Zoek.exe v5.0.0.0 Updated 31-12-2014 Tool run by Gebruiker on vr 02/01/2015 at 11:58:48,63. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3VCZZ8ZV\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-01-01-211427.log 107628 bytes ==== Empty Folders Check ====================== C:\Users\Gebruiker\AppData\Local\VirtualStore deleted successfully ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== 2014-12-17 15:17:39 415FC9732A3F4D89A0E01251CD66E136 646 ----a-w- C:\Users\Gebruiker\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-5f6edf90 ====== C:\Windows\SysWOW64 ===== 2014-12-19 16:43:26 0481346D0EF668C0D4FF69A7BBEFA846 115712 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-12-19 16:43:26 5564883BFB523D5078A5B1FE3128FD63 144384 ----a-w- C:\Windows\Sysnative\ieUnatt.exe ====== C:\Windows\Sysnative\drivers ===== 2014-12-28 14:38:30 9C3AC71A9934B884FAC567A8807E9C4D 31800 ----a-w- C:\Windows\Sysnative\drivers\revoflt.sys 2014-12-16 13:30:37 70988118145F5F10EF24720B97F35F65 119296 ----a-w- C:\Windows\Sysnative\drivers\tdx.sys 2014-12-08 20:24:26 A3124AC9C0AF30ABD000A7CB5779C101 260888 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys ====== C:\Windows\Tasks ====== 2014-12-17 19:48:58 371AC2827A9378F806A02F2DCEF017F5 3290 ----a-w- C:\Windows\Sysnative\Tasks\{FD356C14-D8AE-4693-8D01-59F9E636132A} 2014-12-17 15:24:29 BB91BB7199DA26AC29423954398484A7 3990 ----a-w- C:\Windows\Sysnative\Tasks\User_Feed_Synchronization-{4D16375F-DC24-44AE-B5E0-BD3E6616B9BE} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-01-01 16:03:03 -------- d-----w- C:\Program Files\trend micro 2014-12-28 14:38:29 -------- d-----w- C:\Program Files\VS Revo Group 2014-12-17 17:09:21 -------- d-----w- C:\Program Files\Google ======= C:\PROGRA~2 ===== 2015-01-02 10:54:45 -------- d-----w- C:\PROGRA~2\di6BetterMarkIt 2014-12-28 12:19:08 -------- d-----w- C:\PROGRA~2\Pointofix 2014-12-17 15:17:31 -------- d-----w- C:\PROGRA~2\COMMON~1\Java ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2015-01-02 10:48:11 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\AVG2015 2015-01-02 10:47:20 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\AVG2015 2015-01-02 10:44:36 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg2015 2015-01-02 10:42:51 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\Avg2015 2015-01-02 10:40:26 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Avg2015 2014-12-28 14:38:40 -------- d-----w- C:\Users\Gebruiker\AppData\Local\VS Revo Group 2014-12-17 17:09:33 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Google 2014-12-17 16:25:28 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\TeamViewer 2014-12-17 15:17:28 -------- d-----w- C:\Users\Gebruiker\AppData\Locallow\Oracle ====== C:\Users\Gebruiker ====== 2015-01-02 10:44:36 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2015-01-02 10:43:02 -------- d-----w- C:\ProgramData\AVG2015 2014-12-28 14:38:31 -------- d-----w- C:\ProgramData\VS Revo Group 2014-12-28 14:38:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro 2014-12-28 12:19:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pointofix 2014-12-17 17:09:08 -------- d-----w- C:\ProgramData\Google 2014-12-17 14:48:55 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome ====== C: exe-files == 2015-01-02 10:43:36 5EFF0106585DE382D7E5CFAF2B1FA49F 320528 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe 2015-01-01 16:03:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2014-12-28 14:38:31 04EFED15350A230218D3884C95C1931F 7151696 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\ruplp.exe 2014-12-28 14:38:30 A63A1584ABFC46C4A3E103805A7C83CE 3697216 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoAppBar.exe 2014-12-28 14:38:30 7F3B3ABA994FBFCC90FF8FED64111CDB 81360 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoCmd.exe 2014-12-28 14:38:29 FC6E5B19202BF78457710BE0D0C09CDF 1278743 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\unins000.exe 2014-12-28 14:38:29 6BE17374D67AF090586F9F35A0522173 16278072 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RevoUninPro.exe 2014-12-28 12:19:08 6E4B660FC535787156086C560ECA7BC1 643109 ----a-w- C:\Program Files (x86)\Pointofix\unins000.exe 2014-12-28 12:19:08 4309A055AB7C5B88F14B87055431BF1F 645120 ----a-w- C:\Program Files (x86)\Pointofix\Pointofix.exe === C: other files == 2014-12-28 14:38:31 9C41DE96339224A51AB950A3E74FBDA4 28 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\reg_lp.bat 2014-12-28 14:38:30 9C3AC71A9934B884FAC567A8807E9C4D 31800 ----a-w- C:\Windows\System32\drivers\revoflt.sys 2014-12-28 14:38:30 9C3AC71A9934B884FAC567A8807E9C4D 31800 ----a-w- C:\Program Files\VS Revo Group\Revo Uninstaller Pro\revoflt.sys 2014-12-28 12:18:38 C81E15EB75C14435DA9BD7058849CE5C 552584 ----a-w- C:\Users\Gebruiker\Downloads\pointofix110.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "iLivid"="C:\Users\Gebruiker\AppData\Local\iLivid\iLivid.exe -autorun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Absolute Notifier"="C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" "vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "iLivid"="C:\Users\Gebruiker\AppData\Local\iLivid\iLivid.exe -autorun" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "CanonSolutionMenu"="C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe /logon" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2011-11-08 12:27:13 1778 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [17/12/2014 21:22] C:\Windows\tasks\BetterMarkIt Update.job --a------ C:\Program Files (x86)\di6BetterMarkIt\di1BetterMarkItm24.exe [] C:\Windows\tasks\BetterMarkIt_wd.job --a------ C:\Program Files (x86)\di6BetterMarkIt\di2BetterMarkItG.exe [] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/12/2012 13:35] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/12/2012 13:35] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\BetterMarkIt Update" [C:\Program Files (x86)\di6BetterMarkIt\di1BetterMarkItm24.exe] "C:\Windows\SysNative\tasks\BetterMarkIt_wd" [C:\Program Files (x86)\di6BetterMarkIt\di2BetterMarkItG.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4D16375F-DC24-44AE-B5E0-BD3E6616B9BE}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Gebruiker\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{64F83971-486E-0F31-140E-EAE44DBF0E9C}"="C:\Program Files (x86)\di6BetterMarkIt\175.xpi" [] ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dgjkhjdcljddbedokogakmmdjgnbeanf - C:\Users\Gebruiker\AppData\Roaming\SpeedAnalysis2\SpeedAnalysis.crx[] gflandjopdloblmlcoiidmncpinmmacn - C:\Users\Gebruiker\AppData\Roaming\zulagames\zulagames.crx[] jainjonnknhmbbkibcbmhihbopigapdm - C:\Program Files (x86)\Lizardlink\jainjonnknhmbbkibcbmhihbopigapdm.crx[] ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx[] MapsGalaxy - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd AVG Security Toolbar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda The weDownload Manager - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocinjngecpdhlnhggcnhjdpengmifjdl ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3114 folders=533 332524657 bytes) ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\PROGRA~3\Rpcnet" not deleted "C:\PROGRA~3\Rpcnet" not deleted ==== EOF on vr 02/01/2015 at 12:08:56,85 ======================