888	197632	----a-w-	C:\Windows\System32\drivers\usbhub.sys
2014-08-15 07:49:36	153E8515CB86F8BB5D1A8B478EBF4BB2	39936	----a-w-	C:\Windows\System32\drivers\usbehci.sys
2014-08-15 07:49:35	44056325428A8E4C755830426E29878F	23552	----a-w-	C:\Windows\System32\drivers\usbuhci.sys
2014-08-15 07:49:11	73FF24E21B690625A58109637DDA0DF7	134272	----a-w-	C:\Windows\System32\drivers\usbvideo.sys
2014-08-15 07:48:08	25944D2CC49E0A6C581D02A74B7D6645	527064	----a-w-	C:\Windows\System32\drivers\Wdf01000.sys
2014-08-15 07:48:00	B972A66758577E0BFD1DE0F91AAA27B5	12800	----a-w-	C:\Windows\System32\drivers\fs_rec.sys
2014-08-15 07:46:57	C127EBD5AFAB31524662C48DFCEB773A	180736	----a-w-	C:\Windows\System32\drivers\rdpwd.sys
2014-08-15 07:46:48	BE4AD4045D7A6C6AF4ECCBD5F6B7F8D8	25472	----a-w-	C:\Windows\System32\drivers\hidparse.sys
2014-08-15 07:46:18	4A1445EFA932A3BAF5BDB02D7131EE20	440704	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2014-08-15 07:46:15	8D31A140B55021BBD3A608F5A7AA2E18	15872	----a-w-	C:\Windows\System32\drivers\usb8023.sys
2014-08-13 13:55:52	EEC7EE5675294B03E88AA868540007C1	113664	----a-w-	C:\Windows\System32\drivers\rmcast.sys
2014-08-13 13:55:52	D9225D107E40D0FA5C5069446759C8E9	33280	----a-w-	C:\Windows\System32\drivers\RNDISMP.sys
2014-08-13 13:55:49	99514FAA8DF93D34B5589187DB3AA0BA	72192	----a-w-	C:\Windows\System32\drivers\pacer.sys
2014-08-13 13:55:49	941DC1D19E7E8620F40BBC206981EFDB	149480	----a-w-	C:\Windows\System32\drivers\pci.sys
2014-08-13 13:55:48	D36F239D7CCE1931598E8FB90A0DBC26	35328	----a-w-	C:\Windows\System32\drivers\npfs.sys
2014-08-13 13:55:46	85C44FDFF9CF7E72A40DCB7EC06A4416	148480	----a-w-	C:\Windows\System32\drivers\nwifi.sys
2014-08-13 13:55:45	B14C9D5B9ADD2F84F70570BBBFAA7935	225280	----a-w-	C:\Windows\System32\drivers\rdbss.sys
2014-08-13 13:55:45	509A98DD18AF4375E1FC40BC175F1DEF	41472	----a-w-	C:\Windows\System32\drivers\raspppoe.sys
2014-08-13 13:55:45	2005F4A1E05FA09389AC85840F0A9E4D	69120	----a-w-	C:\Windows\System32\drivers\rassstp.sys
2014-08-13 13:55:31	C8D5369BFE193B5FB53337DCE77CE314	76288	----a-w-	C:\Windows\System32\drivers\dxg.sys
2014-08-13 13:55:31	C67EBF9C05531C406E1E079FF669A2E6	27624	----a-w-	C:\Windows\System32\drivers\Dumpata.sys
2014-08-13 13:55:31	7F64EA048DCFAC7ACF8B4D7B4E6FE371	141288	----a-w-	C:\Windows\System32\drivers\ecache.sys
2014-08-13 13:55:30	5D4AEFC3386920236A548271F8F1AF6A	53736	----a-w-	C:\Windows\System32\drivers\disk.sys
2014-08-13 13:55:30	494075282E23D838F43A4C9FB7143959	19456	----a-w-	C:\Windows\System32\drivers\Diskdump.sys
2014-08-13 13:55:30	22B408651F9123527BCEE54B4F6C5CAE	136704	----a-w-	C:\Windows\System32\drivers\exfat.sys
2014-08-13 13:55:29	062452B7FFD68C8C042A6261FE8DFF4A	561152	----a-w-	C:\Windows\System32\drivers\hdaudbus.sys
2014-08-13 13:55:28	CCA4B519B17E23A00B826C55716809CC	12800	----a-w-	C:\Windows\System32\drivers\hidusb.sys
2014-08-13 13:55:28	5961CADB7CAD938368D2028725EF771D	39424	----a-w-	C:\Windows\System32\drivers\hidclass.sys
2014-08-13 13:55:28	1E9B9A70D332103C52995E957DC09EF8	142848	----a-w-	C:\Windows\System32\drivers\fastfat.sys
2014-08-13 13:55:28	01334F9EA68E6877C4EF05D3EA8ABB05	190424	----a-w-	C:\Windows\System32\drivers\fltMgr.sys
2014-08-13 13:55:27	73594DBC99E22958150192EE99BC48CE	99816	----a-w-	C:\Windows\System32\drivers\FWPKCLNT.SYS
