
Zoek.exe v5.0.0.0 Updated 04-August-2014
Tool run by Maarten on wo 06/08/2014 at 11:32:10,25.
Microsoft Windows 8 6.2.9200  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Maarten\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HX38OSY9\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

6/08/2014 11:34:50 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\Malwarebytes' Anti-Malware deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Maarten\AppData\Roaming\GrabPro deleted successfully
C:\Users\Maarten\AppData\Local\AcerCloud deleted successfully
C:\Users\Maarten\AppData\Local\MusicPlayer deleted successfully
C:\Users\Maarten\AppData\Local\start deleted successfully
C:\Users\Maarten\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3213485410-438365983-1047582419-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Pokki"=- 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-08-02 01:32:25	BDBB3D610751D9D859243C1E5BE13F49	750581330	----a-w-	C:\Windows\MEMORY.DMP
====== C:\Users\Maarten\AppData\Local\Temp ====
====== Java Cache =====
2014-08-05 00:00:53	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-254dcb61
2014-08-05 00:00:46	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-40e90b2f
2014-08-05 00:00:46	863D475F9896AD4E039A47EDF255BAC9	425	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2014-08-05 00:00:45	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-5c8983cb
2014-08-05 00:00:47	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-796e344f
====== C:\Windows\SysWOW64 =====
2014-08-02 14:21:36	BC587C9D241C638A825B4D55BF91BAFA	86528	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2014-08-02 14:21:35	9C8920D4E47E3591203739E051248E42	629248	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2014-08-02 14:21:33	7285D8DF13AA1F2BBDF8BE0C3FB65AF4	128000	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 14:21:33	0AA8927C7DAE50EBDBFD9D5523A21020	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-08-02 14:21:36	C7D91C7FF92B935FBEB1285DF720AE89	253440	----a-w-	C:\Windows\Sysnative\WUSettingsProvider.dll
2014-08-02 14:21:36	7B0A0BE4B067C9CC4898CFFC30BAD425	59416	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2014-08-02 14:21:36	2762E48274640A6E8F17CACF49AA8DF0	100352	----a-w-	C:\Windows\Sysnative\wudriver.dll
2014-08-02 14:21:36	07DE21A44C96710A2696CAC2D60942FC	176640	----a-w-	C:\Windows\Sysnative\storewuauth.dll
2014-08-02 14:21:35	F2463B2E9818D242B4F72B237E9BD545	3286528	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2014-08-02 14:21:35	B9E015C3C45556C39AD9A3F1C0F73639	1623040	----a-w-	C:\Windows\Sysnative\wucltux.dll
2014-08-02 14:21:35	3B61E09694F82333A4A0609714469E1E	773632	----a-w-	C:\Windows\Sysnative\wuapi.dll
2014-08-02 14:21:33	E07104ADA4972888FC2FADAC22CE4591	40448	----a-w-	C:\Windows\Sysnative\wuapp.exe
2014-08-02 14:21:33	56BCA2F14F696FBB619D042770859D7B	144384	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2014-07-26 23:45:44	A625B0854EFD1956BE5C518395C15D3C	528840	----a-w-	C:\Windows\Sysnative\FNTCACHE.DAT
====== C:\Windows\Sysnative\drivers =====
2014-08-05 16:23:20	E16E2431516D904CED3946AD3FF8C86B	854	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.INF
2014-08-05 16:23:20	97E11C50CE52277B377396EA8838E539	177752	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.SYS
2014-08-05 16:23:20	7846ED59291A134CC5DD017C6EC7B433	8222	----a-w-	C:\Windows\Sysnative\drivers\SYMEVENT64x86.CAT
2014-07-26 22:56:51	08A2F22CF392250D27F6140DB3A3242A	33488	----a-w-	C:\Windows\Sysnative\drivers\debutfilterx64.sys
2014-07-21 20:25:24	FE7FB9612D354EB41DF4F0FF5D6FB259	576512	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-08-05 00:00:25	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Maarten\AppData\Roaming ======
====== C:\Users\Maarten ======
2014-08-04 16:24:34	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\winhttp
2014-07-25 18:31:14	--------	d-----r-	C:\Windows\SysNative\config\systemprofile\Searches

