
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by r on wo 06-05-2015 at  9:08:06,72.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\r\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-05-05-092657.log	38095 bytes

==== Empty Folders Check ======================

C:\Users\r\AppData\Local\Wisdom-soft deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\KMSpico deleted
"C:\Windows\SysNative\tasks\AutoPico Daily Restart" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-04-28 20:46:48	D1E75542EC8D1B4851765A57AC63618E	1908	----a-w-	C:\Windows\diagwrn.xml
2015-04-28 20:46:48	D1E75542EC8D1B4851765A57AC63618E	1908	----a-w-	C:\Windows\diagerr.xml
====== C:\Users\R\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-05-04 07:15:43	83FBACB8A8E8A3C4CDABE1C000E481E2	238592	----a-w-	C:\Windows\SysWOW64\tmffbcpl.dll
2015-05-04 07:15:43	3C8C3CD72863FFC07422C2FA0FDBA64E	35840	----a-w-	C:\Windows\SysWOW64\tmffbdrv.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-05-04 15:16:27	E4961A967B36E434120C6ADA84B9019D	79766	----a-w-	C:\Windows\Sysnative\cc_20150504_171624.reg
2015-05-04 07:15:49	EDDAD4BC2B7E8C423DEB9F2711FE653B	208304	----a-w-	C:\Windows\Sysnative\isrt.dll
2015-05-04 07:15:49	3CD644F9FE4AB2D566A60D619284A763	41472	----a-w-	C:\Windows\Sysnative\tmffbdrv.dll
2015-05-04 07:15:49	2FE3B759F684B3E000C54A37B9724ABD	264192	----a-w-	C:\Windows\Sysnative\tmffbcpl.dll
2015-05-04 07:15:49	1567EE6F246A364BB407BC079C1B78D8	98816	----a-w-	C:\Windows\Sysnative\_IsRes.dll
====== C:\Windows\Sysnative\drivers =====
2015-04-15 14:45:39	E87A6D3B8FECD5B93BC0CFBB48C27970	991552	----a-w-	C:\Windows\Sysnative\drivers\http.sys
2015-04-15 14:45:39	8EB7E70C2D348FE2476A2E3F2D585E3D	377152	----a-w-	C:\Windows\Sysnative\drivers\clfs.sys
====== C:\Windows\Tasks ======
2015-04-22 10:57:48	--------	d-----w-	C:\Windows\Sysnative\Tasks\2BrightSparks
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-05-06 07:05:58	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2015-05-04 07:15:43	--------	d-----w-	C:\PROGRA~2\Thrustmaster
2015-05-03 08:27:29	--------	d-----w-	C:\PROGRA~2\COMMON~1\TOPCAT
2015-05-03 08:27:20	--------	d-----w-	C:\PROGRA~2\TOPCAT
2015-04-25 18:56:16	--------	d-----w-	C:\PROGRA~2\2BrightSparks
2015-04-13 19:20:44	--------	d-----w-	C:\PROGRA~2\BackUp EZCA-old
2015-04-06 20:04:02	--------	d-----w-	C:\PROGRA~2\COMMON~1\Steam
2015-04-06 20:04:00	--------	d-----w-	C:\PROGRA~2\Steam
======= C: =====
====== C:\Users\r\AppData\Roaming ======
2015-05-05 09:26:09	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-05-05 09:26:09	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-05-05 09:26:09	--------	d-----w-	C:\Users\r\AppData\Local\Temp
2015-05-05 09:26:09	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-05-05 09:26:09	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-05-03 08:27:29	--------	d-----w-	C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TOPCAT
2015-04-25 18:56:41	--------	d-----w-	C:\Users\r\AppData\Roaming\2BrightSparks
2015-04-25 18:56:25	--------	d-----w-	C:\Users\r\AppData\Local\2BrightSparks
2015-04-07 06:41:16	--------	d-----w-	C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2015-04-06 20:04:46	--------	d-----w-	C:\Users\r\AppData\Local\Steam
====== C:\Users\r ======
2015-05-05 06:52:02	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\r\Desktop\RSITx64.exe
2015-05-05 04:03:06	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2015-05-04 07:15:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Thrustmaster
2015-04-25 18:56:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\2BrightSparks
2015-04-06 21:57:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-04-06 20:04:01	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam

