
Zoek.exe v5.0.0.0 Updated 05-July-2014
Tool run by DAAN on do 10/07/2014 at  9:29:49,23.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\DAAN\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2014-07-08-142310.log	925 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.7 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.7 deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\AVG Secure Search deleted
C:\Program Files (x86)\BlockAndSurfS deleted
"C:\Windows\tasks\BlockAndSurf_wd.job" deleted
"C:\Program Files (x86)\AVG Secure Search\TBAPI.dll" deleted
"C:\Program Files (x86)\AVG Secure Search\vprot.exe" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\SiteSafety.dll" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search" deleted
"C:\Program Files (x86)\AVG Secure Search" not deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7" deleted
"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\DAAN\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-07-09 11:06:22	EFFC098B09760FFEEAE1C10533D74017	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 11:06:22	C6A991D7DF17EBD8DE4739CD1F283133	646144	----a-w-	C:\Windows\SysWOW64\osk.exe
2014-07-09 11:06:22	56F0F2AC87F7BB155B0D745FF8B660DD	391168	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-07-09 11:06:22	492FF9C530EC0352B3C904CE9898269D	509440	----a-w-	C:\Windows\SysWOW64\qedit.dll
2014-07-09 11:06:22	45E1DA8EF50FB8E5227CE8423EA43055	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2014-07-09 11:06:22	1B91409DA29A30D899D257BCF86FD5B3	357888	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 11:06:21	D97646D8E83B5AA8198182449C7FDCBF	226816	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 11:06:21	D143C6B9624E29E0AA1D682C9A678C95	2863616	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-07-09 11:06:21	6D4A861C832CD598DE1267939CCEB154	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 11:06:21	4A09112A94AC63DA93FF17F1E76DFA68	80896	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 11:06:21	43E4E8F5AFDD1A5E0D269D1DE5C717EB	2051072	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-07-09 11:06:21	27631A4D65AB1FA5718EBBFED05B7815	1766400	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-07-09 11:06:20	8795FB612463119D7560EBA9C7F8784D	14368768	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-07-09 11:06:16	61B1C74ED24F2CD5D1B0C20AC51492F6	1141760	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-07-09 11:06:16	5FE1032BC879A8F39EA6F90FDD8DD838	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-07-09 11:06:16	49E69D3C71522F14E88361139C96C4A7	226816	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 11:06:16	1DB8DD378F5851CFC0D699A4B5EBA559	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-07-09 11:06:15	841997B03FC48A0713247837563EF1D6	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 11:06:15	71A5B696671E2CC42376FF1ED9575C37	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-07-09 11:06:15	2ECF28B5EE03B12FAB7DFA680178B0BC	1440768	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 11:06:14	A3FB2F617F15586B66A6E0ACF3A380FE	13732352	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-07-09 11:06:13	26582E103FD52094FC5ECA619BDE93FF	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2014-07-09 11:06:01	F95E1E9D97D25C11F29CA34C843A6F4D	247808	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-07-09 11:06:01	E3ECF5FFE3DEDF61DC6877B6A99ACBBF	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2014-07-09 11:06:01	C71CC796F0E2E9BD542C87532706FCFE	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-07-09 11:06:01	C61DDFE40204F3BE3DF111981D91560E	220160	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 11:06:01	8BA721F76C97A219599E88722AA48875	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 11:06:01	6CB2616152ADCDF39F05B08E4858F476	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 11:06:01	1A0BE0092646F564FAF204E678AF8E03	