
Zoek.exe v5.0.0.0 Updated 13-November-2014
Tool run by Geo on do 13/11/2014 at 13:29:47,63.
Microsoft Windows 8 Pro 6.2.9200  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Geo\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

13/11/2014 13:36:30 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\BetteeRPPriceCihecc
C:\Program Files\Malwarebytes' Anti-Malware
C:\Program Files\SalesMagnett
C:\PROGRA~2\BetteeRPPriceCihecc
C:\PROGRA~2\SalesMagnett
C:\PROGRA~2\Systweak
C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308}
C:\Users\Geo\AppData\Roaming\Malwarebytes
C:\Users\Geo\AppData\Roaming\Systweak

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3928279562-192512764-2294349407-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3928279562-192512764-2294349407-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3928279562-192512764-2294349407-1000\Software\Mozilla\Firefox\Extensions\{2B7F4728-5425-D50D-43A7-CFC85F14EA12} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully

==== Deleting Files \ Folders ======================

C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\Program Files\Finale NotePad 2012 deleted
C:\Users\Geo\AppData\LocalLow\{1FE89049-AF45-B776-955E-5219E24647E4} deleted
C:\Users\Geo\AppData\LocalLow\{A98D8E05-4193-C104-A8D3-5CA355DAA1E6} deleted
C:\Users\Geo\AppData\LocalLow\{C915836E-FB14-8477-8D07-D00FC569A182} deleted
C:\Users\Geo\AppData\LocalLow\{DB2FD8A0-AA5C-740C-423A-7F96B8A21BE5} deleted
C:\PROGRA~2\fb28c6080df38b7b deleted
C:\PROGRA~2\BetteeRPPriceCihecc deleted
C:\Program Files\BetteeRPPriceCihecc deleted
C:\PROGRA~2\SalesMagnett deleted
C:\Program Files\SalesMagnett deleted
C:\Program Files\AnyProtectEx deleted
C:\Program Files\MyFree Codec deleted
C:\Program Files\Reimage deleted
C:\Users\Geo\AppData\Roaming\AnyProtectEx deleted
C:\Users\Geo\AppData\Roaming\Systweak deleted
C:\Users\Geo\{AF1D09B1-178C-4BE8-B860-DBB16CF89D11}.tmp deleted
C:\PROGRA~2\Systweak deleted
C:\PROGRA~2\Reimage Protector deleted
C:\Users\Geo\AppData\Local\nsy3102.tmp deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced-System Protector deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyFree Codec deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted
C:\Users\Geo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup deleted
C:\WINDOWS\patsearch.bin deleted
C:\Users\Geo\Downloads\avg_free_stb_all_9_40_cnet.exe deleted
C:\rei deleted
C:\Users\Geo\Downloads\ReimageRepair.exe deleted
C:\WINDOWS\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\WINDOWS\Reimage.ini deleted
C:\WINDOWS\wininit.ini deleted
C:\WINDOWS\system32\tasks\ReimageUpdater deleted
C:\WINDOWS\system32\Tasks\Reimage Reminder deleted
C:\WINDOWS\tasks\APSnotifierPP1.job deleted
C:\WINDOWS\tasks\APSnotifierPP2.job deleted
C:\WINDOWS\tasks\APSnotifierPP3.job deleted
C:\WINDOWS\system32\tasks\APSnotifierPP1 deleted
C:\WINDOWS\system32\tasks\APSnotifierPP2 deleted
C:\WINDOWS\system32\tasks\APSnotifierPP3 deleted
C:\WINDOWS\system32\drivers\Msft_Kernel_webinstrNew_01009.Wdf deleted
C:\WINDOWS\system32\config\systemprofile\Searches deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted
C:\Users\Geo\zoek.exe deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Geo\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
====== C:\WINDOWS\system32\drivers =====
2014-10-17 12:35:15	BF079843E272759BAE587FB980163293	281408	----a-w-	C:\WINDOWS\System32\drivers\volsnap.sys
2014-10-17 12:34:51	E4DE9C94F2A49BA9E8D31C7D408AEF1F	196608	----a-w-	C:\WINDOWS\System32\drivers\srvnet.sys
2014-10-17 12:34:51	B149D5CC6079190824918FCC12C15507	363328	----a-w-	C:\WINDOWS\System32\drivers\USBHUB3.SYS
2014-10-17 12:34:51	946F132B243780B8903116CCCE6EF466	550912	----a-w-	C:\WINDOWS\System32\drivers\srv2.sys
2014-10-17 12:34:51	5F5878D3D0A4E86D5D43991AFCEA908B	162304	----a-w-	C:\WINDOWS\System32\drivers\mrxsmb20.sys
2014-10-17 12:34:51	1A04B8E0C9156FB742BA41DD71C40F28	340992	----a-w-	C:\WINDOWS\System32\drivers\mrxsmb.sys
====== C:\WINDOWS\Tasks ======
2014-11-13 12:33:56	2CB693FADB6DF0E1B531F446E35A8344	3068	----a-w-	C:\WINDOWS\system32\Tasks\{B617F341-127D-4CE6-B263-0F1924EB3A27}
2014-10-23 14:31:36	--------	d-----w-	C:\WINDOWS\system32\Tasks\Safer-Networking
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2014-11-06 15:14:33	--------	d-----w-	C:\Program Files\E Dev
2014-10-31 13:04:33	--------	d-----w-	C:\Program Files\trend micro
2014-10-23 14:33:41	--------	d-----w-	C:\Program Files\Microsoft Silverlight
======= C: =====
2014-11-06 15:16:05	574E9A1363BD483B06F7BC7BA08C4E51	24463	----a-w-	C:\EPeek6nov.txt
====== C:\Users\Geo\AppData\Roaming ======
2014-10-23 14:36:46	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Roaming\QuickScan
2014-10-23 14:36:46	--------	d-----w-	C:\Users\Geo\AppData\Roaming\QuickScan
2014-10-23 14:36:12	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\AppData\Local\Programs
====== C:\Users\Geo ======
2014-11-13 11:48:15	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Geo\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-06 15:15:12	BB51947E3C29E1CF14CFBC659FC48F0A	103	----a-w-	C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2014-11-06 15:14:38	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\E-Peek
2014-10-31 13:04:03	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Geo\Downloads\RSIT.exe
2014-10-23 16:26:31	--------	d-----w-	C:\WINDOWS\serviceprofiles\Localservice\winhttp
2014-10-23 14:34:10	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

