
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Marijke on za 03-12-2016 at 14:44:17,70.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Marijke\Desktop\Humanitas\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-03-01-184229.log	50473 bytes

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Marijke\AppData\Local\ActiveSync deleted successfully
C:\Users\Marijke\AppData\Local\CrashDumps deleted successfully
C:\Users\Marijke\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Marijke\AppData\Local\EmieSiteList deleted successfully
C:\Users\Marijke\AppData\Local\EmieUserList deleted successfully
C:\Users\Marijke\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1570371235-2686225424-1450077891-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1570371235-2686225424-1450077891-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater40.3.6 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Marijke\AppData\Roaming\Mozilla\Firefox\Profiles\a4u3lofo.default

user.js not found
---- Lines yahoo removed from prefs.js ----
user_pref("avg.wtu.ext.Revert_DSP", "Yahoo");
user_pref("avg.wtu.ext.extParams", "{\"action\":\"extParams\",\"data\":{\"searchParams\":{\"pid\":\"wtu\",\"cid\":\"{0b3cdc67-e2f5-4895-acaf-32f2afcc1
user_pref("avg.wtu.userPreferences.homepageTilesCustomDomains", "{\r\n   \"google\":[\"/maps\",\"/calendar\",\"/bookmarks\",\"/earth\"],\r\n   \"yahoo
user_pref("browser.search.hiddenOneOffs", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "https://nl.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=667671&p=");
---- FireFox user.js and prefs.js backups ---- 

prefs_03-12-2016_1547_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"vProt"=- 
""=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\Avg_Update_1116avz not found
C:\ProgramData\Avg_Update_1116tb not found
C:\ProgramData\Avg_Update_1116avz not found
C:\ProgramData\Avg_Update_1116tb not found
C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater deleted
C:\Users\Marijke\AppData\Roaming\Mozilla\Firefox\Profiles\a4u3lofo.default\extensions\trash deleted
C:\Users\Marijke\AppData\Roaming\Mozilla\Firefox\Profiles\a4u3lofo.default\searchplugins\avg-secure-search.xml deleted
C:\Users\Marijke\.android deleted
C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted
C:\Program Files\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Web TuneUp deleted
C:\PROGRA~3\AVG Security Toolbar deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted
C:\Users\Marijke\Silverlight_x64.exe deleted
C:\Users\Marijke\TeamViewerQS_nl.exe deleted
"C:\Windows\Installer\4b24979.msi" deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\Program Files (x86)\AVG Web TuneUp\vprot.exe" deleted
"C:\PROGRA~2\AVG Web TuneUp\vprot.exe" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.3.6\avgdttbx.dll" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\Program Files (x86)\AVG Web TuneUp" deleted
"C:\Users\Marijke\AppData\Local\AVG Web TuneUp" deleted
"C:\PROGRA~2\AVG Web TuneUp" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\Users\Marijke\AppData\Local\AVG Web TuneUp\Firefox" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\DNTInstaller\40.3.6" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-11-09 14:16:53	43BF96FCF50945BE35C22206980C9068	4673304	----a-w-	C:\WINDOWS\explorer.exe
2016-11-03 15:45:38	BCDB205132974EC3AB6F5C01DD93489B	130560	----a-w-	C:\WINDOWS\splwow64.exe
====== C:\Users\Marijke\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2016-11-09 14:18:33	DB69C6DA8B3DDFDC547D455CA23A8250	2255712	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-11-09 14:17:45	DB32758F3A7F6CCE81A5430080A2EA65	48992	----a-w-	C:\WINDOWS\Sysnative\drivers\iorate.sys
2016-11-09 14:16:35	39591D8510CEC3BA6ED4330EE689B791	376672	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
2016-11-09 14:16:05	9CD2A4821DE379305CACB2E99AD8953A	101888	----a-w-	C:\WINDOWS\Sysnative\drivers\bowser.sys
2016-11-09 14:15:00	46ADD0CD4473AAEF1C68266A803F704D	714592	----a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2016-11-07 22:49:08	75527C244D55E9C557E1E4655FE62E3B	75888	----a-w-	C:\WINDOWS\Sysnative\drivers\dbx-stable.sys
2016-11-07 22:49:08	75527C244D55E9C557E1E4655FE62E3B	75888	----a-w-	C:\WINDOWS\Sysnative\drivers\dbx-dev.sys
2016-11-07 22:49:08	75527C244D55E9C557E1E4655FE62E3B	75888	----a-w-	C:\WINDOWS\Sysnative\drivers\dbx-canary.sys
2016-11-03 18:56:50	D41D8CD98F00B204E9800998ECF8427E	0	---ha-w-	C:\WINDOWS\Sysnative\drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-11-03 15:46:57	23522E5D581F7722B1B5B86737CAE39C	227328	----a-w-	C:\WINDOWS\Sysnative\drivers\ahcache.sys
2016-11-03 15:46:11	E6D5762958A839B119C041256149AAD6	967168	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-11-03 15:46:09	039B5A8CBD5C75D1C46DF15F7C74D136	63328	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2016-11-03 15:46:07	60EB6A4CE3E21887D302350631C16F26	118272	----a-w-	C:\WINDOWS\Sysnative\drivers\capimg.sys
2016-11-03 15:46:05	C1E85B4FB08B4CCF16841B165910148B	258560	----a-w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-11-03 15:45:20	3DFBB8B3F8BC0A91297030D0E530BA37	79200	----a-w-	C:\WINDOWS\Sysnative\drivers\crashdmp.sys
2016-11-03 15:45:14	DEA44117F9EE53EAFCE555C0A9B108C6	509280	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2016-11-03 15:44:08	3E502EB1701CF54CF237B6250FBE38EA	619368	----a-w-	C:\WINDOWS\Sysnative\drivers\cng.sys
2016-11-03 15:43:42	5BEE032780FCE432A80E58C14CDEA965	402272	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-11-03 15:43:40	72C828E0A21020FC6723A940A8F2F085	658272	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-11-03 15:43:40	101CC1FD8D48ED1EF71F0840158D0E6D	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-11-03 15:43:38	4F25E481124059CC593B4C68BC485640	2537824	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-11-03 15:43:33	A10C7C1E69FC90620C7BF2E51302A01F	1100128	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-11-03 15:43:32	125C83C44EEE61E2ED5893F23AEF0FC9	2190688	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-11-03 15:43:30	C994DF90427103CCB80F893FFD2B1CE8	557408	----a-w-	C:\WINDOWS\Sysnative\drivers\spaceport.sys
2016-11-03 15:43:05	323AA1953ED9C01E23F740FA891FE064	584032	----a-w-	C:\WINDOWS\Sysnative\drivers\afd.sys
2016-11-03 15:43:04	B23596AFC687B5256CCD7DD429E2E6FB	409952	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2016-11-03 15:42:59	5157325B17E455D9DF7AFBB4B608E78A	156672	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
====== C:\WINDOWS\Tasks ======
2016-11-12 11:34:53	7EA080748EDBAFF782EBC96C97A7D63F	3668	----a-w-	C:\WINDOWS\Sysnative\Tasks\AVG EUpdate Task
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2016-11-28 20:17:56	--------	d-----w-	C:\PROGRA~2\trend micro
2016-11-03 15:27:25	--------	d---a-w-	C:\PROGRA~2\RSUPPORT
======= C: =====
====== C:\Users\Marijke\AppData\Roaming ======
2016-11-12 11:35:44	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Avg
2016-11-12 11:33:53	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\AvgSetupLog
2016-11-12 11:33:53	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Avg
====== C:\Users\Marijke ======
2016-11-22 22:21:22	--------	d-----w-	C:\Users\Marijke\Tekenen
2016-11-12 11:36:59	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG Zen
2016-11-12 11:33:59	--------	d---a-w-	C:\ProgramData\Avg
2016-11-11 23:53:24	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-11-03 15:30:18	--------	d-----w-	C:\Users\Public\Documents\Rsupport
2016-11-03 15:27:27	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RSUPPORT

