
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Vince on vr 19/06/2015 at 21:15:17,06.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vince\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

19/06/2015 21:17:57 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~3\regid.1986-12.com.adobe deleted successfully
C:\Users\Vince\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD1AA855-40B2-45C1-9BFB-E0D8027EFE14}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CD1AA855-40B2-45C1-9BFB-E0D8027EFE14}] 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\DeaLSPPacae not found
c:\programdata\{31f7d0b4-66f0-2a0c-31f7-7d0b466f42d1} not found
"C:\ProgramData\{3d22c4da-d36c-bdf7-3d22-2c4dad36136b}\Gta5Keygen.exe" not found
C:\PROGRA~2\FRQc  Flash Render Quality changer deleted
C:\ProgramData\10603136380381423225 deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
"C:\Windows\tasks\DataMarker.job" deleted
"C:\Windows\tasks\DriverNavigator Scheduled Scan.job" deleted
"C:\scan1306.txt" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Vince\AppData\Local\Temp ====
2015-06-13 16:40:50	0CFC0308F76EC217C457F54DDFCB3077	43008	----a-w-	C:\Users\Vince\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpizbfxr.dll
2015-06-13 11:00:26	E7211441D93ECED6CC1CFB538C6EE3EF	2560512	----a-w-	C:\Users\Vince\AppData\Local\Temp\DA98\temp\ExtraLift.xyz.exe
2015-06-13 10:58:57	9D8EB7BEF46E321F007AE85ADD64B5A1	4096	----a-w-	C:\Users\Vince\AppData\Local\Temp\ntwdblib.dll
2015-06-13 10:58:55	F9F22FF9DEFB7230871A904C1F452223	2582528	----a-w-	C:\Users\Vince\AppData\Local\Temp\1774412226846802591b.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-06-13 16:26:04	02BE9F037101364A565D224194337B0C	207872	----a-w-	C:\Windows\SysWOW64\rastapi.dll
2015-06-13 16:25:57	33BC1A74FA72C3B0EE04A23FDE1045FC	158720	----a-w-	C:\Windows\SysWOW64\rgb9rast.dll
2015-06-13 10:58:58	9D8EB7BEF46E321F007AE85ADD64B5A1	4096	----a-w-	C:\Windows\SysWOW64\ntwdblib.dll
2015-06-09 20:03:54	B0EDCA1168C874812A180EBCD1A43EB5	549888	----a-w-	C:\Windows\SysWOW64\comctl32.dll
2015-06-09 20:03:53	975421AC32F9F6E27A58F75DAB4B5871	19607040	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-06-09 20:03:52	DB254D50B4527C2821C537E0587B44E8	12829696	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-06-09 20:03:51	E4EB138060BAE0DBAB1A3B71A3141FE7	1950720	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-06-09 20:03:51	927E38A35E4DFC4E294BD130BAA6F759	2278912	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-06-09 20:03:51	53E9614ADFA6A40A452BA014CEF6F261	1309696	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-06-09 20:03:51	3FD7E6DB5D81FE400DB4D81D278596E6	4305920	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-06-09 20:03:50	F26680AF396F89F7ABFDA1D1D6B62011	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-06-09 20:03:50	EF853EA2A6A7BD891CCF31B0C2915352	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-06-09 20:03:50	C27C8CACEBC712BE2AD791715E9734EC	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-06-09 20:03:50	B6D8148C1C697A7BF04EE0FE82408B6A	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-06-09 20:03:50	AE8F02C9B1DC7364A94ABEB6E396611C	327168	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-06-09 20:03:50	96837E5864777688477AF6DE2332C06D	503808	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-06-09 20:03:50	7DBCBB1647B7CD71E2039C1B50A12717	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-06-09 20:03:50	4ABEEF30EA5B9F4718312DCB60B6C9BC	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-06-09 20:03:50	3B850134010B7CCC546C29D51405C9DA	1042944	----a-w-	C:\Windows\SysWOW64\actxprxy.dll
2015-06-09 20:03:50	2DED8A99E45053C42DD21D6937D3960C	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-06-09 20:03:49	8AE1E22527BC203BAD89212F6D09F038	880128	----a-w-	C:\Windows\SysWOW64\inetcomm.dll
2015-06-09 20:03:49	7467B0605897898F8F32B4B9B9041F51	128000	----a-w-	C:\Windows\SysWOW64\iepeers.dll