2014-08-13 13:55:25	B1564976D98E91FC764D5DC28A0297DA	93696	----a-w-	C:\Windows\System32\drivers\bridge.sys
2014-08-13 13:55:25	82B296AE1892FE3DBEE00C9CF92F8AC7	265688	----a-w-	C:\Windows\System32\drivers\acpi.sys
2014-08-13 13:55:23	36975327EF03949CC378AB01E316B574	35304	----a-w-	C:\Windows\System32\drivers\crashdmp.sys
2014-08-13 13:55:22	6B4BFFB9BECD728097024276430DB314	67072	----a-w-	C:\Windows\System32\drivers\cdrom.sys
2014-08-13 13:55:21	0767B09C74D935A590B4879D14463B64	125928	----a-w-	C:\Windows\System32\drivers\Classpnp.sys
2014-08-13 13:55:15	ECD64230A59CBD93C85F1CD1CAB9F3F6	185856	----a-w-	C:\Windows\System32\drivers\netbt.sys
2014-08-13 13:55:15	82CEA0395524AACFEB58BA1448E8325C	114688	----a-w-	C:\Windows\System32\drivers\mrxdav.sys
2014-08-13 13:55:15	818F648618AE34F729FDB47EC68345C3	121344	----a-w-	C:\Windows\System32\drivers\ndiswan.sys
2014-08-13 13:55:15	1357274D1883F68300AEADD15D7BBB42	527848	----a-w-	C:\Windows\System32\drivers\ndis.sys
2014-08-13 13:55:14	6A57B5733D4CB702C8EA4542E836B96C	48104	----a-w-	C:\Windows\System32\drivers\mup.sys
2014-08-13 13:55:14	063EE4D3CB88A14EAB9901875CEE98B1	223208	----a-w-	C:\Windows\System32\drivers\netio.sys
2014-08-13 13:55:13	B49456D70555DE905C311BCDA6EC6ADB	161752	----a-w-	C:\Windows\System32\drivers\msrpc.sys
2014-08-13 13:55:13	232FA340531D940AAC623B121A595034	180712	----a-w-	C:\Windows\System32\drivers\msiscsi.sys
2014-08-13 13:54:58	EF73C1E29FBE7B0FD0274BF4394E346A	149504	----a-w-	C:\Windows\System32\drivers\ks.sys
2014-08-13 13:54:51	EDE59EC70E25C24581ADD1FBEC7325F7	17408	----a-w-	C:\Windows\System32\drivers\kbdhid.sys
2014-08-13 13:54:34	BE3DA31C191BC222D9AD503C5224F2AD	65536	----a-w-	C:\Windows\System32\drivers\USBSTOR.SYS
2014-08-13 13:54:33	4A5C31E2C1646034E6A60EBA4C747FF6	33280	----a-w-	C:\Windows\System32\drivers\watchdog.sys
2014-08-13 13:54:33	23E41B834759917BFD6B9A0D625D0C28	292840	----a-w-	C:\Windows\System32\drivers\volmgrx.sys
2014-08-13 13:54:29	70A92E46A2F459CDEDE3CA558CB26B6A	52992	----a-w-	C:\Windows\System32\drivers\stream.sys
2014-08-13 13:54:29	47E55AFE1ED1D5AFF09690DB226F4A7A	122344	----a-w-	C:\Windows\System32\drivers\Storport.sys
2014-08-13 13:54:26	7B75299A4D201D6A6533603D6914AB04	66560	----a-w-	C:\Windows\System32\drivers\smb.sys
2014-08-13 13:54:24	A7F8BAD9590ADDC425B4003E94780DFA	684032	----a-w-	C:\Windows\System32\drivers\spsys.sys
2014-08-13 13:54:23	D9728AF68C4C7693CB100B8441CBDEC6	226816	----a-w-	C:\Windows\System32\drivers\udfs.sys
2014-08-13 13:54:23	D06F193F3E9CC3B356DF97F6A43C054A	25856	----a-w-	C:\Windows\System32\drivers\USBCAMD.sys
2014-08-13 13:54:22	EAE017D3AA298374A1967B96C379C5AB	25856	----a-w-	C:\Windows\System32\drivers\USBCAMD2.sys
2014-08-13 13:54:04	76B06EB8A01FC8624D699E7045303E54	72192	----a-w-	C:\Windows\System32\drivers\tdx.sys
2014-08-13 13:54:04	3CAD38910468EAB9A6479E2F01DB43C7	53224	----a-w-	C:\Windows\System32\drivers\termdd.sys
2014-08-13 11:18:27	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2014-08-10 16:54:13	F870AA3E254628EBEAFE754108D664DE	411648	----a-w-	C:\Windows\System32\drivers\http.sys
2014-08-10 16:50:13	300DB877AC094FEAB0BE7688C3454A9C	25088	----a-w-	C:\Windows\System32\drivers\tunnel.sys
2014-08-10 16:49:37	35F376253F687BDE63976CCB3F2108CA	69632	----a-w-	C:\Windows\System32\drivers\bowser.sys
2014-08-10 16:49:34	41987F9FC0E61ADF54F581E15029AD91	305152	----a-w-	C:\Windows\System32\drivers\srv.sys
