Zoek.exe v5.0.0.0 Updated 06-December-2014 Tool run by Lien on zo 07/12/2014 at 17:57:28,00. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Lien\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 7/12/2014 17:59:31 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Users\Lien\AppData\Roaming\QuickScan deleted successfully C:\Users\Lien\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] ""=- [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted "C:\Windows\Installer\225e2.msi" deleted "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0\SeaPort.EXE" deleted "C:\Program Files (x86)\Microsoft\BingBar" not deleted "C:\Program Files (x86)\Microsoft\BingBar\7.1.355.0" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Lien\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-11-27 16:13:53 1CCD013201E9BF79A46D89F4BB934BF7 672 ----a-w- C:\Windows\Sysnative\F39D4DE6-98B8-4E05-91BD-549E8A8248BD ====== C:\Windows\Sysnative\drivers ===== 2014-11-28 12:16:38 F3629B5106FC5F548B1FDCDB586E1FC4 55488 ----a-w- C:\Windows\Sysnative\drivers\hcmon.sys 2014-11-17 20:07:53 DE8D12B4C3F55FA2C5E9774314F6C58A 258368 ----a-w- C:\Windows\Sysnative\drivers\WdFilter.sys 2014-11-17 20:07:52 4AD874CDC812EC156265E451B6B09DAB 114496 ----a-w- C:\Windows\Sysnative\drivers\WdNisDrv.sys 2014-11-17 20:07:52 0359607177E5E9F6041136CC0A5CB0B6 35320 ----a-w- C:\Windows\Sysnative\drivers\WdBoot.sys 2014-11-14 17:04:48 9F08A6608F98B5407E7DDBCF306573EF 27456 ----a-w- C:\Windows\Sysnative\drivers\rdpvideominiport.sys 2014-11-14 17:04:48 6D2EE96150E35B9EA49F2B481DE0369A 177472 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2014-11-14 17:04:48 4E1207CE16E615B0B7A70DC889F4500E 563976 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2014-11-14 00:37:35 CCB3A2BB60FE5073F2DEA63FE83CF8FE 2497344 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-11-14 00:37:32 E3FCE2A6B3533D99A3B498504DF9CC47 474432 ----a-w- C:\Windows\Sysnative\drivers\netio.sys 2014-11-14 00:37:30 66732C13628BDB1AB0D6FD46027327C2 148800 -c--a-w- C:\Windows\Sysnative\drivers\USBSTOR.SYS 2014-11-14 00:37:29 7F23E38C5B6448F91439E4066645191E 428864 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-12-07 14:05:12 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-11-28 12:16:18 -------- d-----w- C:\PROGRA~2\COMMON~1\ThinPrint 2014-11-28 12:16:15 -------- d-----w- C:\PROGRA~2\VMware 2014-11-28 12:16:15 -------- d-----w- C:\PROGRA~2\COMMON~1\VMware ======= C: ===== ====== C:\Users\Lien\AppData\Roaming ====== 2014-11-27 16:01:09 -------- d-----w- C:\Users\Lien\AppData\Local\VMware 2014-11-27 14:44:13 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\VMware 2014-11-27 14:44:13 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Roaming\VMware 2014-11-27 14:43:47 -------- d-----w- C:\Users\Lien\AppData\Roaming\VMware 2014-11-17 21:02:22 -------- d-----w- C:\Users\Lien\AppData\Local\Popcorn-Time 2014-11-17 21:00:36 -------- d-----w- C:\Users\Lien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time 2014-11-17 21:00:06 -------- d-----w- C:\Users\Lien\AppData\Local\Popcorn Time ====== C:\Users\Lien ====== 2014-12-07 14:04:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Lien\Desktop\RSITx64.exe 2014-12-07 13:55:48 038B75662205880BE56A8FFA9930F830 5162080 ----a-w- C:\Users\Lien\Desktop\ccsetup500.exe 2014-11-28 12:16:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VMware 2014-11-28 12:13:19 5FADD70ED74223BD4D588AC9801C6797 37585520 ----a-w- C:\Users\Lien\Downloads\VMware-Horizon-View-Client-x86_64-3.1.0-2085634.exe 2014-11-27 14:44:13 -------- d-----w- C:\ProgramData\VMware ====== C: exe-files == 2014-12-07 14:05:12 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Lien.exe 2014-12-07 14:04:23 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Lien\Desktop\RSITx64.exe 2014-12-07 13:55:48 038B75662205880BE56A8FFA9930F830 5162080 ----a-w- C:\Users\Lien\Desktop\ccsetup500.exe === C: other files == 2014-12-03 21:24:47 962AC97BA2737832F3233916D7C56494 201 ----a-w- C:\Users\Lien\AppData\Local\Popcorn Time\node_modules\nw-gyp\gyp\gyp.bat 2014-12-03 21:24:47 44EAB3875BBF898CD5164BA58FB5F7B9 196 ----a-w- C:\Users\Lien\AppData\Local\Popcorn Time\node_modules\nw-gyp\gyp\samples\samples.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Lien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "1.TPUReg"="C:\Program Files (x86)\TOSHIBA\PasswordUtility\readLM.exe" "TSVU"="c:\Program Files\TOSHIBA\TOSHIBA Smart View Utility\TosSmartViewLauncher.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Lien\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "TSSSrv"="C:\Program Files (x86)\TOSHIBA\System Setting\TSSSrv.exe" "TecoResident"="C:\Program Files\TOSHIBA\Teco\TecoResident.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe " "TCrdMain"="C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2014-04-12 18:03:19 1219 ----a-w- C:\Users\Lien\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verzenden naar OneNote.lnk 2014-06-25 09:31:52 2130 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/12/2013 16:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [18/12/2013 16:18] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Resolution+ Setting Task" [C:\Program Files\Toshiba\TOSHIBA Smart View Utility\Plugins\ResolutionPlus\TosRegPermissionChg.exe] ==== Chromium Look ====================== Google Docs - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Lien\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{21C48E73-EC25-4FA2-A99C-F3093B436A76}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {21C48E73-EC25-4FA2-A99C-F3093B436A76} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3594646164-2592891008-1537544201-1001\Software\Microsoft\Internet Explorer\SearchScopes\{21C48E73-EC25-4FA2-A99C-F3093B436A76} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lien\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Lien\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Lien\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Lien\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Lien\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5426 folders=1854 59866036 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Lien\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Lien\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Microsoft\BingBar" not found ==== EOF on zo 07/12/2014 at 18:14:48,14 ======================