
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Marcel on zo 20/04/2014 at 22:25:31,22.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marcel\Downloads\zoek\zoek.exe [Scan all users]   [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2014-02-06-150046.log	9969 bytes

==== Empty Folders Check ======================

C:\PROGRA~2\backup deleted successfully
C:\PROGRA~2\complexbackup deleted successfully
C:\PROGRA~2\createpart deleted successfully
C:\PROGRA~2\explauncher deleted successfully
C:\PROGRA~2\launcher deleted successfully
C:\PROGRA~2\managecapsule deleted successfully
C:\PROGRA~2\Oracle deleted successfully
C:\PROGRA~2\redistpart deleted successfully
C:\Users\Marcel\AppData\Local\ms-drivers deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Common Files\Wondershare deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-04-19 18:26:06	0B5A0005C0BDF4A05174576AF80DEA04	43152	----a-w-	C:\Windows\avastSS.scr
2014-03-31 19:34:22	907AE50A03DEEC4CFFDC70EA3D5AD4D8	322248	----a-w-	C:\Windows\WLXPGSS.SCR
====== C:\Users\Marcel\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
2014-04-17 18:58:09	CC695D003A605D89AF9B5D1F4413119E	264616	----a-w-	C:\Windows\System32\javaws.exe
2014-04-17 18:57:58	BAC9841903EFE585DB80F1732E0B5CE6	176040	----a-w-	C:\Windows\System32\javaw.exe
2014-04-17 18:57:58	66EAA5E7C154F3C755CD9CEFAC5A7666	176040	----a-w-	C:\Windows\System32\java.exe
2014-04-17 18:57:58	639F3CC0B3AAA6CA6C048E8D6E289A52	96680	----a-w-	C:\Windows\System32\WindowsAccessBridge.dll
2014-04-11 07:23:05	CE6921D33682C6C3DB8A45853CC69402	455168	----a-w-	C:\Windows\System32\vbscript.dll
2014-04-11 07:23:04	AA12D7A960DB78DD9690AB5B5DAE6586	440832	----a-w-	C:\Windows\System32\ieui.dll
2014-04-11 07:23:00	A127D17C354B473B0F4C6265538F5A2C	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2014-04-11 07:22:58	BB185D4A9362AA17CBCEC0768CDBF249	704512	----a-w-	C:\Windows\System32\ieapfltr.dll
2014-04-11 07:22:58	116632CE6DF92EA78C2B849E1279B1FA	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2014-04-11 07:22:55	EDACA6C44D9CE200F899B7DB0F201DFF	164864	----a-w-	C:\Windows\System32\msrating.dll
2014-04-11 07:22:55	EBC35FE64056910A84485BEEB6DCCAC6	524288	----a-w-	C:\Windows\System32\msfeeds.dll
2014-04-11 07:22:55	31385A6CAA31BE9D07B0B32E5AA99ABB	43008	----a-w-	C:\Windows\System32\jsproxy.dll
2014-04-11 07:22:53	7E9FE7DB43BC204E44F159F843E35C15	367616	----a-w-	C:\Windows\System32\dxtmsft.dll
2014-04-11 07:22:53	34FC79C948EE2C5FD0CD699E7D7F91B7	244224	----a-w-	C:\Windows\System32\dxtrans.dll
2014-04-11 07:22:52	E5E97E94DD9D69D8EE90CFA96156CD8A	575488	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-04-11 07:22:52	82287FCFFA4A2D60FD744E3FEB3192C5	61952	----a-w-	C:\Windows\System32\iesetup.dll
2014-04-11 07:22:52	21BF6759685FD193715B483F2B3F21B1	112128	----a-w-	C:\Windows\System32\ieUnatt.exe
2014-04-11 07:22:52	0FDC1A576A3F40420882C0F7C4A66EAD	32768	----a-w-	C:\Windows\System32\iernonce.dll
2014-04-11 07:22:50	C9CA9803299EB6AFA34CB520BAAB083D	32256	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-04-11 07:22:50	BECAA526B8A1823A36A1BA123B8C41A9	646144	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2014-04-11 07:22:50	6557B48D53D653CFCCE3CB1CFA53A8E1	51200	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2014-04-11 07:22:50	2101D94DED769CE86A3DE1152F4FCDF5	108032	----a-w-	C:\Windows\System32\ieetwcollector.exe