2014-08-10 16:49:27	FF33AFF99564B1AA534F58868CBE41EF	146432	----a-w-	C:\Windows\System32\drivers\srv2.sys
2014-08-10 16:49:27	7605C0E1D01A08F3ECD743F38B834A44	102400	----a-w-	C:\Windows\System32\drivers\srvnet.sys
2014-08-10 16:49:14	C3CB1B40AD4A0124D617A1199B0B9D7C	79872	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2014-08-10 16:49:14	4FCCB34D793B116423209C0F8B7A3B03	214016	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2014-08-10 16:49:14	1E94971C4B446AB2290DEB71D01CF0C2	106496	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2014-08-10 16:49:10	622C41A07CA7E6DD91770F50D532CB6C	75264	----a-w-	C:\Windows\System32\drivers\dfsc.sys
2014-08-10 16:48:49	608C345A255D82A6289C2D468EB41FD7	30720	----a-w-	C:\Windows\System32\drivers\tcpipreg.sys
2014-08-10 15:37:35	8BCD857C7932AD005D5F9C89329DA2E1	54784	----a-w-	C:\Windows\System32\drivers\itecir.sys
2014-08-10 15:34:42	8D59617A9C3DBF4650AA44F4E9215744	43184	----a-w-	C:\Windows\System32\drivers\AlfaFF.sys
====== C:\Windows\Tasks ======
2014-08-23 08:02:48	98713A22F7DE33B73DF9B9514D84FA5B	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-23 08:02:48	7EEA9E6485F7CBFD27D189E7BA8684C3	3792	----a-w-	C:\Windows\system32\Tasks\Adobe Flash Player Updater
2014-08-15 10:58:21	--------	d-----w-	C:\Windows\system32\Tasks\WPD
2014-08-10 17:37:36	F21F3C62899E75C49CB391BF0344AA55	3164	----a-w-	C:\Windows\system32\Tasks\CreateChoiceProcessTask
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-08-30 16:46:00	--------	d-----w-	C:\Program Files\trend micro
2014-08-16 14:14:31	--------	d-----w-	C:\Program Files\PCStreams
2014-08-16 08:27:53	--------	d-----w-	C:\Program Files\Microsoft
2014-08-15 16:40:10	--------	d-----w-	C:\Program Files\Common Files\Skype
2014-08-15 16:40:09	--------	d-----r-	C:\Program Files\Skype
2014-08-15 11:26:29	--------	d-----w-	C:\Program Files\NVIDIA Corporation
2014-08-15 10:46:44	--------	d-----w-	C:\Program Files\Windows Portable Devices
2014-08-15 07:18:56	--------	d-----w-	C:\Program Files\Microsoft Windows 7 Upgrade Advisor
2014-08-11 08:24:57	--------	d-----w-	C:\Program Files\FBReader
2014-08-11 06:38:50	--------	d-----w-	C:\Program Files\VideoLAN
2014-08-11 06:30:40	--------	d-----w-	C:\Program Files\Common Files\DESIGNER
2014-08-10 23:17:22	--------	d-----w-	C:\Program Files\Microsoft Silverlight
2014-08-10 20:58:53	--------	d-----w-	C:\Program Files\Photo Notifier and Animation Creator
2014-08-10 20:51:47	--------	d-----w-	C:\Program Files\IncrediMail
2014-08-10 20:43:18	--------	d-----w-	C:\Program Files\WinRAR
2014-08-10 18:50:14	--------	d-----w-	C:\Program Files\Mozilla Maintenance Service
2014-08-10 18:25:44	--------	d-----w-	C:\Program Files\AVG
2014-08-10 15:50:07	--------	d-----w-	C:\Program Files\Acer Arcade Deluxe
2014-08-10 15:38:14	--------	d-----w-	C:\Program Files\Common Files\Wise Installation Wizard
2014-08-10 15:37:57	--------	d-----w-	C:\Program Files\Acer Inc
2014-08-10 15:37:06	--------	d-----w-	C:\Program Files\Launch Manager
2014-08-10 15:34:05	--------	d-----w-	C:\Program Files\Validity Sensors, Inc
======= C: =====
2014-08-16 13:44:53	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\MSDOS.SYS
2014-08-16 13:44:53	D41D8CD98F00B204E9800998ECF8427E	0	--sha-r-	C:\IO.SYS
2014-08-10 15:49:31	7DF6E005D7512DEB40BCE1D9A8ABEB24	20	----a-w-	C:\Medion.ini
