Zoek.exe Version 4.0.0.4 Updated 14-July-2013 Tool run by Johan on di 16-07-2013 at 11:29:55,82. Microsoft Windows 7 Ultimate 6.1.7600 x86 Running in: Normal Mode No Internet Access Detected ==== System Restore Info ====================== 16-7-2013 11:30:51 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\CLSID\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1005\Software\Microsoft\Internet Explorer\Approved Extensions\{d2ce3e00-f94a-4740-988e-03dc2f38c34f} deleted successfully HKEY_USERS\S-1-5-21-4213133900-1296267052-3364196582-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{472734EA-242A-422B-ADF8-83D1E48CC825} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\freenastester\AppData\Roaming\Mozilla\Firefox\Profiles\5kp8ngot.default user.js not found ---- Lines searchnu removed from prefs.js ---- ---- Lines searchnu modified from prefs.js ---- ---- Lines Search Results removed from prefs.js ---- ---- Lines Search Results modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\":{\"descriptor\":\"D:\\\\Programma's\\\\teken en videobewerking\\\\Adobe Contribute CS5\\\\Plugins\\\\FirefoxPlugin\\\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\",\"mtime\":1309616827636}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1366548427156},\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1363537835422},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1366548434213}}}]"); ---- Lines Search-Results removed from prefs.js ---- ---- Lines Search-Results modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\":{\"descriptor\":\"D:\\\\Programma's\\\\teken en videobewerking\\\\Adobe Contribute CS5\\\\Plugins\\\\FirefoxPlugin\\\\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}\",\"mtime\":1309616827636}}},{\"name\":\"app-global\",\"addons\":{\"afurladvisor@anchorfree.com\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\afurladvisor@anchorfree.com\",\"mtime\":1366548427156},\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files\\\\disabled Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1363537835422},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1366548434213}}}]"); ---- FireFox user.js and prefs.js backups ---- prefs_16-07-2013_1136_.backup ProfilePath: C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\nnpz3e6w.default user.js not found ---- Lines searchnu removed from prefs.js ---- user_pref("browser.startup.homepage", "http://www.searchnu.com/406"); ---- Lines searchnu modified from prefs.js ---- ---- Lines Search Results removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Search Results"); user_pref("browser.search.order.1", "Search Results"); user_pref("browser.search.selectedEngine", "Search Results"); ---- Lines Search Results modified from prefs.js ---- ---- Lines Search-Results removed from prefs.js ---- user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=484&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=0237142165074759&o=APN10645&q="); ---- Lines Search-Results modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_16-07-2013_1136_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Johan\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml" deleted "C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\nnpz3e6w.default\searchplugins\Search_Results.xml" deleted "C:\Users\Johan\Desktop\Continue SweetIM Installation.lnk" deleted "C:\Users\Johan\AppData\Roaming\Temp" deleted "C:\Users\Johan\AppData\Roaming\Common" deleted "C:\ProgramData\Browser Manager" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield" deleted "C:\Windows\System32\AI_RecycleBin" deleted "C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\nnpz3e6w.default\jetpack" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\nnpz3e6w.default - Collusion - %ProfilePath%\extensions\jid1-F9UJ2thwoAm5gQ@jetpack.xpi AppDir: C:\Program Files\Mozilla Firefox - Hotspot Shield Helper Please allow this installation - %AppDir%\extensions\afurladvisor@anchorfree.com ==== Firefox Plugins ====================== Profilepath: C:\Users\Johan\AppData\Roaming\Mozilla\Firefox\Profiles\nnpz3e6w.default 101700E93EB905992B518256CB441829 - C:\Program Files\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 101700E93EB905992B518256CB441829 - C:\Users\Johan\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll - Google Update 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 270EE43CC00609B9937AAF94E1E970D4 - F:\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 75300E5ED4CD5B4363C3DBBB2D03269C - C:\Program Files\McAfee Security Scan\3.0.318\npMcAfeeMSS.dll - McAfee Security Scanner + DA4E83FE6F229C7108EF5E9671B29260 - C:\Program Files\Garmin GPS Plugin\npGarmin.dll - Garmin Communicator Plug-In 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Johan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin AB87C54CA19675880B0CAE65B8AF140C - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.11 C04FCB7EEBEB5097B30468828F20FB9E - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll - Java(TM) Platform SE 7 U9 CD375F6297DFD24BAA250C7E62FA1216 - C:\Users\Johan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 39CE1A493BBEA55D5474F33DF45F2340 - C:\Program Files\Eleco\o2c Player\npO2CPlayer.dll - O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / o2c?????? ??????? / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In / O2C-Player Plug-In 693A182F0777A7446E301CB25E5C9C88 - C:\Program Files\OnLive\Plugin\npolgdet.dll - OnLive Game Client Detector C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 81D388824634378A37765FD943FB3144 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 7B40A8479A10E23E00BD58D32E1CC0A5 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 1A2FCE8326C9849083263DA3DE3C0756 - C:\Program Files\Sony\ReaderDesktop\npreaderdetectmoz.dll - Reader Application Detector 36A0F250C766D27BFE5A953C1A65B696 - C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrl.dll - Silverlight Plug-In 955C1332235A008ADF975D56A81507C1 - C:\Program Files\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll - Harmony Firefox Plugin 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System 64CE864482A941C006AC430640DE4DB3 - C:\Program Files\Microsoft Silverlight\5.0.61118.0\npctrlui.dll - Microsoft® Silverlight ==== Deleting Files \ Folders ====================== "C:\Program Files\Mozilla Firefox\extensions\afurladvisor@anchorfree.com" deleted ==== Chrome Look ====================== YouTube - Johan - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Johan - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Printee Easy Print Eco-friendly - Johan - Default\Extensions\hehilldlghfkbmmojagnecggemfkfpcc Gmail - Johan - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.nu.nl" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] @="http://www.google.com/search?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://www.google.com/ie" "Default_Search_URL"="http://www.google.com/ie" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.nu.nl" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {55101C9E-6EBE-46A5-9978-EFFE018A3238} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\freenastester\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\freenastester\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\freenastester\AppData\Local\Mozilla\Firefox\Profiles\5kp8ngot.default\Cache emptied successfully C:\users\Johan\AppData\Local\Mozilla\Firefox\Profiles\nnpz3e6w.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Johan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Johan\AppData\Local\Google\Chrome\User Data\Default\Application Cache\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Johan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Johan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 16-07-2013 at 11:41:43,12 ======================