====== C: exe-files ==
2014-11-13 11:48:15	33398D340008A0577507FCA7FD443622	19828376	----a-w-	C:\Users\Geo\Downloads\mbam-setup-2.0.3.1025.exe
2014-11-08 18:27:50	BE6099044592E29EC07393939FE1815A	218112	----a-w-	C:\Users\Geo\AppData\Local\Packages\12680davesmits.ClockTile_xtsywsd52n89y\AC\Microsoft\CLR_v4.0_32\NativeImages\Clock\ff2fff2be3c927ab19645e282fe9116a\Clock.ni.exe
2014-11-08 08:59:00	F6E8EA6E9DB32F54608B222AD4453BED	81688	----a-w-	C:\Windows\Temp\DownURLadm.exe
2014-11-06 15:14:36	568F73FF4D6B6145F17F18EA75DF942E	83705	----a-w-	C:\Program Files\E Dev\E-Peek\Uninstal.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3928279562-192512764-2294349407-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"AppleIEDAV"="C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe"
"Spotify Web Helper"="C:\Users\Geo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Samsung Link"="C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe"
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe"
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
"SDTray"="C:\Program Files\Spybot - Search & Destroy 2\SDTray.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"AppleIEDAV"="C:\Program Files\Common Files\Apple\Internet Services\AppleIEDAV.exe"
"Spotify Web Helper"="C:\Users\Geo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe /preload"
"TomTomHOME.exe"="C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR"

==== Startup Folders ======================

2012-12-27 20:27:39	1271	----a-w-	C:\Users\Geo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk
2014-08-05 11:44:39	2074	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [19/12/2012 17:05]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files\Google\Update\GoogleUpdate.exe [19/12/2012 17:05]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\system32\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe]
"C:\WINDOWS\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files\Spybot - Search &amp; Destroy 2\SDUpdate.exe"]
"C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files\Spybot - Search &amp; Destroy 2\SDImmunize.exe"]
"C:\WINDOWS\system32\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files\Spybot - Search &amp; Destroy 2\SDScan.exe"]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Geo\AppData\Roaming\TomTom\HOME\Profiles\ead5d31z.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEG&bmod=TSEG;"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{401D16D1-B56D-42FD-BF77-1027943C9EF4}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{401D16D1-B56D-42FD-BF77-1027943C9EF4} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG_nlBE356"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\AnyProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1 deleted successfully

==== Empty IE Cache ======================

C:\Users\Geo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Geo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1739 folders=118 286453948 bytes)

==== Empty Temp Folders ======================

C:\Users\ann\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Geo\AppData\Local\Temp will be emptied at reboot
C:\Users\shari\AppData\Local\Temp emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Geo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on do 13/11/2014 at 13:57:26,50 ======================