2014-08-10 15:41:24	F30546458500679AE68D183BC2E34C14	58	----a-w-	C:\Partition.txt
====== C:\Users\Fred\AppData\Roaming ======
2014-08-31 09:18:05	--------	d-----w-	C:\Users\Fred\AppData\Roaming\eSobi
2014-08-29 14:58:06	--------	d-----w-	C:\Users\Fred\AppData\Local\ElevatedDiagnostics
2014-08-27 08:08:21	--------	d-----w-	C:\Users\Default\AppData\Roaming\TuneUp Software
2014-08-27 08:08:21	--------	d-----w-	C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-08-23 06:52:32	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Apple Computer
2014-08-22 18:02:40	--------	d-----w-	C:\Users\Fred\AppData\Local\Apple
2014-08-22 18:00:46	--------	d-----w-	C:\Users\Fred\AppData\Locallow\Apple Computer
2014-08-16 14:45:13	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SopCast
2014-08-16 14:34:16	--------	d-----w-	C:\Users\Fred\AppData\Roaming\.Torrent Stream
2014-08-16 14:33:28	--------	d-----w-	C:\Users\Fred\AppData\Roaming\TorrentStream
2014-08-16 08:56:20	9CE7EFD4CF7C95F24B726A78B0F45274	3584	----a-w-	C:\Users\Fred\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-16 08:26:51	--------	d-----w-	C:\Users\Fred\AppData\Local\Windows Live
2014-08-15 07:22:31	--------	d-----w-	C:\Users\Fred\AppData\Local\Microsoft Corporation
2014-08-11 10:24:15	--------	d-----w-	C:\Users\Fred\AppData\Local\Skype
2014-08-11 10:24:09	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Skype
2014-08-11 08:31:34	--------	d-s---w-	C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft
2014-08-11 08:24:58	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-08-11 07:51:51	--------	d-----w-	C:\Users\Fred\AppData\Local\PCStreams3
2014-08-11 06:55:59	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Downloaded Installations
2014-08-11 06:40:36	--------	d-----w-	C:\Users\Fred\AppData\Roaming\vlc
2014-08-11 06:25:06	--------	d-----w-	C:\Users\Fred\AppData\Local\Microsoft Help
2014-08-11 06:10:38	BEA07E6D2B8DCE396FE21BAA61B34956	6	--sha-w-	C:\Windows\serviceprofiles\networkservice\AppData\Locallow\desktop.ini
2014-08-10 21:12:54	--------	d-----w-	C:\Users\Fred\AppData\Roaming\WinRAR
2014-08-10 20:44:44	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-10 20:05:08	--------	d-----w-	C:\Users\Fred\AppData\Local\IM
2014-08-10 18:50:22	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Mozilla
2014-08-10 18:50:22	--------	d-----w-	C:\Users\Fred\AppData\Local\Mozilla
2014-08-10 18:28:03	--------	d-----w-	C:\Users\Fred\AppData\Roaming\AVG2014
2014-08-10 18:27:49	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\AVG2014
2014-08-10 18:27:23	--------	d-----w-	C:\Users\Fred\AppData\Roaming\TuneUp Software
2014-08-10 18:25:45	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Local\Avg2014
2014-08-10 18:23:10	--------	d-----w-	C:\Users\Fred\AppData\Local\Avg2014
2014-08-10 18:13:37	--------	d-----w-	C:\Users\Fred\AppData\Roaming\uTorrent
2014-08-10 17:54:43	--------	d-----w-	C:\Users\Default\AppData\Local\Microsoft Help
2014-08-10 17:54:43	--------	d-----w-	C:\Users\Default User\AppData\Local\Microsoft Help
2014-08-10 17:03:34	--------	d-----w-	C:\Users\Fred\AppData\Local\WindowsUpdate
2014-08-10 16:48:39	--------	d-----w-	C:\Users\Fred\AppData\Locallow\Google
2014-08-10 16:34:48	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2014-08-10 16:30:58	--------	d-s---w-	C:\Users\Fred\AppData\Locallow\Microsoft
