Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by on ma 09-06-2014 at 23:15:05,94. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: E:\Software\PcHelpforum files\Zoek.exe\zoek.exe [Scan all users] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-06-04-063321.log 47804 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-05-23 19:56:37 12A2F4B8A209CFE811F454DDC09C65AB 61 --sh--w- C:\Windows\cnerolf.bin ====== C:\Users\j~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-05 15:16:56 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-09 18:27:08 FF8C13A9515BE95054C50D69AFF3D8DF 850 ----a-w- C:\Windows\Sysnative\cc_20140609_202704.reg 2014-06-06 15:11:09 F90D972A55BD4F1E51839951F2004AD1 10752 ----a-w- C:\Windows\Sysnative\cc_20140606_171103.reg 2014-06-01 06:13:16 E9C92676D001213C8CF81CACFD0E276B 99004 ----a-w- C:\Windows\Sysnative\cc_20140601_081221 1-6-2014.reg ====== C:\Windows\Sysnative\drivers ===== 2014-05-26 09:16:43 F38232291F05CE25BA1C47FB51EB64CB 206080 ----a-w- C:\Windows\Sysnative\drivers\ssudmdm.sys 2014-05-26 09:16:43 1E0F456A03E204F92D24437CD907A512 110336 ----a-w- C:\Windows\Sysnative\drivers\ssudbus.sys 2014-05-17 08:07:43 019CC610AD95FF47EAD7C08B7A683B96 257880 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-05-17 08:07:42 6CC1BB8F6851A262E2E824F0E92D5EEF 123224 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-05-17 08:07:41 F5D4FA3E1F4879C361FFF3855259D2C2 35856 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2014-05-15 08:15:54 77B0CB56D53C9B7BC5A5BCDCB3A8E2F8 3172632 ----a-w- C:\Windows\Sysnative\drivers\gvzkrnl.sys 2014-05-15 08:15:54 628F3B8D1A8522461F6A29B3ECFF8910 54040 ----a-w- C:\Windows\Sysnative\drivers\clpkrnl.sys 2014-05-15 08:15:54 4FB72D0CDEDA92C0470334A79FDE65BC 48920 ----a-w- C:\Windows\Sysnative\drivers\pnxakrnl.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-07 14:04:14 -------- d-----w- C:\Program Files\Speccy 2014-06-04 04:22:28 -------- d-----w- C:\Program Files\trend micro 2014-06-02 08:02:44 -------- d-----w- C:\Program Files\CyberLink 2014-06-02 08:01:28 -------- d-----w- C:\Program Files\Common Files\OFX 2014-06-02 08:01:26 -------- d-----w- C:\Program Files\Common Files\NewBlue 2014-06-02 08:01:20 -------- d-----w- C:\Program Files\NewBlue 2014-05-27 12:02:16 -------- d-----w- C:\Program Files\Grass Valley 2014-05-27 12:02:16 -------- d-----w- C:\Program Files\Common Files\Canopus Shared ======= C:\PROGRA~2 ===== 2014-06-02 08:02:44 -------- d-----w- C:\PROGRA~2\CyberLink 2014-06-02 08:01:49 -------- d-----w- C:\PROGRA~2\COMMON~1\eSellerate 2014-06-02 08:01:27 -------- d-----w- C:\PROGRA~2\COMMON~1\OFX 2014-05-31 08:31:51 -------- d-----w- C:\PROGRA~2\DAMN NFO Viewer 2014-05-27 16:20:09 -------- d-----w- C:\PROGRA~2\Portable 2014-05-27 11:57:54 -------- d-----w- C:\PROGRA~2\Grass Valley 2014-05-27 11:57:54 -------- d-----w- C:\PROGRA~2\COMMON~1\Canopus Shared 2014-05-25 21:19:56 -------- d-----w- C:\PROGRA~2\EZCA 2014-05-23 05:18:29 -------- d-----w- C:\PROGRA~2\Windows Installer Clean Up 2014-05-18 06:43:04 -------- d-----w- C:\PROGRA~2\Wisdom-soft ScreenHunter 6.0 Pro 2014-05-15 14:09:19 -------- d-----w- C:\PROGRA~2\7 Sticky Notes 2014-05-13 06:54:33 -------- d-----w- C:\PROGRA~2\Microsoft 2014-05-13 06:51:53 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared 2014-05-13 06:51:03 -------- d-----w- C:\PROGRA~2\PMDG Operations Center ======= C: ===== 2014-05-19 12:25:33 56284B626858E2E6180F2F6CB2DCEAE2 270 ----a-w- C:\trike_.ini ====== C:\Users\ \AppData\Roaming ====== 2014-06-09 11:40:11 -------- d-----w- C:\Users\ \AppData\Roaming\AVG 2014-06-09 11:40:11 -------- d-----w- C:\Users\ \AppData\Local\AVG 2014-06-09 11:26:36 -------- d-----w- C:\Users\ \AppData\Roaming\MPEG Streamclip 2014-06-07 14:04:23 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking 2014-06-04 06:33:36 -------- d-----w- C:\Users\ \AppData\Local\Wisdom-soft 2014-06-04 06:32:29 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-04 06:32:29 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-04 06:32:29 -------- d-----w- C:\Users\ \AppData\Local\Temp 2014-06-04 06:32:29 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-04 