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-07-09 11:05:59	A0E053D8D97ED0F913D56E6AF21DD26F	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-07-09 11:05:59	230AAF45031E87638CA4053C0399C1E6	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-09 11:06:26	980394E1FF94E460C4D71C1B098A0B4F	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-07-09 11:06:26	03282D1ADC4F64D27D697CBB63F972C2	519168	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-07-09 11:06:23	F1726E14C8F7B40CD828345890AAF764	3157504	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-07-09 11:06:22	D6AFBAA93169E6772565A1BC896D666B	624128	----a-w-	C:\Windows\Sysnative\qedit.dll
2014-07-09 11:06:22	B07200A237E54AC9D453DE3661FF31C4	3959296	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-07-09 11:06:22	A064A1D9CBD7F6959AAEAEAFF96DB2E9	692736	----a-w-	C:\Windows\Sysnative\osk.exe
2014-07-09 11:06:21	E40183B5A2DC1C5761AE51E34312ACA5	452096	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2014-07-09 11:06:21	27E552632E6394DE0FA555EFDBA29A49	2239488	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-07-09 11:06:21	239293442AE3873D253BFEE72AD01874	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-07-09 11:06:20	9489C3323D2BCFB3AF60475CCDA66B1A	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-07-09 11:06:20	9305A3DDEE11C5579D290F750EEA5B7D	526336	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-07-09 11:06:20	91FC6F95B04FD48DC6EBB99AE218D21B	281600	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2014-07-09 11:06:20	5A000C8F02B22EF8F99F6D988A7A0444	97792	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-07-09 11:06:19	3A691F30BB012EE0A4CC3E74BAFF1D66	2650624	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-07-09 11:06:18	0DF61F84BC5542FFDA2F64D6697358E1	19277312	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-07-09 11:06:17	FC66C25C9060E0681A4ABCB96EC26A4F	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2014-07-09 11:06:16	CAB7A75725D29A63F464996A9FA2752E	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-07-09 11:06:16	9046B20273767138A1A0CFABD005DFF0	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-07-09 11:06:15	DAF42D53210C8FEC9087AD1E44C67854	255488	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2014-07-09 11:06:15	CE6BBFFF2FEB9E43C58350AA506EDAB1	1366528	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-07-09 11:06:15	CD2974BD1BB6551260AAB3D4D04BECD5	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-07-09 11:06:15	A6B7A11B37C1BF854D9AC43CFE215A22	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-07-09 11:06:15	74869FE2697E4A881B7C8C9F615F1204	1508864	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2014-07-09 11:06:15	200E468E3E83481DE4C08CB786DB19FC	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-07-09 11:06:14	B56946EED9F6571EE1DB2A7FF6C0E47C	15369728	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-07-09 11:06:13	F43351A68833FC80135A394A656F4F4B	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2014-07-09 11:06:01	E8E98B3B7A6E1250F4AA7AF8FA17D5BB	340992	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-07-09 11:06:01	E23BA7A7BD97FC6B8AB5EA32A46D05CD	307200	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2014-07-09 11:06:01	C9DD5C0D5AF2D7A54BA32E8FBD3B67F1	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-07-09 11:06:01	BFC98590EAB40C785D6134B1FA818A62	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-07-09 11:06:01	A805B5E68262302D1A60BE3DED5846C9	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-07-09 11:06:01	7D1017ED11B7C3B162628069742B5E58	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-07-09 11:06:01	79EE13A5A406E4603874686B8005DA72	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-07-09 11:05:59	D4CCE15190269486A5E6D4D4E597F798	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
====== C:\Windows\Sysnative\drivers =====