====== C: exe-files ==
2014-08-04 23:59:22	3842C46F2FBC7522EF625F1833530804	145408	----a-w-	C:\Users\Maarten\AppData\LocalLow\Sun\Java\jre1.7.0_67\lzma.exe
2014-08-02 14:21:36	7B0A0BE4B067C9CC4898CFFC30BAD425	59416	----a-w-	C:\Windows\System32\wuauclt.exe
2014-08-02 14:21:33	E07104ADA4972888FC2FADAC22CE4591	40448	----a-w-	C:\Windows\System32\wuapp.exe
2014-08-02 14:21:33	0AA8927C7DAE50EBDBFD9D5523A21020	35328	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2014-07-31 20:51:30	B313836AFC4A0CA4483E029D4ACD87FE	394152	----a-w-	C:\ProgramData\NVIDIA\Updatus\Packages\00005e5e\updatus.18742786_RUNASUSER.exe
2014-07-30 18:11:39	DEEEBBD7D2B82EB9EC161181332699E4	4198912	----a-w-	C:\Users\Maarten\AppData\Local\Packages\Microsoft.MicrosoftSolitaireCollection_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0_32\NativeImages\Solitaire\db5a4a1b4975b65e0e88c3717b6416a8\Solitaire.ni.exe
=== C: other files ==
2014-08-05 16:32:31	F718A57D946EAC76EFCB351D74E269F4	875736	----a-w-	C:\Windows\System32\Drivers\N360x64\1504000.00D\srtsp64.sys
2014-08-05 16:32:31	B18CE01B9C09C59422BA7C7064248B35	36952	----a-r-	C:\Windows\System32\Drivers\N360x64\1504000.00D\srtspx64.sys
2014-08-05 16:32:31	9F31630D7FC2DD9D5DA1CE359AAD1F46	1148120	----a-w-	C:\Windows\System32\Drivers\N360x64\1504000.00D\symefa64.sys
2014-08-05 16:32:31	5C9EE2303CA7F267665D75237862B39C	493656	----a-r-	C:\Windows\System32\Drivers\N360x64\1504000.00D\symds64.sys
2014-08-05 16:32:31	5570A74FF9B1EFBC5154DD1E2F05C517	593112	----a-w-	C:\Windows\System32\Drivers\N360x64\1504000.00D\symnets.sys
2014-08-05 16:32:31	48C2934683CBD06F662B088EEF49EF6A	264280	----a-r-	C:\Windows\System32\Drivers\N360x64\1504000.00D\ironx64.sys
2014-08-05 16:32:31	20F758E6339A16F97DD83389D582E09A	23568	----a-r-	C:\Windows\System32\Drivers\N360x64\1504000.00D\symelam.sys
2014-08-05 16:32:31	0510396A957E9FD7205BA62D3CAE4528	162392	----a-r-	C:\Windows\System32\Drivers\N360x64\1504000.00D\ccsetx64.sys
2014-08-05 16:23:20	97E11C50CE52277B377396EA8838E539	177752	----a-w-	C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2014-08-05 16:23:20	20F758E6339A16F97DD83389D582E09A	23568	----a-r-	C:\Windows\ELAMBKUP\SYMELAM.SYS
2014-08-05 16:16:34	0510396A957E9FD7205BA62D3CAE4528	162392	----a-r-	C:\Windows\System32\Drivers\NSTx64\7DE07030.00C\ccSetx64.sys
2014-08-01 11:34:39	F5B285246DAFA459FDEA34F6C4458777	4176	----a-w-	C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ara_4.3_all_livetriCAHX7WUU.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3213485410-438365983-1047582419-1002\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Users\Maarten\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Maarten\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"RoxWatchTray"="C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatchTray13.exe"
"ISUSPM"="C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler"
"CPMonitor"="C:\Program Files (x86)\Roxio 2012\5.0\CPMonitor.exe"
"Desktop Disc Tool"="C:\Program Files (x86)\Roxio 2012\Roxio Burn\RoxioBurnLauncher.exe"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"DivXMediaServer"="C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe /CHECKNOW"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #0"="C:\Users\Maarten\AppData\Local\Pokki\Engine\pokki.exe  --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend=C:\Users\Maarten\AppData\Local\Pokki\Engine\inspector --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\windows\\syswow64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 "
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"BtvStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll"

==== Startup Folders ======================

2013-12-18 19:06:47	1314	----a-w-	C:\Users\Maarten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk
2013-12-18 19:29:39	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/12/2013 14:23]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12/12/2013 14:23]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe]
"C:\Windows\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\Windows\SysNative\tasks\Dolby Selector" [C:\Dolby PCEE4\pcee4.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"]
"C:\Windows\SysNative\tasks\Norton Online Backup ARA" [C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe"]
"C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"]
"C:\Windows\SysNative\tasks\SomotoUpdateCheckerAutoStart" [C:\Users\Maarten\AppData\Local\FilesFrog Update Checker\update_checker.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Analyzer" [C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton 360\Norton Error Processor" [C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Analyzer" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Identity Safe\Norton Error Processor" [C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.3.12\SymErr.exe]
"C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn" [06/08/2014 11:29]

==== Firefox Extensions ======================

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Maarten\AppData\Roaming\Mozilla\Firefox\Profiles\6tzobd51.default
F3B0E300AFC94E1A775A2D935A7D384F	- C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll -	Shockwave for Director / Shockwave for Director


==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on wo 06/08/2014 at 11:37:16,59 ======================