
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Christa on di 09/02/2016 at 16:44:35,05.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Christa\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

9/02/2016 16:47:35 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Users\Christa\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Christa\AppData\Local\EmieSiteList deleted successfully
C:\Users\Christa\AppData\Local\EmieUserList deleted successfully
C:\Users\Christa\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3920277992-1130943974-3322280642-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3920277992-1130943974-3322280642-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_USERS\S-1-5-21-3920277992-1130943974-3322280642-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-3920277992-1130943974-3322280642-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}] 
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Windows\AutoKMS deleted
C:\Users\Christa\AppData\Roaming\Mozilla\Firefox\Profiles\sigclx82.default-1452355372726\extensions\marcoagpinto@mail.telepac.pt deleted
C:\fca303290426223e34ccfebaf7 deleted
C:\Users\Christa\AppData\LocalLow\Unity deleted
"C:\Windows\tasks\AutoKMS.job" deleted
"C:\Program Files\Microsoft\BingBar\7.1.355.0\SeaPort.EXE" deleted
"C:\Program Files\Microsoft\BingBar" not deleted
"C:\Users\Christa\AppData\Local\Unity" deleted
"C:\Program Files\Microsoft\BingBar\7.1.355.0" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Christa\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
2016-01-13 17:13:55	50D1D9B3C24E783B6A8451158215AA55	138176	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2016-01-13 17:13:54	E58CFE0F44B9775603BA70813D48D66A	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2016-01-13 17:13:51	D405E63A7FEED75B40ACE03E57B44AB5	225792	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2016-01-13 17:13:51	1D5CC65FECC628397CB72F87DD6A78F3	124416	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2016-01-13 17:13:50	E688B7D9B5422F23102E1920E19473E9	98304	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2016-01-13 17:12:45	A3F684B866A7D89AE396276CE7AFD416	5120	----a-w-	C:\Windows\System32\drivers\drmkaud.sys
2016-01-13 17:12:45	53F70F2B5ED939C0013D625F6444F5C7	81408	----a-w-	C:\Windows\System32\drivers\drmk.sys
2016-01-13 17:12:45	1F3096B1725382912803B6027AF4B94A	177152	----a-w-	C:\Windows\System32\drivers\portcls.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2016-02-08 18:30:24	--------	d-----w-	C:\Program Files\trend micro
======= C: =====
====== C:\Users\Christa\AppData\Roaming ======
2016-01-30 16:36:02	A808168A8B9FCB6195CB3B864D3464E4	1464	----a-w-	C:\Users\Christa\AppData\Local\recently-used.xbel
====== C:\Users\Christa ======
2016-02-08 18:27:59	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Christa\Downloads\RSIT.exe

====== C: exe-files ==
2016-02-08 18:30:25	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Christa.exe
2016-02-08 18:27:59	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Christa\Downloads\RSIT.exe
2016-02-05 16:54:12	46D45B75D08B186F27C0879109FDC148	852560	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\48.0.2564.103\48.0.2564.103_48.0.2564.97_chrome_updater_3stage.exe
2016-02-03 18:48:27	F489BF87E4B3E9CCEFA102CC347F180F	95048	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdateWebPlugin.exe
2016-02-03 18:48:27	A70C804C5BCC0BBFCB7E9173C32B0221	95048	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdateOnDemand.exe
2016-02-03 18:48:27	1457C6AC71CAEC4D692FDD62155A9745	95048	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdateBroker.exe
2016-02-03 18:48:26	A4C58EA455234AFD3B622D838CDE4C39	987728	----a-w-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdateSetup.exe
2016-02-03 18:48:21	ABF64234F3462571E66527828040219B	252232	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler.exe
2016-02-03 18:48:21	8C17EAF5E4883284A75FC560C7F021AB	137544	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdateComRegisterShell64.exe
2016-02-03 18:48:21	750446ED76A5D13E902174DDDDA1A62B	154440	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleUpdate.exe
2016-02-03 18:48:21	2E6215108125A42160A1EC17208A50F0	313672	----atw-	C:\Program Files\Google\Update\1.3.29.5\GoogleCrashHandler64.exe
2016-02-03 18:48:17	A4C58EA455234AFD3B622D838CDE4C39	987728	----a-w-	C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.29.5\GoogleUpdateSetup.exe
=== C: other files ==
2016-02-08 17:40:44	81516AF8EE3C18149463E7C5446CAAF6	18129	----a-w-	C:\Users\Christa\Pictures\Outlook.com.zip

==== Orphaned Tasks deleted from Registry ======================

AutoPico Daily Restart deleted

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"jswtrayutil"="C:\Program Files\NETGEAR\WNA1100\jswtrayutil.exe"
"HP Software Update"="C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe"

==== Startup Folders ======================

2015-07-03 12:11:34	1942	----a-w-	C:\Users\Christa\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Deskjet 3520 series.lnk
2015-06-08 16:22:07	870	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEAR WNA1100 Genie.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [21/01/2016 19:49]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:0C:\ProgramC:Files\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [06/06/2015 19:11]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HPCustParticipation HP Deskjet 3520 series" ["C:\Program Files\HP\HP Deskjet 3520 series\Bin\HPCustPartic.exe"]
"C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]