2014-07-09 11:06:22	FA886682CFC5D36718D3E436AACF10B9	497152	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
2014-06-17 14:21:34	5D115BF49AE159D4D7D1EBC640CB138F	235800	----a-w-	C:\Windows\Sysnative\drivers\avgldx64.sys
2014-06-17 14:06:58	0971913995F5FAFD711B0B2426A175E9	269080	----a-w-	C:\Windows\Sysnative\drivers\avgtdia.sys
2014-06-17 14:06:24	B0E4A1F342A3F8B75C4A4ADB044761C9	190744	----a-w-	C:\Windows\Sysnative\drivers\avgidsha.sys
2014-06-17 14:06:22	946C038A7274D689A004785E581FAD5F	153368	----a-w-	C:\Windows\Sysnative\drivers\avgdiska.sys
2014-06-17 14:06:22	50E7E80BB5F3E2BB0B48F3F7E17ED6B1	242968	----a-w-	C:\Windows\Sysnative\drivers\avgidsdrivera.sys
2014-06-17 14:06:20	D9CED15E158573DE1BB67330C4206763	123672	----a-w-	C:\Windows\Sysnative\drivers\avgmfx64.sys
2014-06-17 14:06:06	C4F9056928B26BCAF15872E46B29184F	31512	----a-w-	C:\Windows\Sysnative\drivers\avgrkx64.sys
2014-06-11 06:36:14	17F685B67C74B8F7BFED4308790B71DE	288192	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-11 06:36:14	04ADD18EE5CC9FBEDAEC1DD1CD0CB45E	1903552	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
2014-06-20 12:23:44	8D7F5E7988F091F7898CE51B10922F04	3878	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Flash Player Updater
2014-06-20 12:23:44	4B84F98FF2726E872615C490F6E63A60	940	----a-w-	C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-10 11:11:39	F7A1B359CDFFB6E488C4BA0AFB9F0AB5	4048	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA
2014-06-10 11:11:39	72239447EE58EE90DB2B987655081F22	1052	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-06-10 11:11:39	6D99B4CE1252EEE97B8B7623D7409610	1048	----a-w-	C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-06-10 11:11:39	44A5084BB3753DA434DF58CD09493716	3796	----a-w-	C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-06-10 16:04:52	--------	d-----w-	C:\Program Files\Repetier-Host-FELIXPrinters
======= C:\PROGRA~2 =====
2014-07-06 10:34:32	--------	d-----w-	C:\PROGRA~2\Trend Micro
2014-06-26 07:29:29	--------	d-----w-	C:\PROGRA~2\Ubisoft
2014-06-20 19:44:16	--------	d-----w-	C:\PROGRA~2\AVG Secure Search
2014-06-20 07:49:16	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
2014-06-18 18:33:18	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2014-06-18 18:33:18	--------	d-----r-	C:\PROGRA~2\Skype
======= C: =====
2014-06-30 09:20:02	3C166BAE84553D4CB27AF8ABDC61712D	675988	----a-w-	C:\Minecraft.exe
====== C:\Users\DAAN\AppData\Roaming ======
2014-06-26 07:29:31	--------	d-----w-	C:\Users\DAAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-06-26 07:29:31	--------	d-----w-	C:\Users\DAAN\AppData\Local\Ubisoft Game Launcher
2014-06-20 07:49:20	--------	d-----w-	C:\Users\DAAN\AppData\Local\Mozilla
2014-06-18 18:33:21	--------	d-----w-	C:\Users\DAAN\AppData\Local\Skype
2014-06-18 18:33:20	--------	d-----w-	C:\Users\DAAN\AppData\Roaming\Skype
2014-06-17 06:17:17	--------	d-----w-	C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google
2014-06-10 16:04:52	--------	d-----w-	C:\Users\DAAN\AppData\Local\RepetierHostFELIXPrinters
2014-06-10 16:03:14	--------	d-----w-	C:\Users\DAAN\AppData\Roaming\lonesock software
2014-06-10 16:03:14	--------	d-----w-	C:\Users\DAAN\AppData\Roaming\fltk.org
2014-06-10 11:12:14	--------	d-----w-	C:\Users\DAAN\AppData\Locallow\Google
====== C:\Users\DAAN ======
2014-07-06 15:36:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\DAAN\Desktop\RSITx64.exe
2014-06-20 17:30:35	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-06-20 07:49:16	--------	d-----w-	C:\ProgramData\Mozilla
2014-06-18 18:33:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-06-18 18:33:17	--------	d-----w-	C:\ProgramData\Skype
2014-06-18 18:17:58	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2014-06-10 16:05:06	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repetier-Host FELIXPrinters
2014-06-10 16:03:14	--------	d-----w-	C:\ProgramData\fltk.org
2014-06-10 11:12:04	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

