
Zoek.exe v5.0.0.0 Updated 05-October-2014
Tool run by william on ma 06/10/2014 at 17:53:36,61.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\william\AppData\Local\Microsoft\Windows\INetCache\IE\I9VF85CH\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

6/10/2014 18:00:27 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{0B65DCC9-1740-43dc-B19C-4F309FB6A6CA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{4F524A2D-5350-4500-76A7-7A786E7484D7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F524A2D-5350-4500-76A7-7A786E7484D7}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFCB3198-32F3-4E8B-9539-4324694ED664}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"ApnTBMon"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\Avg_Update_0814avt deleted
C:\ProgramData\Avg_Update_0214d deleted
C:\ProgramData\AskPartnerNetwork deleted
C:\ProgramData\APN deleted
C:\Users\william\AppData\Roaming\Thinstall deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\william\AppData\Local\IAC deleted
C:\Users\william\AppData\Local\Thinstall deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\william\AppData\LocalLow\IAC deleted
C:\windows\tasks\0214dUpdateInfo.job deleted
C:\windows\tasks\0814avtUpdateInfo.job deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ServiceLocator.exe" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\SO.dll" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Toolbar.exe" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\ToolbarPS.dll" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\ServiceLocator.exe" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\SO.dll" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Toolbar.exe" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\ToolbarPS.dll" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr.exe" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcLdr_x64.exe" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv.dll" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub.dll" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrvStub_x64.dll" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC\IdcSrv_x64.dll" deleted
"C:\Program Files (x86)\AskPartnerNetwork" deleted
"C:\Program Files\Adblock Plus for IE" deleted
"C:\PROGRA~2\AskPartnerNetwork" deleted
"C:\found.000" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork" not deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted
"C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted
"C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar" not deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater" not deleted
"C:\Users\william\AppData\Local\AskPartnerNetwork\Toolbar\Updater\IDC" not deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
2014-09-16 07:51:06	ACDBE1ED38167C8B01B8F63161BB2CEA	2374784	----a-w-	C:\windows\explorer.exe
====== C:\Users\william\AppData\Local\Temp ====
====== Java Cache =====
2014-09-09 18:44:05	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\william\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7e3073b9
====== C:\windows\SysWOW64 =====
====== C:\windows\SysWOW64\drivers =====
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
2014-09-16 07:56:57	FEBAA7D782E30882FFF1CBCBBE8AD467	2515264	----a-w-	C:\windows\Sysnative\drivers\tcpip.sys
2014-09-16 07:56:46	6416E79A58A8FCC33A447A4DDDD3BF04	412160	----a-w-	C:\windows\Sysnative\drivers\srv.sys
2014-09-16 07:56:43	038C77D577900EE39410662478BB0D50	2009920	----a-w-	C:\windows\Sysnative\drivers\ntfs.sys
2014-09-16 07:56:42	77E1D08EF3BFB923F2EDC3FC8089E08E	475968	----a-w-	C:\windows\Sysnative\drivers\netio.sys
2014-09-16 07:56:42	5BED3AB69797C8786EF70AEA8C33748B	674816	----a-w-	C:\windows\Sysnative\drivers\srv2.sys
2014-09-16 07:56:41	97B9076611291AE4C4C107BC915BD026	1200640	-c--a-w-	C:\windows\Sysnative\drivers\bthport.sys
2014-09-16 07:56:39	240C5C3793206725AA05665851E8C214	412992	-c--a-w-	C:\windows\Sysnative\drivers\spaceport.sys
2014-09-16 07:56:37	FF78D053A05E5A394F4E3C1816CC65A8	143680	-c--a-w-	C:\windows\Sysnative\drivers\usbccgp.sys
2014-09-16 07:56:36	64CA2B4A49A8EAF495E435623ECCE7DB	310080	-c--a-w-	C:\windows\Sysnative\drivers\volsnap.sys
2014-09-16 07:56:32	65392F3F3F65E4C6CC82A0F4F8A0B051	468288	-c--a-w-	C:\windows\Sysnative\drivers\USBHUB3.SYS
2014-09-16 07:56:29	D047CD668E6277FD80F0C613946F034C	246272	----a-w-	C:\windows\Sysnative\drivers\srvnet.sys
2014-09-16 07:56:28	26ACA481FAFEC59FE311D719E3027BBA	446976	----a-w-	C:\windows\Sysnative\drivers\nwifi.sys
2014-09-16 07:56:27	FEF0BC107812B36849741C3211BA6B60	419648	-c--a-w-	C:\windows\Sysnative\drivers\usbhub.sys
2014-09-16 07:56:22	9C096BF5E10CA8BFA56F32522A89FAF1	79872	----a-w-	C:\windows\Sysnative\drivers\IPMIDrv.sys
2014-09-16 07:56:21	E4B4BE2D7750849C07589DA0B0AABA01	1118040	----a-w-	C:\windows\Sysnative\drivers\ndis.sys
2014-09-16 07:56:19	D4B7ED39C7900384D9E5C1283F1E7926	76800	-c--a-w-	C:\windows\Sysnative\drivers\hdaudbus.sys
2014-09-16 07:56:19	C910E5D18958914A66F0E45689D0B40A	206848	----a-w-	C:\windows\Sysnative\drivers\mrxsmb20.sys
2014-09-16 07:56:19	B1AA3B19A2E596A59224F893E01A5A75	126464	----a-w-	C:\windows\Sysnative\drivers\NdisImPlatform.sys
2014-09-16 07:56:18	E0927EFA25D473367C3341B9F5969779	115712	----a-w-	C:\windows\Sysnative\drivers\bridge.sys
2014-09-16 07:56:14	91ED124E261EA8FAA1C0FFDF2A71B0C4	280384	-c--a-w-	C:\windows\Sysnative\drivers\pci.sys
2014-09-16 07:56:14	1DD05F4857C2188744B9E864658949DD	295424	----a-w-	C:\windows\Sysnative\drivers\ks.sys
2014-09-16 07:56:03	25BB93167DEF270188072603F92A1EF5	118272	-c--a-w-	C:\windows\Sysnative\drivers\bthpan.sys
2014-09-15 07:39:02	8DF1254093B5C354CE725EB6B9B0DE19	146752	----a-w-	C:\windows\Sysnative\drivers\msgpioclx.sys
====== C:\windows\Tasks ======
====== C:\windows\Temp ======
======= C:\Program Files =====
2014-09-27 07:32:55	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\william\AppData\Roaming ======
====== C:\Users\william ======