2014-04-11 07:22:50	0F4A295516781897FFB09B4CCF2E8798	592896	----a-w-	C:\Windows\System32\jscript9diag.dll
2014-04-11 07:22:43	05BD47136DE62FAFE9F95B40E4100144	2178048	----a-w-	C:\Windows\System32\iertutil.dll
2014-04-11 07:22:42	E4E829EE073E046B0EB19B5FECB19B8C	1789440	----a-w-	C:\Windows\System32\wininet.dll
2014-04-11 07:22:42	C4A383FD50FBD7E274DD41CF571DF898	1967104	----a-w-	C:\Windows\System32\inetcpl.cpl
2014-04-11 07:22:42	76F58DB8F85C125E0D6B3AA42F3BF1D0	1143808	----a-w-	C:\Windows\System32\urlmon.dll
2014-04-11 07:22:41	2AFBB91BBD2378933B26E6D68C140D1B	11745792	----a-w-	C:\Windows\System32\ieframe.dll
2014-04-11 07:22:40	EA85144F35EDE6EE25C484D4242FF2C8	17387008	----a-w-	C:\Windows\System32\mshtml.dll
2014-04-11 07:22:39	8C46360D6EF9D4C563FE834C4F287DA3	4254720	----a-w-	C:\Windows\System32\jscript9.dll
2014-04-10 07:07:44	F74FFA7654702F81884BDB41EB80DAC2	868352	----a-w-	C:\Windows\System32\kernel32.dll
====== C:\Windows\system32\drivers =====
2014-04-19 18:26:09	4D6C6E0505A8E5A0656DCB223497D37C	24184	----a-w-	C:\Windows\System32\drivers\aswHwid.sys
2014-04-10 07:07:46	F1A449D762657230629D8BFC107ABC14	149440	----a-w-	C:\Windows\System32\drivers\storport.sys
2014-04-10 07:07:46	EB34CE31FABD4DC4343FD2AD16D2CAF9	234432	----a-w-	C:\Windows\System32\drivers\msiscsi.sys
2014-04-10 07:07:46	5FB4F271032B6435F3B2252F577A4815	27072	----a-w-	C:\Windows\System32\drivers\Diskdump.sys
2014-04-10 07:07:44	C8DFF8D07755A66C7A4A738930F0FEAC	1212352	----a-w-	C:\Windows\System32\drivers\ntfs.sys
2014-04-01 09:22:33	D14960E39B570AAB8C58EC54A94D217D	186952	----a-w-	C:\Windows\System32\drivers\EuFdDisk.sys
2014-04-01 09:22:33	828BD9826072BC10A20093BE4CD560F3	51784	----a-w-	C:\Windows\System32\drivers\eubakup.sys
2014-04-01 09:22:33	52D87663A265D135CF8F0E76A427C2FD	15944	----a-w-	C:\Windows\System32\drivers\eudskacs.sys
2014-04-01 09:22:32	994A95AD44D20D32D8C81D7AA16D3DB4	41544	----a-w-	C:\Windows\System32\drivers\EUBKMON.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-04-19 18:26:49	--------	d-----w-	C:\Program Files\trend micro
2014-04-17 18:58:23	--------	d-----w-	C:\Program Files\Common Files\Java
2014-04-11 13:16:56	--------	d-----w-	C:\Program Files\RealArcade
2014-04-10 08:21:00	--------	d-----w-	C:\Program Files\Gadwin
2014-04-01 09:19:28	--------	d-----w-	C:\Program Files\EaseUS
======= C: =====
====== C:\Users\Marcel\AppData\Roaming ======
2014-04-15 17:30:06	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\ATI
2014-04-11 07:28:03	--------	d-sh--w-	C:\Users\Marcel\AppData\Locallow\EmieUserList
2014-04-11 07:28:00	--------	d-sh--w-	C:\Users\Marcel\AppData\Local\EmieUserList
2014-04-11 07:28:00	--------	d-sh--w-	C:\Users\Marcel\AppData\Local\EmieSiteList
2014-04-11 07:27:42	--------	d-sh--w-	C:\Users\Marcel\AppData\Locallow\EmieSiteList
2014-04-10 08:21:16	--------	d-----w-	C:\Users\Marcel\AppData\Roaming\Gadwin
2014-04-10 08:21:16	--------	d-----w-	C:\Users\Marcel\AppData\Local\Gadwin
2014-04-01 09:18:11	--------	d-----w-	C:\Users\Marcel\AppData\Local\Programs
2014-04-01 07:57:56	--------	d-----w-	C:\Users\Marcel\AppData\Local\Toshiba
====== C:\Users\Marcel ======
2014-04-17 18:57:58	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-10 08:21:01	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gadwin
2014-04-01 09:22:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Todo Backup Free 6.5