====== C: exe-files ==
2015-05-06 07:05:50	EED888394AC81A663F12C6EC43AB2838	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-05-06 07:05:50	4586CD8F1C929EF184098A22FE31A857	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-05-06 07:05:50	1E2E159D0621A466CFA7CE06E4DA9CAE	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-05-06 07:05:47	FF589C55E0CB6A0A1BD9570217BB1A42	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\tnameserv.exe
2015-05-06 07:05:47	C57CA849D13177E1F43CFEF51374F1EE	159328	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\unpack200.exe
2015-05-06 07:05:47	B66ED84383EA6C6218CA47BC49C15615	50784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssvagent.exe
2015-05-06 07:05:47	A1A1BC927541346D840BBB511F557848	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\policytool.exe
2015-05-06 07:05:47	5DF39BE82C777B7EDAD34E3A7A7EADB7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmid.exe
2015-05-06 07:05:47	2682BB5D60C30DCB5A2BC414D01D6764	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\rmiregistry.exe
2015-05-06 07:05:47	134D4B0A753808F8F8645DCF3FA00173	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\servertool.exe
2015-05-06 07:05:46	FD8978875A992C876AF430B35DF9CFA7	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\pack200.exe
2015-05-06 07:05:46	F16868F20E4701142FAEF8C9FA847D27	30304	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jabswitch.exe
2015-05-06 07:05:46	EF66D96BC42BCE52686A7635AB11D8DD	68192	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javacpl.exe
2015-05-06 07:05:46	EED888394AC81A663F12C6EC43AB2838	191072	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaw.exe
2015-05-06 07:05:46	D3DA34876B7F6D06D26D29CA77BD25A2	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\ktab.exe
2015-05-06 07:05:46	CF683290B3369A1491A5B8B4D19F79B3	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jjs.exe
2015-05-06 07:05:46	98903A3C01AA820E7FCC19A0A60126C0	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\klist.exe
2015-05-06 07:05:46	88FFC43B0E3BB3E30F70CB7B08D499B4	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java-rmi.exe
2015-05-06 07:05:46	4EA6A4DD2EB584C4C2BF39A9A7D0D580	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\keytool.exe
2015-05-06 07:05:46	4586CD8F1C929EF184098A22FE31A857	271968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\javaws.exe
2015-05-06 07:05:46	3C0A1F0D13A8998E9A1825A853FF3B39	15456	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\kinit.exe
2015-05-06 07:05:46	1F29E31C6B9A487FF32006C4E223BA4F	15968	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\orbd.exe
2015-05-06 07:05:46	1E2E159D0621A466CFA7CE06E4DA9CAE	190560	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\java.exe
2015-05-06 07:05:46	1CCD26E1E9FC582ABAA5D5FD1FA47A6B	76384	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2launcher.exe
2015-05-05 06:52:02	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\r\Desktop\RSITx64.exe
2015-05-04 07:15:42	F0099620EBF18D3DE62D3BAB8CE430FF	454656	----a-w-	C:\Program Files (x86)\InstallShield Installation Information\{8F5A0981-5CDC-41D0-BCA2-AD3B777FC358}\setup.exe
2015-05-01 06:25:46	349311222DAF577F0AD6497B3DF7452E	1659392	----a-w-	C:\Games\World_of_Tanks\Wot Region Changer\[0.9.6] World Of Tanks - Region Changer v3.3.exe
2015-05-01 06:25:45	E4D0A7B19457C793F48D479C2FB66C12	1243087	----a-w-	C:\Games\World_of_Tanks\unins001.exe
2015-04-30 21:48:34	65961F671ED8D7369BE6B0CF95B936B1	1221536	----a-w-	C:\Program Files (x86)\OMC ModPack Client\unins000.exe
2015-04-30 20:45:24	5CBF70FD73ED1498448C471F9672E17E	1089104	----a-w-	C:\Program Files (x86)\Google\Update\Install\{39E3B868-4FD2-450F-A0BB-69D15A2D71CB}\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-30 20:45:24	5CBF70FD73ED1498448C471F9672E17E	1089104	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\42.0.2311.135\42.0.2311.135_42.0.2311.90_chrome_updater.exe
2015-04-30 11:45:54	A413D8871FC2CC19963864A5A5E4F849	267824	----a-w-	C:\Program Files (x86)\Common Files\Java\Java Update\jaureg.exe
2015-04-30 11:45:44	34084D25BE6F48D072AA54DE630438FD	334896	----a-w-	C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
2015-04-30 11:45:34	BCBD6EF870818D88F299E9C243C191ED	1058352	----a-w-	C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
=== C: other files ==
2015-05-06 07:05:47	5DDC15149346900F16B38C65502BACA9	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_45\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

[HKEY_USERS\S-1-5-21-3461219250-293438672-4018326929-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN"
"Navigraph FMS Data Manager"="C:\Program Files (x86)\Navigraph\FMS Data Manager\NGFMSAgent.exe -autostart"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_9A2DA9E299F25626A6E5A46963D67AB5"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"

==== Startup Folders ======================

2014-05-26 05:02:47	2064	----a-w-	C:\Users\r\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ScreenHunter 6.0 Pro.lnk
2014-05-27 11:57:59	1295	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GV LicenseManager.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [20-04-2014 11:07]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{CCE0EB80-43EE-4512-8D41-428C37D64E2A}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"web2pdfextension@web2pdf.adobedotcom"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn" [23-05-2014 13:12]

==== Chromium Look ======================

Google Docs - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Bookmark Manager - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Google Wallet - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - r\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.trovi.com/?gd=&ctid=CT3321538&octid=EB_ORIGINAL_CTID&ISID=MECF93823-6DB8-489E-A332-704BE4852A88&SearchSource=55&CUI=&UM=5&UP=&SSPV=" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7GUEA_nlNL584"

==== Reset Google Chrome ======================

C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\er\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\r\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\r\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=813 folders=77 91916186 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\r\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\R\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found

==== EOF on wo 06-05-2015 at  9:22:57,21 ======================