
Zoek.exe v5.0.0.0 Updated 05-February-2015
Tool run by Floor on do 05-02-2015 at 21:49:17,51.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Floor\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-09-11-190429.log	56835 bytes
C:\zoek-results2014-09-13-080503.log	6058 bytes
C:\zoek-results2014-09-13-124520.log	1385 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~3\AMD deleted successfully
C:\Users\Floor\AppData\Roaming\Malwarebytes deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Floor\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2015-01-13 20:00:18	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-01-29 20:45:16	--------	d-----w-	C:\Program Files\SUPERAntiSpyware
======= C:\PROGRA~2 =====
2015-01-09 22:41:17	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2015-01-09 19:14:45	--------	d-----w-	C:\PROGRA~2\Raptr
======= C: =====
====== C:\Users\Floor\AppData\Roaming ======
2015-01-29 20:45:56	--------	d-----w-	C:\Users\Floor\AppData\Roaming\SUPERAntiSpyware.com
2015-01-09 19:15:22	--------	d-----w-	C:\Users\Floor\AppData\Roaming\library_dir
2015-01-09 19:14:45	--------	d-----w-	C:\Users\Floor\AppData\Roaming\Raptr
====== C:\Users\Floor ======
2015-01-29 20:45:25	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-29 20:45:16	--------	d-----w-	C:\ProgramData\SUPERAntiSpyware.com
2015-01-09 19:15:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved

====== C: exe-files ==
2015-02-05 15:54:05	FD98434B6A06FE31A35E4BFBC827B290	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe
2015-02-05 15:54:05	5F0A3AA68785C49454F56C9F2DDA0237	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateWebPlugin.exe
2015-02-05 15:54:05	4C02536F4CA35911FB3EA5715F300C57	52040	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateBroker.exe
2015-02-05 15:54:04	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateSetup.exe
2015-02-05 15:53:56	F3B6470DA7CE34E559D3BA7365CC909C	115528	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdateComRegisterShell64.exe
2015-02-05 15:53:55	323CFFFDAF253AC65CD194A101BE6231	287048	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
2015-02-05 15:53:54	83BB030C71C9727DCFB2737005772C4E	232264	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
2015-02-05 15:53:41	E1B44A75947137F4143308D566889837	107848	----atw-	C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleUpdate.exe
2015-02-05 15:53:32	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\Install\{0F6E6B9F-6F7D-439C-8B47-E5D7E71D09E5}\GoogleUpdateSetup.exe
2015-02-05 15:53:32	7CA00A58AA808F4B9844C91845910377	880208	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.26.9\GoogleUpdateSetup.exe
2015-02-04 17:54:27	5C7DF84A08BAAB0C79863E5B4B10F51C	50557048	----a-w-	C:\Users\Floor\AppData\Roaming\Raptr\raptr-4.3.4-r92200-release.exe
2015-01-30 23:23:56	CF9BA33C05F698644E790FF80AB96295	41175632	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.94\40.0.2214.94_chrome_installer.exe
2015-01-30 22:25:40	ACFE2A5FBB735E6463B51D19A84B5C1E	55568	----a-w-	C:\Program Files (x86)\Raptr\raptrstub.exe
2015-01-30 22:25:40	36218A78B6C9444B0625429731CD699A	4214544	----a-w-	C:\Program Files (x86)\Raptr\vcredist_x86.exe
2015-01-30 22:25:38	7EC8645C8DAA089C595018BA5EAF0498	45840	----a-w-	C:\Program Files (x86)\Raptr\raptr_im.exe
2015-01-30 22:25:38	49C914FF2BD5F6441EE9BD5AF7CB08F4	784656	----a-w-	C:\Program Files (x86)\Raptr\raptr_encoder_server64-91954.exe
2015-01-30 22:25:36	F03D1CE09EECE58C3631F6C66458A2AD	665360	----a-w-	C:\Program Files (x86)\Raptr\raptr_encoder_server-91954.exe
2015-01-30 22:25:36	9191E9FA8AB425463F72FDA505C9CD8F	67344	----a-w-	C:\Program Files (x86)\Raptr\raptr.exe
2015-01-30 22:25:36	1B70DD66BC64A73797787833BFA75CD0	45328	----a-w-	C:\Program Files (x86)\Raptr\f2p_ping.exe
=== C: other files ==
2015-01-31 09:26:55	952E717574469A91BCC32B6B162BC2A0	7780120	----a-w-	C:\Program Files\SUPERAntiSpyware\03b4c6ee-040d-48c1-8fe4-0adb02bdd817.com
2015-01-30 22:25:22	C58C0D20819E431301B8950ED46F2B5B	10021764	----a-w-	C:\Program Files (x86)\Raptr\library.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-141183551-364569769-11937283-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"
"F-Secure Hoster (45123)"="C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"F-Secure Manager"="C:\Program Files (x86)\Internetbeveiliging\apps\ComputerSecurity\Common\FSM32.EXE /splash"
"Raptr"="C:\PROGRA~2\Raptr\raptrstub.exe --startup"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.84.161\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iTunesHelper"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2011-04-13 02:49:43	2062	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
2014-05-31 22:06:18	2617	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 21:52]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 10:10]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21-10-2014 10:10]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\ASUS\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Floor\AppData\Roaming\Mozilla\Firefox\Profiles\4dnj3xb7.default
user_pref("browser.startup.homepage", "www.google.nl");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 11:36]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Floor\AppData\Roaming\Mozilla\Firefox\Profiles\4dnj3xb7.default
0FC325593893749364EC4A733E7D9100	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 40.0.2214.94 (Up to date, latest Stable version: 40.0.2214.94)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]

Google Slides - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Floor\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://asus.msn.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Floor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Floor\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Floor\AppData\Local\Mozilla\Firefox\Profiles\4dnj3xb7.default\cache2 will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\Floor\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=187 folders=111 20455204 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Floor\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Floor\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 06-02-2015 at 11:08:16,51 ======================