====== C: exe-files ==
2016-12-03 13:43:52	1DFAAD598E85429181A89D990E580058	96	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1570371235-2686225424-1450077891-1002\$IQM9TW9.exe
2016-12-02 10:24:36	7FD9E885D4C3D7370694ECD0DA98643E	698128	----a-w-	C:\Program Files (x86)\AVG\Setup\avgntdumpx.exe
2016-12-02 10:24:36	0749158B788594AB05D69DBD2402B338	3661584	----a-w-	C:\Program Files (x86)\AVG\Setup\avgsetupx.exe
2016-11-30 17:54:19	45A20D5ADA64CF62DFB181CE5F635EBC	142	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1570371235-2686225424-1450077891-1002\$IHVMW3X.exe
2016-11-30 17:54:16	C4ABD720FEFA904414F37C9D6F364C9F	136	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1570371235-2686225424-1450077891-1002\$IVX69E2.exe
2016-11-30 17:54:14	E9367091D42430FAA86F3C83F9ADE093	142	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-1570371235-2686225424-1450077891-1002\$ILCQUKD.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-1570371235-2686225424-1450077891-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Marijke\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"OneDrive"="C:\Users\Marijke\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Spotify"="C:\Users\Marijke\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"AdobeCS5ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe -launchedbylogin"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AVG_UI"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=av"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"AvgUi"="C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe /lps=fmw"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Marijke\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
"OneDrive"="C:\Users\Marijke\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Spotify"="C:\Users\Marijke\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-11-2016 01:24]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [24-03-2016 19:34]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [24-03-2016 19:34]
C:\WINDOWS\tasks\HPCeeScheduleForMarijke.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [16-06-2015 09:51]
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [27-04-2016 23:53]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AdobeAAMUpdater-1.0-GBG-PC-Marijke" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\WINDOWS\SysNative\tasks\AVG EUpdate Task" [avgsetupx.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCeeScheduleForMarijke" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 2540 series" ["C:\Program Files\HP\HP Deskjet 2540 series\Bin\HPCustPartic.exe"]
"C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Marijke\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{BF9CCC1D-9C5B-4C38-9A5D-3787B78179C8}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA)" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Marijke\AppData\Roaming\Mozilla\Firefox\Profiles\a4u3lofo.default
user_pref("browser.startup.homepage", "www.google.nl");