====== C: exe-files ==
2014-07-09 11:06:26	B1544CE66FD0135A170F09B66A9E7800	172200	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
2014-07-09 11:06:26	A1CF92651A2274E887189DABD2929DEF	82944	----a-w-	C:\Windows\SysWOW64\Dism\DismHost.exe
2014-07-09 11:06:26	679A800CFFBB8EA970506887045F2E41	46752	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-07-09 11:06:26	516A5FCE06BB388499238A5F9286CB74	96768	----a-w-	C:\Windows\System32\Dism\DismHost.exe
2014-07-09 11:06:23	20235ED4653CFDDCDEF721F5126A1C47	224768	----a-w-	C:\Program Files\Common Files\Microsoft Shared\ink\TabTip.exe
2014-07-09 11:06:22	C6A991D7DF17EBD8DE4739CD1F283133	646144	----a-w-	C:\Windows\SysWOW64\osk.exe
2014-07-09 11:06:22	A064A1D9CBD7F6959AAEAEAFF96DB2E9	692736	----a-w-	C:\Windows\System32\osk.exe
2014-07-09 11:06:22	89D2706FCD45E33CECFBD46BCBAD7E16	10240	----a-w-	C:\Program Files (x86)\Common Files\microsoft shared\ink\TabTip32.exe
2014-07-09 11:06:16	CAB7A75725D29A63F464996A9FA2752E	51712	----a-w-	C:\Windows\System32\ie4uinit.exe
2014-07-09 11:06:15	8597633E306B3793FB353C02DBFBE52F	469504	----a-w-	C:\Program Files (x86)\Internet Explorer\ieinstal.exe
2014-07-09 11:06:14	906DD419A6F121F971602CFF4A27B8BC	484352	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2014-07-06 15:36:40	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\DAAN\Desktop\RSITx64.exe
2014-07-03 13:47:31	B1EAC481DE9C02C650E5B2F02653C832	62992	----a-w-	C:\Program Files (x86)\AVG\AVG2014\avguirux.exe
2014-07-03 13:47:31	AB7CF7D136993B6BE86E7825E1913BB1	15888	----a-w-	C:\Program Files (x86)\AVG\AVG2014\avgrdtestx.exe
2014-07-03 13:47:31	7FE6B5B624F60CD8DC18F22D8957F28F	16912	----a-w-	C:\Program Files (x86)\AVG\AVG2014\avgrdtesta.exe
2014-07-03 13:47:31	709094D39E92084A8D7D5B069F051B06	5980560	----a-w-	C:\Program Files (x86)\AVG\AVG2014\avgmfapx.exe
=== C: other files ==
2014-07-09 11:06:23	F1726E14C8F7B40CD828345890AAF764	3157504	----a-w-	C:\Windows\System32\win32k.sys
2014-07-09 11:06:22	FA886682CFC5D36718D3E436AACF10B9	497152	----a-w-	C:\Windows\System32\drivers\afd.sys
2014-07-06 10:01:03	99CC504245963E23D336332125142209	693916	----a-w-	C:\ProgramData\AVG2014\IDS\outbox\tmp_a45801f8-3b0f-47d2-b33e-25244254f906.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1184255463-2082249140-305005745-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"Grid"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
"SkyDrive"="C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"Spotify"="C:\Users\DAAN\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Google Update"="C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Spotify Web Helper"="C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"
"LogMeIn Hamachi Ui"="C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe --auto-start"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Users\DAAN\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"
"HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"Grid"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraGrd.exe"
"SkyDrive"="C:\Users\DAAN\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"Spotify"="C:\Users\DAAN\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"Google Update"="C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Facebook Update"="C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Spotify Web Helper"="C:\Users\DAAN\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2013-07-24 14:13:41	1737	----a-w-	C:\Users\DAAN\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
2013-07-12 22:00:11	1716	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\LevelOne WNC-0301 Utility.lnk
2013-12-08 11:04:11	2653	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
2013-07-12 15:01:06	1888	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless LAN Utility.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core.job --a------ C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe [15/11/2013 19:08]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA.job --a------ C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe [15/11/2013 19:08]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/06/2014 13:11]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [10/06/2014 13:11]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core.job --a------ C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe [12/11/2013 20:31]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-DAAN-PC-DAAN" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core" [C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA" [C:\Users\DAAN\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000Core" [C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1184255463-2082249140-305005745-1000UA" [C:\Users\DAAN\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"avg@toolbar"="C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.7.644" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\DAAN\AppData\Roaming\Mozilla\Firefox\Profiles\mdp3d98s.default
- Facebook Ads Block - %ProfilePath%\extensions\jid1-CGxMej0nDJTjwQ@jetpack.xpi
- Strict Pop-up Blocker - %ProfilePath%\extensions\jid1-P34HaABBBpOerQ@jetpack.xpi
- FirefoxAdKiller - %ProfilePath%\extensions\{b1df372d-8b32-4c7d-b6b4-9c5b78cf6fb1}.xpi

