
Zoek.exe v5.0.0.0 Updated 18-Januari-2014
Tool run by Niek on zo 19-01-2014 at 13:45:48,32.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Niek\Downloads\zoek (1).exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

19-1-2014 13:47:27 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4195760411-867731452-1679736153-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully
HKEY_USERS\S-1-5-21-4195760411-867731452-1679736153-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EECAB31D-7C38-9156-FF78-B8B60ED77A23} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EECAB31D-7C38-9156-FF78-B8B60ED77A23} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{EECAB31D-7C38-9156-FF78-B8B60ED77A23} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EECAB31D-7C38-9156-FF78-B8B60ED77A23} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EECAB31D-7C38-9156-FF78-B8B60ED77A23} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCAA4D51-3A64-0979-A760-FF422D4D19E8} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{FCAA4D51-3A64-0979-A760-FF422D4D19E8} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FCAA4D51-3A64-0979-A760-FF422D4D19E8} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FCAA4D51-3A64-0979-A760-FF422D4D19E8} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCAA4D51-3A64-0979-A760-FF422D4D19E8} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4195760411-867731452-1679736153-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully
HKEY_USERS\S-1-5-21-4195760411-867731452-1679736153-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{ebd898f8-fcf6-4694-bc3b-eabc7271eeb1} deleted successfully

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\WiseConvert deleted
C:\ProgramData\SaVELots deleted
C:\ProgramData\BiuteSaaver deleted
C:\Windows\SysWow64\SearchProtect deleted
C:\ProgramData\claedannpkinaaehgdfidkemammhocnk deleted
C:\ProgramData\308e051fb8830b74 deleted
C:\Users\Niek\AppData\Local\SearchProtect deleted
C:\Users\Niek\AppData\Roaming\OpenCandy deleted
"C:\Program Files (x86)\SearchProtect\Main\bin\CltMngSvc.exe" deleted
"C:\Program Files (x86)\SearchProtect\UI\bin\cltmngui.exe" deleted
"C:\Program Files (x86)\SearchProtect" not deleted
"C:\Program Files (x86)\SearchProtect\Main" not deleted
"C:\Program Files (x86)\SearchProtect\UI" deleted
"C:\Program Files (x86)\SearchProtect\Main\bin" not deleted
"C:\Program Files (x86)\SearchProtect\UI\bin" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Niek\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-01-15 17:30:34	F2BF71FCEAB8FB8A691408C478E2FF4C	3156480	----a-w-	C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2014-01-15 17:30:36	DD253AFC3BC6CBA412342DE60C3647F3	30720	----a-w-	C:\Windows\Sysnative\drivers\usbuhci.sys
2014-01-15 17:30:36	DCA68B0943D6FA415F0C56C92158A83A	99840	----a-w-	C:\Windows\Sysnative\drivers\usbccgp.sys
2014-01-15 17:30:36	8D1196CFBB223621F2C67D45710F25BA	343040	----a-w-	C:\Windows\Sysnative\drivers\usbhub.sys
2014-01-15 17:30:36	18A85013A3E0F7E1755365D287443965	53248	----a-w-	C:\Windows\Sysnative\drivers\usbehci.sys
2014-01-15 17:30:36	12FEB33791920678F8433701C822BCFD	325120	----a-w-	C:\Windows\Sysnative\drivers\usbport.sys
2014-01-15 17:30:35	FFA06EF43987ED0DD42AD59B260C0C78	7808	----a-w-	C:\Windows\Sysnative\drivers\usbd.sys
2014-01-15 17:30:35	765A92D428A8DB88B960DA5A8D6089DC	25600	----a-w-	C:\Windows\Sysnative\drivers\usbohci.sys
2014-01-15 17:30:33	3555BA97171CD153118F73FDCCC8BFDE	376768	----a-w-	C:\Windows\Sysnative\drivers\netio.sys
2013-12-22 20:39:22	AAB5F5336EDBB5D99CC7E1A9F4D8F63F	79672	----a-w-	C:\Windows\Sysnative\drivers\aswstm.sys
2013-12-22 20:35:04	E52B001E7DF273C36CA5478F3843CD19	131232	----a-w-	C:\Windows\Sysnative\drivers\aswFW.sys
2013-12-22 20:34:59	0E27000220635C2D831B0A4689AFF6E9	439648	----a-w-	C:\Windows\Sysnative\drivers\aswNdisFlt.sys
====== C:\Windows\Tasks ======
2013-12-27 17:01:28	972ED46A2419D1E0401CC7905C1DDDB5	2764	----a-w-	C:\Windows\Sysnative\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2013-12-29 14:44:08	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2013-12-29 14:43:30	--------	d-----w-	C:\PROGRA~2\Java
2013-12-25 14:41:02	--------	d-----w-	C:\PROGRA~2\AVG PC TuneUp 2014
2013-12-25 14:40:01	--------	d-----w-	C:\PROGRA~2\SearchProtect
======= C: =====
====== C:\Users\Niek\AppData\Roaming ======
2014-01-01 15:54:40	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages
2013-12-29 14:42:49	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Locallow\Sun
2013-12-25 14:46:54	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG
2013-12-25 14:41:14	--------	d-----w-	C:\Users\Niek\AppData\Roaming\AVG
2013-12-25 14:38:16	--------	d-----w-	C:\Users\Niek\AppData\Roaming\uTorrent
====== C:\Users\Niek ======
2014-01-19 11:33:21	8B968045D75783A09592C3105F2865DA	688992	------r-	C:\Users\Niek\Downloads\dds.com
2013-12-29 14:44:23	--------	d-----w-	C:\ProgramData\Oracle
2013-12-29 14:43:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2013-12-29 09:46:56	--------	d-----w-	C:\ProgramData\Network Acceleration
2013-12-25 14:41:34	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2014
2013-12-25 14:40:57	--------	d-----w-	C:\ProgramData\AVG
2013-12-25 14:40:49	--------	d-sh--w-	C:\ProgramData\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
2013-12-22 20:40:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast

====== C: exe-files ==
=== C: other files ==
2014-01-19 11:33:21	8B968045D75783A09592C3105F2865DA	688992	------r-	C:\Users\Niek\Downloads\dds.com
2014-01-15 17:30:36	DD253AFC3BC6CBA412342DE60C3647F3	30720	----a-w-	C:\Windows\System32\drivers\usbuhci.sys
2014-01-15 17:30:36	DCA68B0943D6FA415F0C56C92158A83A	99840	----a-w-	C:\Windows\System32\drivers\usbccgp.sys
2014-01-15 17:30:36	8D1196CFBB223621F2C67D45710F25BA	343040	----a-w-	C:\Windows\System32\drivers\usbhub.sys
2014-01-15 17:30:36	18A85013A3E0F7E1755365D287443965	53248	----a-w-	C:\Windows\System32\drivers\usbehci.sys
2014-01-15 17:30:36	12FEB33791920678F8433701C822BCFD	325120	----a-w-	C:\Windows\System32\drivers\usbport.sys
2014-01-15 17:30:35	FFA06EF43987ED0DD42AD59B260C0C78	7808	----a-w-	C:\Windows\System32\drivers\usbd.sys
2014-01-15 17:30:35	765A92D428A8DB88B960DA5A8D6089DC	25600	----a-w-	C:\Windows\System32\drivers\usbohci.sys
2014-01-15 17:30:34	F2BF71FCEAB8FB8A691408C478E2FF4C	3156480	----a-w-	C:\Windows\System32\win32k.sys
2014-01-15 17:30:33	3555BA97171CD153118F73FDCCC8BFDE	376768	----a-w-	C:\Windows\System32\drivers\netio.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-4195760411-867731452-1679736153-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"AVG_TRAY"="C:\Program Files (x86)\AVG\AVG10\avgtray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"KiesHelper"="C:\Program Files (x86)\Samsung\Kies\KiesHelper.exe /s"
"KiesPDLR"="C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC32Loader.dll c:\\progra~3\\networ~1\\networ~1.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SearchProtect\\SearchProtect\\bin\\SPVC64Loader.dll C:\\PROGRA~3\\NETWOR~1\\NETWOR~2.DLL"

==== Startup Folders ======================

2013-11-04 16:51:27	1051	----a-w-	C:\Users\Niek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-02-2011 20:15]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-02-2011 20:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\TuneUpUtilities_Task_BkGndMaintenance2013" [C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"="C:\Program Files (x86)\AVG\AVG10\Firefox4" [10-04-2013 15:25]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[09-09-2011 02:11]

Google Wallet - Niek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== C:\zoek_backup content ======================

C:\zoek_backup (files=99 folders=36 74157025 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\SearchProtect"  not found

==== EOF on zo 19-01-2014 at 14:04:47,89 ======================