====== C: exe-files ==
2014-04-19 18:26:51	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Marcel.exe
2014-04-17 18:58:09	CC695D003A605D89AF9B5D1F4413119E	264616	----a-w-	C:\Windows\System32\javaws.exe
2014-04-17 18:57:58	BAC9841903EFE585DB80F1732E0B5CE6	176040	----a-w-	C:\Windows\System32\javaw.exe
2014-04-17 18:57:58	66EAA5E7C154F3C755CD9CEFAC5A7666	176040	----a-w-	C:\Windows\System32\java.exe
2014-04-17 18:57:53	F52BA055DE28307F4D51948AF16D6C02	16296	----a-w-	C:\Program Files\Java\jre8\bin\rmiregistry.exe
2014-04-17 18:57:53	F0314081EC24BEE9D3743F169C5691C0	16296	----a-w-	C:\Program Files\Java\jre8\bin\servertool.exe
2014-04-17 18:57:53	BDEB4B0993BDAAD5FBFE760F75AAFADF	16296	----a-w-	C:\Program Files\Java\jre8\bin\policytool.exe
2014-04-17 18:57:53	B6DFC8475E3DA13EA29E2C65ADD16796	157608	----a-w-	C:\Program Files\Java\jre8\bin\unpack200.exe
2014-04-17 18:57:53	6B935CAE684DBCAED9FBE4ADD58FC290	16296	----a-w-	C:\Program Files\Java\jre8\bin\orbd.exe
2014-04-17 18:57:53	6300438222F51F21AF470A14BE314635	16296	----a-w-	C:\Program Files\Java\jre8\bin\tnameserv.exe
2014-04-17 18:57:53	5101AFCC356D48C1F1999CEB53D30AE8	15784	----a-w-	C:\Program Files\Java\jre8\bin\pack200.exe
2014-04-17 18:57:53	3D0CE049EC387D445B1BB1795241C3E1	15784	----a-w-	C:\Program Files\Java\jre8\bin\rmid.exe
2014-04-17 18:57:53	1D6690C65D8ED29203B0819DC5C2C166	49576	----a-w-	C:\Program Files\Java\jre8\bin\ssvagent.exe
2014-04-17 18:57:52	E7AAB3E4F69CA4D6614FF2580872FDBD	52648	----a-w-	C:\Program Files\Java\jre8\bin\jp2launcher.exe
2014-04-17 18:57:52	80A64294480F2D4D7A5C5F0925DD851C	15784	----a-w-	C:\Program Files\Java\jre8\bin\jjs.exe
2014-04-17 18:57:52	7774F4EBD9F6E049B98B0B8716FF7210	15784	----a-w-	C:\Program Files\Java\jre8\bin\klist.exe
2014-04-17 18:57:52	4557C1B53ADED3680817ECB834623681	15784	----a-w-	C:\Program Files\Java\jre8\bin\keytool.exe
2014-04-17 18:57:52	13D6EB76FC30C4FC62F10F4083252C34	15784	----a-w-	C:\Program Files\Java\jre8\bin\kinit.exe
2014-04-17 18:57:52	016BEC09F12B441B15EFF724134988FB	15784	----a-w-	C:\Program Files\Java\jre8\bin\ktab.exe
2014-04-17 18:57:51	EB7C674F002F4F8D7D4E3D0A22574674	15784	----a-w-	C:\Program Files\Java\jre8\bin\java-rmi.exe
2014-04-17 18:57:51	DFD7C546CD456A5202AF9908F158F904	30632	----a-w-	C:\Program Files\Java\jre8\bin\jabswitch.exe
2014-04-17 18:57:51	CC695D003A605D89AF9B5D1F4413119E	264616	----a-w-	C:\Program Files\Java\jre8\bin\javaws.exe
2014-04-17 18:57:51	BAC9841903EFE585DB80F1732E0B5CE6	176040	----a-w-	C:\Program Files\Java\jre8\bin\javaw.exe
2014-04-17 18:57:51	B0BC29A5FB21EF7F6B228AD43B1E1EAF	68008	----a-w-	C:\Program Files\Java\jre8\bin\javacpl.exe
2014-04-17 18:57:51	66EAA5E7C154F3C755CD9CEFAC5A7666	176040	----a-w-	C:\Program Files\Java\jre8\bin\java.exe
=== C: other files ==
