Zoek.exe v5.0.0.0 Updated 06-September-2014 Tool run by Everaard on za 06/09/2014 at 17:33:22,95. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Everaard\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-07-16-191804.log 18788 bytes ==== Empty Folders Check ====================== C:\Program Files\freebird deleted successfully C:\Program Files\Freemake deleted successfully C:\Program Files\My Dell deleted successfully C:\Program Files\PSPaudioware deleted successfully C:\Program Files\VSTPlugins deleted successfully C:\PROGRA~2\Freemake deleted successfully C:\PROGRA~2\Nokia deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\WinZipEC deleted successfully C:\Users\Everaard\AppData\Roaming\Youtube to MP3 Converter deleted successfully C:\Users\Everaard\AppData\Local\cache deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ==== Deleting Files \ Folders ====================== C:\Users\Everaard\AppData\Roaming\Mozilla\Firefox\Profiles\cmpavyes.default-1393360129492\extensions\netvideohunter@netvideohunter.com deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\Program Files\Common Files\Wondershare" deleted "C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-09-05 20:39:03 357CEBBCD99C8928A2D1A61A6CACC168 43152 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Everaard\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-05 20:39:04 588C2C48CB267E1C4B5A9EB5ACFF0116 276432 ----a-w- C:\Windows\System32\aswBoot.exe 2014-08-28 19:42:20 7DA17C38F8B8F2E89F52C1A08FD447EB 2352640 ----a-w- C:\Windows\System32\win32k.sys 2014-08-28 19:42:19 DBF9369D554A229DB0D554BB95A4B0AA 305152 ----a-w- C:\Windows\System32\gdi32.dll ====== C:\Windows\system32\drivers ===== 2014-09-05 20:39:19 90BEE0170D70D6744CEF2355EEAF8086 192352 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-09-05 20:39:19 83378AE48209388D0F9BD16A44D19EEC 71944 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-09-05 20:39:19 51FDE588D860857A97E4C4B560E40C9B 779536 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2014-09-05 20:39:17 1AEB8CDB797666AF709A291B47AE81E0 414520 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2014-09-05 20:39:15 B7750AF7EDFD95674EB7CA92BCDD3358 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-09-05 20:39:12 C3014C735F450FE822C97FFBB0627113 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-09-05 20:39:11 3BFBB5DAE801CB893B8B46345FED6437 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-09-05 20:39:10 A4614218584E41C31C7D1CBFF0432ED5 81768 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-09-04 08:32:11 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-09-04 08:31:59 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-09-04 08:31:59 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-04 08:31:59 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-08-13 08:53:16 3583A5A8CC2E682BFFBD4630D0FEC08B 730048 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2014-08-13 08:53:16 0EC652D17AB4607745FB4E6958E8FAB6 219072 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys ====== C:\Windows\Tasks ====== 2014-09-05 20:39:26 1CBF4E6C41DD4BEAE3E93FFE3C39C429 4182 ----a-w- C:\Windows\system32\Tasks\avast! Emergency Update 2014-08-10 09:44:47 4E621DE291FCA1319CDF16F2CFA2BA13 3170 ----a-w- C:\Windows\system32\Tasks\{D315EBB2-AD7E-49EA-8FAE-C530D43A1F43} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-09-01 18:34:33 -------- d-----w- C:\Program Files\Inkscape 2014-08-17 20:21:24 -------- d-----w- C:\Program Files\Recuva 2014-08-10 13:58:44 -------- d-----w- C:\Program Files\ImgBurn 2014-08-10 09:44:27 -------- d-----w- C:\Program Files\winMd5Sum 2014-08-08 18:04:57 -------- d-----w- C:\Program Files\MSXML 4.0 ======= C: ===== ====== C:\Users\Everaard\AppData\Roaming ====== 2014-09-02 20:55:16 75704EF7C3D4BD79E6F5A410B1E00FB3 1786 ----a-w- C:\Users\Everaard\AppData\Local\recently-used.xbel 2014-09-01 18:42:10 -------- d-----w- C:\Users\Everaard\AppData\Roaming\inkscape 2014-08-17 19:40:14 -------- d-----w- C:\Users\Everaard\AppData\Local\Adobe 2014-08-15 12:30:47 -------- d-----w- C:\Users\Default\AppData\Roaming\TuneUp Software 2014-08-15 12:30:47 -------- d-----w- C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-08-10 14:10:09 -------- d-----w- C:\Users\Everaard\AppData\Roaming\ImgBurn 2014-08-10 09:44:27 -------- d-----w- C:\Users\Everaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\winMd5Sum 2014-08-08 18:04:41 -------- d-----w- C:\Users\Everaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nokia ====== C:\Users\Everaard ====== 2014-09-05 20:43:32 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Everaard\Downloads\RSIT (1).exe 2014-09-05 20:39:47 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast 2014-09-05 20:36:37 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\Users\Everaard\Downloads\avast_free_antivirus_setup_online.exe 2014-09-04 08:30:33 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Everaard\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-01 18:32:53 162972E057CC42120CBA241732BA4EA2 34573304 ----a-w- C:\Users\Everaard\Downloads\Inkscape-0.48.5-1-win32.exe 2014-08-17 20:21:25 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-08-10 