2014-08-10 16:21:42	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
2014-08-10 16:20:40	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Adobe
2014-08-10 15:55:55	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\Acer
2014-08-10 15:55:55	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Acer
2014-08-10 15:52:16	--------	d-----w-	C:\Users\Fred\AppData\Local\PowerCinema
2014-08-10 15:36:14	--------	d-----w-	C:\Users\Fred\AppData\Roaming\InstallShield
2014-08-10 15:34:32	--------	d-----w-	C:\Windows\system32\config\systemprofile\AppData\Roaming\Validity
2014-08-10 15:34:14	--------	d-----w-	C:\Users\Fred\AppData\Local\Google
2014-08-10 15:33:50	8336BBCC1C6DF754D731C36C37B18944	72632	----a-w-	C:\Users\Fred\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-10 15:33:46	--------	d-----r-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-08-10 15:33:46	--------	d-----r-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-08-10 15:33:38	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Identities
2014-08-10 15:32:25	BEA07E6D2B8DCE396FE21BAA61B34956	6	--sha-w-	C:\Users\Fred\AppData\Locallow\desktop.ini
2014-08-10 15:31:23	--------	d-----w-	C:\Users\Fred\AppData\Local\VirtualStore
2014-08-10 15:31:20	--------	d-s---w-	C:\Users\Fred\AppData\Roaming\Microsoft
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDirector
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Media Center Programs
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\AppData\Roaming\Acer GameZone Console
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\AppData\Local\Temp
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\AppData\Local\Microsoft
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-10 15:27:56	2637DB8842239EF12131CB8F0F238CEB	71280	----a-w-	C:\Windows\system32\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT
====== C:\Users\Fred ======
2014-08-30 16:44:50	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Fred\Downloads\RSIT.exe
2014-08-16 14:45:13	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SopCast
2014-08-16 14:14:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCStreams
2014-08-16 08:00:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-08-15 16:40:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-11 11:45:48	--------	d-----r-	C:\Windows\system32\config\systemprofile\Music
2014-08-11 10:23:42	--------	d-----w-	C:\ProgramData\Skype
2014-08-11 09:32:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NETGEAR ReadyNAS
2014-08-11 08:24:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FBReader for Windows
2014-08-11 07:51:51	--------	d-----w-	C:\ProgramData\PCStreams
2014-08-11 06:39:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-08-10 23:18:03	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-08-10 20:44:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-08-10 20:05:40	--------	d-----w-	C:\ProgramData\Photo Notifier and Animation Creator
2014-08-10 20:05:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IncrediMail
2014-08-10 20:04:50	--------	d-----w-	C:\ProgramData\IncrediMail
2014-08-10 20:04:50	--------	d-----w-	C:\ProgramData\IM
2014-08-10 18:50:14	--------	d-----w-	C:\ProgramData\Mozilla
2014-08-10 18:39:21	58C8F6D1EFC301A2A559DEB633E50E00	31776	----a-w-	C:\ProgramData\nvModes.001