2015-06-09 20:03:49	6B7210618D7E2CE0404ECF748701253A	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-06-13 16:26:05	D044FD35EEC3BF683B963DE10A5E00C3	222208	----a-w-	C:\Windows\Sysnative\rastapi.dll
2015-06-13 16:25:51	574F2184043FAF24B588BA12B3CC99CC	410336	----a-w-	C:\Windows\Sysnative\ApnDatabase.xml
2015-06-09 20:03:54	A29BAFC1543F9D2234AFFFEA9BCE76C8	24917504	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-06-09 20:03:54	0341BF7622E0D547446DB254868EF965	653824	----a-w-	C:\Windows\Sysnative\comctl32.dll
2015-06-09 20:03:52	CFA52E2FE8E623042A1EEF96EB1B9481	6026240	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-06-09 20:03:52	417F80E4AFBA1AA9EBBD618F1C6D9165	2426880	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-06-09 20:03:51	AE5A2843B4A2E1E558B9EE13EF62CCE5	14404096	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-06-09 20:03:51	6E295C7364DAEB151CC0E98434B6AC92	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-06-09 20:03:51	6ABFC5736EC920C4436F32111F5CBCEE	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-06-09 20:03:50	FF84182188CA8F0DC28CFED06C9B7816	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-06-09 20:03:50	86FDFEA67833DB261EC01A777594EDCF	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-06-09 20:03:50	83781DF625A4448B39410D7FA2BDC48D	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-06-09 20:03:50	7F8F9AE03D1BA4354671E05F07A40F1A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-06-09 20:03:50	7B4A7D55E905ED9A0A4B1263BA7C6944	2865152	----a-w-	C:\Windows\Sysnative\actxprxy.dll
2015-06-09 20:03:50	614604C8D322D0779E426917CAFE4F3E	262144	----a-w-	C:\Windows\Sysnative\webcheck.dll
2015-06-09 20:03:50	3854BFE1C0F14872C94501421CC40813	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-06-09 20:03:50	33B5F1A727FACDEA7CDA0E35FFAADDCF	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-06-09 20:03:50	2BC2D3A41BB755487FD55C09938F00BC	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-06-09 20:03:50	083BCA14FCE290D682D8DAC9372CBF23	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-06-09 20:03:49	ACD6FE6C82B93813F023FC01A51CB940	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-06-09 20:03:49	9EFAF10AF9BFA6CDBDDE3D8C5EDC3453	145408	----a-w-	C:\Windows\Sysnative\iepeers.dll
2015-06-09 20:03:49	35622F5A652C4E16774234DCA0026E74	633856	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-06-09 20:03:49	1E31F06BE53F11CF5E660284E68587AC	374272	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-06-09 20:03:49	11E5CD954CC38080471E7CC2CA1558AE	1032704	----a-w-	C:\Windows\Sysnative\inetcomm.dll
2015-06-09 20:03:40	6CCC851608DD076C13E37737BB75A9DC	4177920	----a-w-	C:\Windows\Sysnative\win32k.sys
====== C:\Windows\Sysnative\drivers =====
2015-06-14 10:34:27	60F5579B6B33F509C52200207F79B795	79064	----a-w-	C:\Windows\Sysnative\drivers\tbir.sys
2015-06-13 14:55:17	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-06-13 14:55:03	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-06-13 14:55:03	28B597A61C9AC9B59BC0573D70A62CBF	64216	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-06-13 14:55:03	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-06-13 16:55:28	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\Vince\AppData\Roaming ======
2015-06-13 16:31:57	--------	d-----w-	C:\Users\Vince\AppData\Local\GWX
2015-06-13 11:00:26	7AE6764D51597A055E29CEFE1BCB9106	24	----a-w-	C:\Users\Vince\AppData\Roaming\appdataFr25.bin
2015-06-04 22:26:53	--------	d-----w-	C:\Users\Vince\AppData\Roaming\dvdcss
====== C:\Users\Vince ======
2015-06-13 17:07:12	6F3601EC89A6D1A9107508DDABCFE624	47225760	----a-w-	C:\Users\Vince\Downloads\BDPUARLauncher.exe
2015-06-13 16:55:13	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vince\Downloads\RSITx64.exe
2015-06-13 16:38:19	D56605A4F5CE2DBEBA1540304827B394	2231296	----a-w-	C:\Users\Vince\Downloads\AdwCleaner.exe
2015-06-13 14:55:40	8611C95230B655AE661AAEDC17BAA152	6549184	----a-w-	C:\Users\Vince\Downloads\ccsetup506.exe
2015-06-13 14:54:28	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Vince\Downloads\mbam-setup-2.1.6.1022.exe