13:58:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ImgBurn 2014-08-10 09:44:27 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\winMd5Sum 2014-08-08 15:44:29 827B814B9B60E4750B63B65FDF9FA91B 2490 ----a-w- C:\Users\Everaard\sample-data2.txt ====== C: exe-files == 2014-09-05 20:43:32 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Everaard\Downloads\RSIT (1).exe 2014-09-05 20:39:04 588C2C48CB267E1C4B5A9EB5ACFF0116 276432 ----a-w- C:\Windows\System32\aswBoot.exe 2014-09-05 20:36:37 4AF4D1D156DF61FC7364D1193862A068 4862664 ----a-w- C:\Users\Everaard\Downloads\avast_free_antivirus_setup_online.exe 2014-09-04 20:41:17 2FB742C226D0474202D28A5724E6CA4B 7235664 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.103\37.0.2062.103_36.0.1985.143_chrome_updater.exe 2014-09-04 08:30:33 E90BF9E1562F40140161573B79CD5720 17292760 ----a-w- C:\Users\Everaard\Downloads\mbam-setup-2.0.2.1012.exe 2014-09-01 18:39:37 6010329EC761C8DDD34763925E2699A9 383042 ----a-w- C:\Program Files\Inkscape\Uninstall.exe 2014-09-01 18:32:53 162972E057CC42120CBA241732BA4EA2 34573304 ----a-w- C:\Users\Everaard\Downloads\Inkscape-0.48.5-1-win32.exe 2014-08-31 14:10:39 9DED4724D695CFB01960426DA011ABAE 1364531 ----a-w- C:\Users\Everaard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\56OPM43U\adwcleaner_3.308.exe === C: other files == 2014-09-05 20:39:19 90BEE0170D70D6744CEF2355EEAF8086 192352 ----a-w- C:\Windows\System32\drivers\aswVmm.sys 2014-09-05 20:39:19 83378AE48209388D0F9BD16A44D19EEC 71944 ----a-w- C:\Windows\System32\drivers\aswStm.sys 2014-09-05 20:39:19 51FDE588D860857A97E4C4B560E40C9B 779536 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2014-09-05 20:39:17 1AEB8CDB797666AF709A291B47AE81E0 414520 ----a-w- C:\Windows\System32\drivers\aswsp.sys 2014-09-05 20:39:15 B7750AF7EDFD95674EB7CA92BCDD3358 49944 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys 2014-09-05 20:39:12 C3014C735F450FE822C97FFBB0627113 67824 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2014-09-05 20:39:11 3BFBB5DAE801CB893B8B46345FED6437 24184 ----a-w- C:\Windows\System32\drivers\aswHwid.sys 2014-09-05 20:39:10 A4614218584E41C31C7D1CBFF0432ED5 81768 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys 2014-09-04 08:32:11 12E71DA845D76665B56753AD149E32B3 110296 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-09-04 08:31:59 BD27D97297934FD4217A37FD28A7ABC7 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-09-04 08:31:59 8683C1B450F4B3872839308D836E0F92 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2014-09-04 08:31:59 1AA835E8A0B8EDF3D676B4ED4BF5EF07 74456 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3148597222-1007612301-3176148515-1000\Software\Microsoft\Windows\CurrentVersion\Run] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Wondershare Helper Compact.exe"="C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "nwiz"="C:\Program Files\NVIDIA Corporation\nview\nwiz.exe /installquiet" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "NSU_agent"="C:\Program Files\Nokia\Nokia Software Updater\nsu3ui_agent.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "PC Suite Tray"="C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe -onlytray" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DellSystemDetect] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DellSystemDetect" "hkey"="HKCU" "command"="C:\\Users\\Everaard\\AppData\\Local\\Apps\\2.0\\4D5PABZ5.WBQ\\H5RMXHEB.6CB\\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\\DellSystemDetect.exe" ==== Startup Folders ====================== 2013-06-01 09:19:04 1270 ----a-w- C:\Users\Everaard\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/06/2014 20:29] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [07/06/2014 20:29] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [05/09/2014 22:39] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Everaard\AppData\Roaming\Mozilla\Firefox\Profiles\cmpavyes.default-1393360129492 - YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi ProfilePath: C:\Users\Everaard\AppData\Roaming\Thunderbird\Profiles\vuxcyb2p.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Everaard\AppData\Roaming\Mozilla\Firefox\Profiles\cmpavyes.default-1393360129492 9EE20E6E2E3F94714D44F739B9A228F4 - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_179.dll - Shockwave Flash 14D06C3796CE3F6BA8F43CDF3AD65D76 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U67 0A6E5E3BEF374AA2F47071E7374EAD7B - C:\Program Files\Java\jre7\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 7.0.670.1 005EBE4A4E6E9C9A7967F6C3F413C1DF - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 421CB2C1010522B3BF7C00725520B844 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin FB5621842FDABF9F8359775573498FBC - C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll - Google Update 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 5B4DA1113F240C3F06FFF9D52761528B - C:\Users\Everaard\Picasa3\npPicasa3.dll - Picasa 0D80C49D9A4A3E096296C67BD015F614 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== C:\zoek_backup content ====================== C:\zoek_backup (files=128 folders=59 36303904 bytes) ==== EOF on za 06/09/2014 at 17:39:33,15 ======================