====== C: exe-files ==
=== C: other files ==
2014-10-04 08:17:17	BA4CC531752097237E97A16007C891B7	1439560	----a-w-	C:\Windows\Temp\avgdiag2\76350044-876b-472c-a3d4-123c162e055b\out\76350044-876b-472c-a3d4-123c162e055b[9330bb0d-2c06-47d2-a122-117693a906f2].zip

==== Startup Registry Enabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun"
"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"PowerDVD12Agent"="C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12Agent.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"RadioRage_4j Browser Plugin Loader 64"="C:\PROGRA~2\RADIOR~1\bar\1.bin\4jbrmon64.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AppEx Accelerator UI"="C:\Program Files\AMD Quick Stream\AMDQuickStream.exe -h"
"uTorrent"="C:\Users\william\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

==== Startup Folders ======================

2014-06-18 07:08:35	1133	----a-w-	C:\Users\william\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\AutoPico Daily Restart" ["C:\Program Files\KMSpico\AutoPico.exe"]
"C:\windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\windows\SysNative\tasks\User_Feed_Synchronization-{F177E116-E5CC-4FC5-AD36-5C28FC8DEBB9}" [C:\windows\system32\msfeedssync.exe]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.search.ask.com/?tpid=ORJ-SPE&o=APN11406&pf=V7&trgb=IE&p2=%5EBBE%5EOSJ000%5EYY%5EBE&gct=hp&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=ie_11.0.9600.17239&apn_uid=6E3B488F-273A-4629-B03B-41BE0ABF6A00&itbv=12.15.5.30&doi=2014-09-04&psv=&pt=tb"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{3F29E9B6-B342-4832-A9A5-A538EC5D9A01}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{110a9ea2-8810-4c04-b916-cfd4e9427fec} Ask Web Search Url="http://search.tb.ask.com/search/GGmain.jhtml?p2=^ZX^xdm086^YYA^be&si=CMCMh_PGo78CFa_LtAodyDYAIA&ptb=E5CB41FC-8D7B-4A94-AF28-A2307A8EB1F3&ind=2014070103&n=780c4557&psa=&st=sb&searchfor={searchTerms}"
{3F29E9B6-B342-4832-A9A5-A538EC5D9A01} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=LCJB"
{D38F3A27-EA85-4BBC-9E23-04D6A99B5DB7} Ask Search Url="http://www.search.ask.com/web?tpid=ORJ-SPE&o=APN11406&pf=V7&p2=%5EBBE%5EOSJ000%5EYY%5EBE&gct=&itbv=12.15.5.30&apn_uid=6E3B488F-273A-4629-B03B-41BE0ABF6A00&apn_ptnrs=BBE&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=ie_11.0.9600.17239&doi=2014-09-04&trgb=IE&q={searchTerms}&psv=&pt=tb"

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\william\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\william\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1238 folders=517 233443733 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\william\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\william\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\william\AppData\Local\AskPartnerNetwork"  not found

==== EOF on ma 06/10/2014 at 18:22:13,30 ======================