====== C: exe-files ==
2015-06-18 10:39:53	8202C1A1406E737AE4252426AAC23D97	41377496	----a-w-	C:\Users\Vince\AppData\Local\Spotify\Update\spotify_installer-1.0.7.157.g2a6526f9-88.exe
2015-06-13 17:07:12	6F3601EC89A6D1A9107508DDABCFE624	47225760	----a-w-	C:\Users\Vince\Downloads\BDPUARLauncher.exe
2015-06-13 16:55:29	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Vince.exe
2015-06-13 16:55:13	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vince\Downloads\RSITx64.exe
2015-06-13 16:38:19	D56605A4F5CE2DBEBA1540304827B394	2231296	----a-w-	C:\Users\Vince\Downloads\AdwCleaner.exe
2015-06-13 14:55:40	8611C95230B655AE661AAEDC17BAA152	6549184	----a-w-	C:\Users\Vince\Downloads\ccsetup506.exe
2015-06-13 14:54:28	6CDEAC78E5677E304477FB36351C3195	21546080	----a-w-	C:\Users\Vince\Downloads\mbam-setup-2.1.6.1022.exe
2015-06-13 11:00:26	E7211441D93ECED6CC1CFB538C6EE3EF	2560512	----a-w-	C:\Users\Vince\AppData\Local\Temp\DA98\temp\ExtraLift.xyz.exe
2015-06-13 10:58:55	F9F22FF9DEFB7230871A904C1F452223	2582528	----a-w-	C:\Users\Vince\AppData\Local\Temp\1774412226846802591b.exe
=== C: other files ==
2015-06-14 10:34:27	60F5579B6B33F509C52200207F79B795	79064	----a-w-	C:\Windows\System32\drivers\tbir.sys
2015-06-13 14:55:17	E9CD058C79EA15B4AA93E259FA713B07	136408	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-06-13 14:55:03	54D70409DE6932E9EFA117779611E7A9	107736	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-06-13 14:55:03	28B597A61C9AC9B59BC0573D70A62CBF	64216	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-06-13 14:55:03	1E9E32AEC3E1EB1B31B8169F33168B56	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3695724655-15673168-2045758680-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_D35B1BF4BD75BF2165A72410A77FFBF1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify Web Helper"="C:\Users\Vince\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Vince\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleChromeAutoLaunch_D35B1BF4BD75BF2165A72410A77FFBF1"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window"
"Spotify Web Helper"="C:\Users\Vince\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Vince\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Folders ======================

2015-03-06 19:20:06	1147	----a-w-	C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2015-04-29 10:54:41	1950	----a-w-	C:\Users\Vince\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gta5Keygen.lnk

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

==== Chromium Look ======================

Google Slides - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
AdBlock - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Vince\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Vince\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Vince\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=37 folders=32 28153067 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Vince\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Vince\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on vr 19/06/2015 at 21:35:23,91 ======================