2014-08-10 18:28:27	58C8F6D1EFC301A2A559DEB633E50E00	31776	----a-w-	C:\ProgramData\nvModes.dat
2014-08-10 18:27:23	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-08-10 18:26:58	--------	d-----w-	C:\ProgramData\AVG2014
2014-08-10 18:23:10	--------	d--h--w-	C:\ProgramData\Common Files
2014-08-10 15:52:15	--------	d-----r-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Arcade Deluxe
2014-08-10 15:50:05	--------	d-----w-	C:\ProgramData\CyberLink
2014-08-10 15:50:04	--------	d-----w-	C:\ProgramData\Temp
2014-08-10 15:38:22	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-10 15:37:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer GridVista
2014-08-10 15:37:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Launch Manager
2014-08-10 15:36:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer Crystal Eye Webcam
2014-08-10 15:33:46	--------	d-----r-	C:\Users\Fred\Searches
2014-08-10 15:33:33	--------	d-----r-	C:\Users\Fred\Contacts
2014-08-10 15:31:34	--------	d-----w-	C:\ProgramData\Google
2014-08-10 15:31:23	--------	d-----w-	C:\ProgramData\NVIDIA
2014-08-10 15:31:21	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Fred\ntuser.ini
2014-08-10 15:31:20	--------	d--h--w-	C:\Users\Fred\AppData
2014-08-10 15:31:20	--------	d-----w-	C:\Users\Fred\Roaming
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Videos
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Pictures
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Music
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Links
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Favorites
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Downloads
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Documents
2014-08-10 15:31:20	--------	d-----r-	C:\Users\Fred\Desktop
2014-08-10 15:27:55	--------	d-----r-	C:\Windows\system32\config\systemprofile\Contacts

====== C: exe-files ==
2014-08-30 16:46:01	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Fred.exe
2014-08-30 16:44:50	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Fred\Downloads\RSIT.exe
2014-08-29 20:48:40	0D58398FB81425C45DCDEBB3029A9859	981612	----a-w-	C:\Users\Fred\Documents\downloads\5 x Prog PC- Film-Paleis ( Webspinner )\5 progjes om PC up to date te maken\EusingCleaner-Setup.exe
2014-08-29 20:48:28	607D9F853AEF16302A51F597A4384EFB	4104448	----a-w-	C:\Users\Fred\Documents\downloads\5 x Prog PC- Film-Paleis ( Webspinner )\5 progjes om PC up to date te maken\defraggler-setup215.exe
2014-08-29 20:48:26	B20D53AA4DA9A8D5A281BEA29694C964	27473560	----a-w-	C:\Users\Fred\Documents\downloads\5 x Prog PC- Film-Paleis ( Webspinner )\5 progjes om PC up to date te maken\SUPERAntiSpyware.exe
2014-08-29 20:48:26	683FDD3D773C58B262DC07CD0C6CE938	10285040	----a-w-	C:\Users\Fred\Documents\downloads\5 x Prog PC- Film-Paleis ( Webspinner )\5 progjes om PC up to date te maken\mbam-setup-1.75.0.1300.exe
2014-08-25 10:27:26	C2691E8E97BE177CB7904E1510E47CFD	5503536	----a-w-	C:\Program Files\AVG\AVG2014\avgcremx.exe
=== C: other files ==
2014-08-29 08:00:21	7350631241943D434C9DF900C079D8F7	2054656	----a-w-	C:\Windows\System32\win32k.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"ePower_DMC"="C:\Program Files\Acer\Empowering Technology\ePower\ePower_DMC.exe"
"eDataSecurity Loader"="C:\Program Files\Acer\Empowering Technology\eDataSecurity\x86\eDSloader.exe"
