Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Andrea on do 04-06-2015 at 21:05:52,12. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Andrea\Downloads\zoek (10).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-06-02-181021.log 20565 bytes ==== Empty Folders Check ====================== C:\Users\Andrea\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\IncrementEdit not found "C:\ProgramData\{4957b147-985f-1f71-4957-7b147985c51e}\The Proposal (2009)DVDR XviD DivXNL-Team(dutch subs NL).exe" not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Andrea\AppData\Local\Temp ==== 2015-06-04 19:11:34 3E0DFC13D014E7D33937EB37EAA5B8D0 43008 ----a-w- C:\Users\Andrea\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_xxktn.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-05-31 18:54:55 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-05-31 18:54:29 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-05-31 18:54:29 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-05-31 18:54:29 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-05-16 20:16:21 95B0179BDA907252025DEEA183699FB3 467776 -c--a-w- C:\Windows\Sysnative\drivers\USBHUB3.SYS 2015-05-16 20:16:20 272A62B660A48AEF366F8A1836CED19F 57856 -c--a-w- C:\Windows\Sysnative\drivers\bthhfenum.sys 2015-05-16 20:16:18 FE14D249D39368CA62D8DA6BC94AC694 80384 ----a-w- C:\Windows\Sysnative\drivers\ahcache.sys 2015-05-16 20:15:46 C54B6B2170BF628FD42F799A66956D75 239424 -c--a-w- C:\Windows\Sysnative\drivers\sdbus.sys 2015-05-16 20:15:46 95E295FD19F80B3AD33629B5AEFEC9C7 154432 -c--a-w- C:\Windows\Sysnative\drivers\dumpsd.sys 2015-05-16 20:15:43 C61EAF8E1E4B2F62BA4FDF457440B2C6 316416 ----a-w- C:\Windows\Sysnative\drivers\udfs.sys 2015-05-12 20:02:41 5E5AB950693F2C6D6ACBEE3A74697ED7 561928 ----a-w- C:\Windows\Sysnative\drivers\cng.sys ====== C:\Windows\Tasks ====== 2015-06-02 17:04:41 D429B45BB60AAB9FE4E91BE7C0308805 994 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001Core.job 2015-06-02 17:04:41 B5532B994C9F15463D97997909B57649 3614 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001Core 2015-06-02 17:04:41 A0DC5B02CA52ADF15B9E6D3DA1676573 1046 ----a-w- C:\Windows\Tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001UA.job 2015-06-02 17:04:41 361916D3058D8549AF8827BB47A078CA 3994 ----a-w- C:\Windows\Sysnative\Tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001UA 2015-05-15 21:16:02 6B09FDCDD867B468D6D2D1F038B27F0F 3334 ----a-w- C:\Windows\Sysnative\Tasks\AcerCloud ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-31 10:08:10 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Andrea\AppData\Roaming ====== 2015-06-04 19:11:17 -------- d-----w- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-06-02 18:08:56 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-06-02 18:08:56 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-06-02 18:08:56 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-06-02 18:08:56 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-06-02 18:08:56 -------- d-----w- C:\Users\Andrea\AppData\Local\Temp 2015-06-02 17:04:40 -------- d-----w- C:\Users\Andrea\AppData\Local\Dropbox 2015-05-31 18:53:42 -------- d-----w- C:\Users\Andrea\AppData\Local\Programs 2015-05-31 09:38:49 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Andrea\AppData\Local\Temp.dat 2015-05-23 16:16:08 0B1FEA79DCB19DEA0D3C78B6D79D3716 24 ----a-w- C:\Users\Andrea\AppData\Roaming\appdataFr25.bin ====== C:\Users\Andrea ====== 2015-06-02 17:04:40 -------- d-----w- C:\ProgramData\Dropbox 2015-06-01 19:32:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Andrea\Downloads\RSITx64 (1).exe 2015-05-31 18:53:00 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Andrea\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-31 13:14:40 5B73E70C3FD8EBFC6F284001C615749C 2223104 ----a-w- C:\Users\Andrea\Downloads\adwcleaner_4.205.exe 2015-05-31 10:07:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Andrea\Downloads\RSITx64.exe ====== C: exe-files == 2015-06-04 19:10:26 7600CCE72F3113523E851F21CCE3E534 50019960 ----a-w- C:\Users\Andrea\AppData\Local\Dropbox\Update\Install\{7BA5D5BD-89A5-42D3-BECA-718D83168620}\DropboxClient_3.6.5.exe 2015-06-04 19:10:23 7600CCE72F3113523E851F21CCE3E534 50019960 ----a-w- C:\Users\Andrea\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.6.5\DropboxClient_3.6.5.exe 2015-06-02 17:05:43 DA42C8B7E763F5336D55295CB12E5AFF 49664 ----a-w- C:\Users\Andrea\AppData\Roaming\Dropbox\bin\w9xpopen.exe 2015-06-02 17:04:41 093257278B14FE760718742493F238B4 80752 ----atw- C:\Users\Andrea\AppData\Local\Dropbox\Update\1.3.27.19\DropboxUpdateOnDemand.exe 2015-06-02 17:04:40 7C6D524C78A1722AD987B9E47AC1FEE2 134512 ----atw- C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe 2015-06-02 17:04:40 7C6D524C78A1722AD987B9E47AC1FEE2 134512 ----atw- C:\Users\Andrea\AppData\Local\Dropbox\Update\1.3.27.19\DropboxUpdate.exe 2015-06-02 17:04:40 7C6D524C78A1722AD987B9E47AC1FEE2 134512 ----atw- C:\Users\Andrea\AppData\Local\Dropbox\Update\1.3.27.19\DropboxCrashHandler.exe 2015-06-02 17:04:40 39B66AAA409546E80120C3A1366C865D 80240 ----atw- C:\Users\Andrea\AppData\Local\Dropbox\Update\1.3.27.19\DropboxUpdateBroker.exe 2015-06-01 19:32:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Andrea\Downloads\RSITx64 (1).exe 2015-05-31 18:53:00 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Andrea\Downloads\mbam-setup-2.1.6.1022.exe 2015-05-31 13:14:40 5B73E70C3FD8EBFC6F284001C615749C 2223104 ----a-w- C:\Users\Andrea\Downloads\adwcleaner_4.205.exe 2015-05-31 10:08:10 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Andrea.exe 2015-05-31 10:07:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Andrea\Downloads\RSITx64.exe 2015-05-30 13:35:26 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\SwReporter\3.21.0\software_reporter_tool.exe === C: other files == 2015-05-31 18:54:55 E9CD058C79EA15B4AA93E259FA713B07 136408 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-05-31 18:54:29 54D70409DE6932E9EFA117779611E7A9 107736 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-05-31 18:54:29 28B597A61C9AC9B59BC0573D70A62CBF 64216 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-05-31 18:54:29 1E9E32AEC3E1EB1B31B8169F33168B56 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2675814900-1963275690-1422733052-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Dropbox Update"="C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" [HKEY_USERS\S-1-5-21-2675814900-1963275690-1422733052-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"="C:\Users\Andrea\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Andrea\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BacKGround Agent"="C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "abDocsDllLoader"="C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "Dropbox Update"="C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #2"="C:\Users\Andrea\AppData\Local\Pokki\Engine\HostAppService.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Andrea\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Folders ====================== 2015-04-25 18:07:40 1154 ----a-w- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2015-03-30 13:23:54 2269 ----a-w- C:\Users\Andrea\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\The Proposal (2009)DVDR XviD DivXNL-Team(dutch subs NL).lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001Core.job --a-------- C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe [02-06-2015 19:04] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001UA.job --a-------- C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe [02-06-2015 19:04] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-06-2014 17:50] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15-06-2014 17:50] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe] "C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001Core" [C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2675814900-1963275690-1422733052-1001UA" [C:\Users\Andrea\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\Windows\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\Windows\SysNative\tasks\Norton Online Backup ARA" [C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.5.0.9\\Ara.exe] "C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\Windows\SysNative\tasks\Synaptics TouchPad Enhancements" ["C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{512F3CE6-29AB-4C12-B691-73D6769F7F9C}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 ==== Chromium Fix ====================== C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage deleted successfully C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Andrea\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Andrea\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Andrea\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Andrea\AppData\Local\Microsoft\Windows\INetCache\IE\888T9UR0 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Andrea\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=798 folders=83 246009966 bytes) ==== Empty Temp Folders ====================== C:\Users\Andrea\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Andrea\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Andrea\AppData\Local\Microsoft\Windows\INetCache\IE\888T9UR0" not found ==== EOF on do 04-06-2015 at 21:25:15,11 ======================