06:32:29 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-03 11:48:31 -------- d-----w- C:\Users\ \AppData\Roaming\Titler 2.0 2014-06-01 11:26:27 -------- d-----w- C:\Users\ \AppData\Local\Microsoft Toolkit 2014-05-28 18:36:29 -------- d-----w- C:\Users\ \AppData\Roaming\VS Revo Group 2014-05-27 16:20:10 -------- d-----w- C:\Users\ AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs 2014-05-27 13:05:34 -------- d-----w- C:\Users\ \AppData\Roaming\Grass Valley 2014-05-18 06:43:06 -------- d-----w- C:\Users\j\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Pro 2014-05-16 13:06:12 -------- d-----w- C:\Users\ \AppData\Roaming\EZCA 2014-05-15 14:09:39 -------- d-----w- C:\Users\ \AppData\Roaming\7 Sticky Notes 2014-05-13 06:51:05 -------- d-----w- C:\Users\ \AppData\Roaming\RAASPRO ====== C:\Users\ ====== 2014-06-09 18:54:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\j\Desktop\RSITx64.exe 2014-06-09 11:40:02 -------- d-----w- C:\ProgramData\AVG 2014-06-09 11:39:49 -------- d--h--w- C:\ProgramData\Common Files 2014-06-07 14:04:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2014-06-07 14:03:32 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\j\Desktop\spsetup126.exe 2014-06-02 08:01:58 -------- d-----w- C:\ProgramData\eSellerate 2014-06-02 08:01:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewBlue 2014-05-31 13:46:21 -------- d-----w- C:\ProgramData\Comodo 2014-05-31 13:45:53 531580A13F527C55822FE6D3EF1DC2F3 230403208 ----a-w- C:\Users\j\Downloads\Comodo Fire Wall Blocker.exe 2014-05-27 13:07:33 4242EA27C510E8CECEB28312966492A8 309584856 ----a-w- C:\Users\j\Downloads\EDIUS_7.31_0962_Updater.exe 2014-05-27 13:05:34 -------- d-----w- C:\ProgramData\Grass Valley 2014-05-27 11:57:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grass Valley 2014-05-23 15:02:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\aerosoft 2014-05-18 06:43:06 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wisdom-soft ScreenHunter 6 Pro 2014-05-17 08:45:37 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZCA 2014-05-17 08:10:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7 Sticky Notes ====== C: exe-files == 2014-06-09 18:54:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\j\Desktop\RSITx64.exe 2014-06-07 14:03:32 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\j\Desktop\spsetup126.exe 2014-06-04 04:22:28 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\j.exe 2014-06-03 09:22:05 6CF799115664308D07C0C8DB444197C4 162438 ----a-w- C:\Program Files (x86)\NewBlue\Video Essentials for Windows\Uninstall.exe === C: other files == 2014-06-09 06:19:57 E46EF728E7A0AEA06956D3C8C5046D41 13680951 ----a-w- C:\Users\j\Desktop\FS_Build_Word_Web_Lay-out.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_USERS\S-1-5-21-3461219250-293438672-4018326929-1001\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" "LWS"="C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" ==== Startup Folders ====================== 2014-05-26 05:02:47 2064 ----a-w- C:\Users\j\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 6.0 Pro.lnk 2014-05-27 11:57:59 1295 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GV LicenseManager.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{CCE0EB80-43EE-4512-8D41-428C37D64E2A}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [23-05-2014 13:12] ==== Chrome Look ====================== Google Docs - j\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - j\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - j\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - j\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - j\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - jAppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\j\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\j\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\j\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=294 folders=74 51029562 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\j\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\j~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 09-06-2014 at 23:25:09,98 ======================