ProfilePath: C:\Users\DAAN\AppData\Roaming\Songbird2\Profiles\g2wozt28.default
- Artwork Extras - C:\Program Files (x86)\Songbird\extensions\albumart@songbirdnest.com
- gonzo - C:\Program Files (x86)\Songbird\extensions\gonzo@songbirdnest.com
- Philips addon manager - C:\Program Files (x86)\Songbird\extensions\philips-addon-manager@songbirdnest.com
- Pink Martini - C:\Program Files (x86)\Songbird\extensions\pinkmartini@songbirdnest.com
- Purple Rain - C:\Program Files (x86)\Songbird\extensions\purplerain@songbirdnest.com
- Media Sharing - C:\Program Files (x86)\Songbird\extensions\sharing@songbirdnest.com
- Songbird.me - C:\Program Files (x86)\Songbird\extensions\soundboard@songbirdnest.com
- Noct - %ProfilePath%\extensions\noct@alittlemurkling.net
- Glossy Coat 2 - %ProfilePath%\extensions\{7fea29e4-d5c5-41d1-983f-7c8d2b8a612f}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\DAAN\AppData\Roaming\Mozilla\Firefox\Profiles\mdp3d98s.default
FB5621842FDABF9F8359775573498FBC	- C:\Users\DAAN\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll -	Google Update
FF0D6F82A0EC13952E83B9439100E45D	- C:\Users\DAAN\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
D7324EB1EDCB8990F8522DE0311359E9	- C:\Windows\SysWOW64\npdeployJava1.dll -	Java Deployment Toolkit 7.0.250.17
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\SysWOW64\npmproxy.dll -	Microsoft� Windows� Operating System


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\18.1.0.443\avg.crx[]

Ask Toolbar - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Comodo Web Inspector - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
Comodo Share Page Service - DAAN\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mcmdgbiocnkpnaccjkailibfgepaccgf
Google Docs - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Show the YouTube Channel bar or the name. - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn
YouTube - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Adblock for Youtube - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
Google Search - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
WGT Golf Challenge - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg
Photo Zoom for Facebook - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\elioihkkcdgakfbahdoddophfngopipi
AdBlock - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
MonoChrome - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\idnlphmmcijokifloflhecnkkhbpdnnk
Chromium Wheel Smooth Scroller - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\khpcanbeojalbkpgpmjpdkjnkfcgfkhb
Google Wallet - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - DAAN\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== Reset IE Proxy ======================

Value(s) before fix:
"ProxyServer"="http=127.0.0.1:13828;https=127.0.0.1:13828"
"ProxyEnable"=dword:00000000

Value(s) after fix:
"ProxyEnable"=dword:00000000

==== C:\zoek_backup content ======================

C:\zoek_backup (files=483 folders=195 97886388 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\AVG Secure Search"  not found

==== EOF on do 10/07/2014 at  9:34:55,33 ======================