
Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by Tom on di 08-04-2014 at 10:38:30,12.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Tom\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

8-4-2014 10:39:57 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\PCSettings deleted successfully
C:\PROGRA~3\Pinnacle Studio Plus deleted successfully
C:\Users\Tom\AppData\Roaming\DataWork deleted successfully
C:\Users\Tom\AppData\Roaming\DRPSu deleted successfully
C:\Users\Tom\AppData\Roaming\_backups deleted successfully
C:\Users\Tom\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1575477518-171496975-3064318448-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Tom\AppData\Roaming\DriverCure deleted
C:\Users\Tom\AppData\Roaming\ParetoLogic deleted
C:\ProgramData\ParetoLogic deleted
C:\Users\Tom\Downloads\SoftonicDownloader_voor_grabit.exe deleted
C:\Users\Tom\Downloads\SoftonicDownloader_voor_inssider.exe deleted
C:\Users\Tom\AppData\Roaming\iexplore.exe deleted
"C:\Users\Tom\AppData\Roaming\service" deleted
"C:\Users\Tom\AppData\Roaming\java\css.exe" deleted
"C:\Users\Tom\AppData\Roaming\java\host" deleted
"C:\Users\Tom\AppData\Roaming\java\svs.exe" deleted
"C:\Users\Tom\AppData\Roaming\java" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Tom\AppData\Local\Temp ====
2014-04-06 12:50:20	E12A1B5088A8A465F2E48E61CD8D2C87	9580608	----a-w-	C:\Users\Tom\AppData\Local\Temp\Foxit Reader Updater.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-04-07 10:54:45	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-03-21 11:49:50	--------	d-----w-	C:\PROGRA~2\MetaGeek
======= C: =====
====== C:\Users\Tom\AppData\Roaming ======
2014-04-04 12:43:31	--------	d-----w-	C:\Users\Tom\AppData\Local\NPE
2014-03-21 11:54:37	--------	d-----w-	C:\Users\Tom\AppData\Local\MetaGeek,_LLC
====== C:\Users\Tom ======
2014-04-07 10:53:41	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Tom\Downloads\RSITx64.exe
2014-04-07 10:52:05	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Tom\Downloads\RSIT.exe
2014-04-07 07:23:52	1A38821C658C70BEB2A0A6F335498A1A	104877	----a-w-	C:\Users\Tom\Documents\uninx84.exe
2014-04-07 06:22:16	1577E7FC43C0D204A0141F495937FBE1	104877	----a-w-	C:\Users\Tom\Documents\thumbscl.exe
2014-04-04 10:06:28	869C96BE39404C96BF7EB77AD62A6854	24037380	----a-w-	C:\Users\Tom\Documents\wincmd.exe
2014-03-21 11:49:50	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MetaGeek

====== C: exe-files ==
2014-04-07 10:54:46	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Tom.exe
2014-04-07 10:53:41	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Tom\Downloads\RSITx64.exe
2014-04-07 10:52:05	69CA82A7482A00D8EE063D2B97FC4338	781383	----a-w-	C:\Users\Tom\Downloads\RSIT.exe
2014-04-07 07:23:52	1A38821C658C70BEB2A0A6F335498A1A	104877	----a-w-	C:\Users\Tom\Documents\uninx84.exe
2014-04-07 06:22:16	1577E7FC43C0D204A0141F495937FBE1	104877	----a-w-	C:\Users\Tom\Documents\thumbscl.exe
2014-04-07 06:21:54	8B4489CFD5CAF30318D717024D365561	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-1575477518-171496975-3064318448-1000\$I7UOHMC.exe
2014-04-07 06:21:39	2676E905CE02586AAFC6B52844FE8C7A	105567	----a-w-	C:\$Recycle.Bin\S-1-5-21-1575477518-171496975-3064318448-1000\$R7UOHMC.exe
2014-04-06 12:50:20	E12A1B5088A8A465F2E48E61CD8D2C87	9580608	----a-w-	C:\Users\Tom\AppData\Local\Temp\Foxit Reader Updater.exe
2014-04-04 10:06:28	869C96BE39404C96BF7EB77AD62A6854	24037380	----a-w-	C:\Users\Tom\Documents\wincmd.exe
2014-04-02 06:20:45	E093151047BBFFC0CD78D52F36490206	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateOnDemand.exe
2014-04-02 06:20:45	398F40FAE5ADA9521544393F1F67A17E	51080	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateBroker.exe
2014-04-02 06:20:45	039DE3F65C7992994F788EAC8E79BF4F	884504	----a-w-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateSetup.exe
2014-04-02 06:20:39	7E6B107120108B3A15BFECE0DE3201DB	228744	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
2014-04-02 06:20:39	6EFC5F64258FE0D9DA3CCFA7FF4D84BD	114568	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdateComRegisterShell64.exe
2014-04-02 06:20:39	506708142BC63DABA64F2D3AD1DCD5BF	116648	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleUpdate.exe
2014-04-02 06:20:39	0D5CE0E5AEC3ACC7930AB955334B8533	281480	----atw-	C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
2014-04-02 06:20:38	039DE3F65C7992994F788EAC8E79BF4F	884504	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.23.9\GoogleUpdateSetup.exe
=== C: other files ==
2014-04-08 05:54:02	6305FC8FADF370919B080260587D86B6	108	---ha-w-	C:\Program Files (x86)\Common Files\X10\Common\x10prod.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1575477518-171496975-3064318448-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"idle32"="C:\Users\Tom\Documents\wincmd.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"Cobian Backup 11 interface"="C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe -service"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"idle32"="C:\Users\Tom\Documents\wincmd.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12-03-2014 12:48]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-10-2013 11:37]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [05-10-2013 11:37]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\WSCStub.exe"]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{BBDA0591-3099-440a-AA10-41764D9DB4DB}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.0.2.1\IPSFF" [09-10-2013 20:42]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx[11-03-2014 22:44]

Google Docs - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Norton Identity Protection - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Google Wallet - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Tom\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage deleted successfully
C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.pricepeep.net_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Tom\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Tom\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=13 folders=8 3299744 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Tom\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Tom\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on di 08-04-2014 at 11:08:22,82 ======================