
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Erik on do 24-04-2014 at 21:40:53,29.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Erik\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

24-4-2014 21:42:24 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Acro Software deleted successfully
C:\PROGRA~2\Comodo deleted successfully
C:\Program Files\PDFCreator deleted successfully
C:\Users\Chantal\AppData\Local\VirtualStore deleted successfully
C:\Users\Erik\AppData\Local\CutePDF Writer deleted successfully
C:\Users\Erik\AppData\Local\DriverToolkit deleted successfully
C:\Users\Erik\AppData\Local\PackageAware deleted successfully
C:\Users\Erik_2\AppData\Local\VirtualStore deleted successfully
C:\Users\Myrthe\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3410450458-18125292-3348098418-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully
HKEY_USERS\S-1-5-21-3410450458-18125292-3348098418-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Erik\AppData\Roaming\DigitalSites deleted
C:\Users\Erik\AppData\Roaming\pdfforge deleted
C:\PROGRA~3\Package Cache deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Erik\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2014-04-23 07:29:50	AFA852563F2145C26B34F939487A86E9	835584	----a-w-	C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-23 07:29:50	7F1FC7E98B7DD19BDBB4B2424F93DA8B	1036288	----a-w-	C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-23 07:29:33	CCF19C82F6145E4A467F7CB9AF82026C	17073152	----a-w-	C:\WINDOWS\SysWOW64\mshtml.dll
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
2014-04-23 07:29:51	82580BA9C29F7553FBB4FF6A80664157	1109424	----a-w-	C:\WINDOWS\Sysnative\KernelBase.dll
2014-04-23 07:29:50	AAC770C00645F25A6CE9CCB711F8E7ED	1287576	----a-w-	C:\WINDOWS\Sysnative\kernel32.dll
2014-04-23 07:29:41	C3E3EFD320D0000BE6F9CDB00CD6086F	23134208	----a-w-	C:\WINDOWS\Sysnative\mshtml.dll
====== C:\WINDOWS\Sysnative\drivers =====
2014-04-23 07:29:53	B8B663BE41827211737F627473D6D192	377176	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
2014-04-23 07:29:53	725EF69B2DBEB7B33280019A556201BC	2008408	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-04-23 07:32:43	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-04-18 20:55:33	--------	d-----w-	C:\PROGRA~2\GPLGS
======= C: =====
====== C:\Users\Erik\AppData\Roaming ======
2014-04-18 20:56:40	--------	d-s---w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Locallow\Microsoft
2014-04-18 20:55:11	--------	d-----w-	C:\Users\Erik\AppData\Roaming\Mozilla
2014-04-14 13:50:17	--------	d-----w-	C:\Users\Myrthe\AppData\Roaming\Identities
2014-04-13 15:45:49	--------	d-----w-	C:\Users\Erik\AppData\Roaming\U3
====== C:\Users\Erik ======
2014-04-18 20:55:31	--------	d-----w-	C:\ProgramData\Real

====== C: exe-files ==
2014-04-23 07:32:43	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Erik.exe
2014-04-23 07:32:30	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Erik\AppData\Local\Microsoft\Windows\INetCache\IE\UOEW8HNZ\RSITx64.exe
=== C: other files ==
2014-04-23 07:29:53	B8B663BE41827211737F627473D6D192	377176	----a-w-	C:\Windows\System32\drivers\clfs.sys
2014-04-23 07:29:53	725EF69B2DBEB7B33280019A556201BC	2008408	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2014-04-18 20:55:11	3738816FDEDF11DA9A077A6E9DCA395F	36932	----a-w-	C:\Users\Erik\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\suggestor@suggestor.pirrit.com.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3410450458-18125292-3348098418-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenuX"="C:\Program Files\Start Menu X\StartMenuX.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"StartMenuX"="C:\Program Files\Start Menu X\StartMenuX.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{3FAFAB7E-73F1-40A2-AF2E-9BFC7D07FE6C}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{93776467-10A1-4D9D-811F-FB46BF1C7E0C}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{145511C7-9004-4598-9545-5B2E707A3502} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MALNJS"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Chantal\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Chantal\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Erik\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Erik\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\Erik_2\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Myrthe\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=17 folders=19 14062355 bytes)

==== Empty Temp Folders ======================

C:\Users\Chantal\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Erik\AppData\Local\Temp will be emptied at reboot
C:\Users\Erik_2\AppData\Local\Temp emptied successfully
C:\Users\Myrthe\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Erik\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 24-04-2014 at 21:53:37,10 ======================