"eAudio"="C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe"
"BkupTray"="C:\Program Files\NewTech Infosystems\NTI Backup Now 5\BkupTray.exe"
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"
"ZPdtWzdVitaKey MC3000"="C:\Program Files\Acer\Acer Bio Protection\PdtWzd.exe show"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"LManager"="C:\PROGRA~1\LAUNCH~1\LManager.exe"
"ArcadeDeluxeAgent"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\ArcadeDeluxeAgent.exe"
"CLMLServer"="C:\Program Files\Acer Arcade Deluxe\Acer Arcade Deluxe\Kernel\CLML\CLMLSvc.exe"
"PlayMovie"="C:\Program Files\Acer Arcade Deluxe\PlayMovie\PMVService.exe"
"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"
"Skytel"="Skytel.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ProductReg"="C:\Program Files\Acer\WR_PopUp\ProductReg.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

==== Startup Folders ======================

2014-08-10 15:55:47	627	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [18-08-2014 10:06]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [10-08-2014 19:57]

==== Firefox Extensions ======================

AppDir: C:\Program Files\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Fred\AppData\Roaming\Mozilla\Firefox\Profiles\tssuzbjh.default
9EE20E6E2E3F94714D44F739B9A228F4	- C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll -	Shockwave Flash
0CA4180B21C6B728578F3B0433BB740E	- C:\Program Files\VideoLAN\VLC\npvlc.dll -	VLC Web Plugin
893BF7D2261C56C24F813405D9D018E0	- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll -	Silverlight Plug-In
5B92CB0A3EEE50F6B9AE036B4F9B0F0C	- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll -	Google Earth Plugin
AB87EEFFD18F2BAAFC274E7075EA6C67	- c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll -	Windows Presentation Foundation / Windows Presentation Foundation
6DE7BF0DADC0881F7ED82D9FCC998B89	- C:\Program Files\Adobe\Reader 9.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
8DA2ED6B04EA33F2EAE8BA883F903729	- c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll -	Microsoft® Silverlight


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.startpagina.nl/"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0814&m=aspire_8930"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0814&m=aspire_8930"
"Default_Page_URL"="http://homepage.acer.com/rdr.aspx?b=ACAW&l=0413&s=2&o=vp32&d=0814&m=aspire_8930"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.startpagina.nl/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{ED1574C3-F8FB-424A-9EA5-524A9171E876}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown  Url="Not_Found"
{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Unknown  Url="Not_Found"
{ED1574C3-F8FB-424A-9EA5-524A9171E876} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ACAW_nl"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully
HKEY_USERS\S-1-5-21-2624780302-3380255574-999732822-1000\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Fred\AppData\Local\Mozilla\Firefox\Profiles\tssuzbjh.default\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=876 folders=92 115976072 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Fred\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Fred\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on zo 31-08-2014 at 21:39:34,68 ======================