2014-04-19 18:26:09	4D6C6E0505A8E5A0656DCB223497D37C	24184	----a-w-	C:\Windows\System32\drivers\aswHwid.sys
2014-04-18 14:06:55	CB1DCCEEBA942C606BB552D136816CD8	593	----a-w-	C:\Users\Marcel\Downloads\iconfix.zip
2014-04-17 18:57:53	D5B8C4631222212132FE121F1FF6F046	14130	----a-w-	C:\Program Files\Java\jre8\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"KeNotify"="C:\Program Files\TOSHIBA\Utilities\KeNotify.exe"
"SVPWUTIL"="C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL"
"ToshibaServiceStation"="C:\Program Files\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60"
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"AvastUI.exe"="C:\Program Files\Alwil Software\Avast5\AvastUI.exe /nogui"
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe "
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "
"TPCHWMsg"="%ProgramFiles%\TOSHIBA\TPHM\TPCHWMsg.exe "
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ITSecMng]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ITSecMng"
"hkey"="HKLM"
"command"="%ProgramFiles%\\TOSHIBA\\Bluetooth Toshiba Stack\\ItSecMng.exe /START"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SunJavaUpdateSched]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SunJavaUpdateSched"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TosSENotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="TosSENotify"
"hkey"="HKLM"
"command"="C:\\Program Files\\TOSHIBA\\TOSHIBA HDD SSD Alert\\TosSENotify.exe"


==== Startup Folders ======================

2009-06-15 15:45:56	1835	----a-w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2009-06-15 15:45:56	1835	----a-w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [13/04/2014 09:36]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\ConfigFree Startup Programs" [C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{847F0AA6-7865-4F3C-90E1-31297A6CB936}" [C:\Windows\system32\msfeedssync.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\Alwil Software\Avast5\WebRep\FF" [19/04/2014 20:26]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seniorennet.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.seniorennet.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{C48C56B9-E632-4E65-93A8-8D8994D6D77D}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{C48C56B9-E632-4E65-93A8-8D8994D6D77D} Google  Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEG;"

==== Empty IE Cache ======================

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marcel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Marcel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=35 folders=15 3222127 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Marcel\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Marcel\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on zo 20/04/2014 at 22:41:16,46 ======================