Zoek.exe v5.0.0.0 Updated 14-September-2014 Tool run by Koen on di 16-09-2014 at 19:49:30,54. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Koen\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 16-9-2014 19:50:45 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Informer Technologies, Inc deleted successfully C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} not found C:\Program Files\Vuze deleted C:\Program Files\Common Files\DVDVideoSoft\TB deleted C:\Program Files\Common Files\DVDVideoSoft\bin deleted C:\avg_free_stb_all_2014_4577_cnet - kopie.exe deleted C:\avg_free_stb_all_2014_4577_cnet.exe deleted C:\freeyoutubetomp3converter.exe deleted C:\siinst.exe deleted C:\Twoo.exe deleted C:\VuzeBittorrentClientInstaller.exe deleted C:\Users\Koen\AppData\Roaming\DVDVideoSoftIEHelpers deleted C:\PROGRA~2\APN deleted C:\Windows\system32\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Koen\AppData\Local\Temp ==== 2014-09-14 13:07:53 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite30606.dll 2014-09-14 12:43:39 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite59996.dll 2014-09-14 12:34:43 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite21880.dll 2014-09-14 09:16:57 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite15176.dll 2014-09-14 09:10:19 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite86103.dll 2014-09-13 15:55:54 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite92505.dll 2014-09-13 00:48:49 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite68086.dll 2014-09-12 18:32:39 006CC8260405E231C2006A0CEA2127FD 1053184 ----a-w- C:\Users\Koen\AppData\Local\Temp\System.Data.SQLite.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-09-10 20:10:09 7C3D593AB1E2F5E5687D97772EF99AC7 61952 ----a-w- C:\Windows\System32\iesetup.dll 2014-09-10 20:10:07 E3D7B3F64C30994409BDF8E48048A854 2724864 ----a-w- C:\Windows\System32\mshtml.tlb 2014-09-10 20:10:06 6DD476318F524D2DCB73AFEB2EE27B4A 61952 ----a-w- C:\Windows\System32\MshtmlDac.dll 2014-09-10 20:10:06 297EF1AB73B8FCE76BCA1365C2E49AFC 440320 ----a-w- C:\Windows\System32\ieui.dll 2014-09-10 20:10:05 AE7BCEA48C8AE4C1A26A2A26C94DD29D 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll 2014-09-10 20:10:05 2E2E40E5D92EEA979548E307C5781038 597504 ----a-w- C:\Windows\System32\jscript9diag.dll 2014-09-10 20:10:04 CC8F34B345DA638D77BB48C035DA628D 164864 ----a-w- C:\Windows\System32\msrating.dll 2014-09-10 20:10:04 13C2C87C35E52AAB1B439FB2E26DF2DE 69632 ----a-w- C:\Windows\System32\mshtmled.dll 2014-09-10 20:10:03 D603AC77E17E5B9583E382F2EE0381A7 43008 ----a-w- C:\Windows\System32\jsproxy.dll 2014-09-10 20:10:03 84E96F4AF8A7748A3DE7C3EBBC6768E5 365056 ----a-w- C:\Windows\System32\dxtmsft.dll 2014-09-10 20:10:03 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-09-10 20:10:03 1D8C086A39B9794D7131384586811B25 678400 ----a-w- C:\Windows\System32\ieapfltr.dll 2014-09-10 20:10:02 AA595171932ACC79DA9851067DCBDABF 32768 ----a-w- C:\Windows\System32\iernonce.dll 2014-09-10 20:10:02 4F2EDC301EC63F803C0FDB6CC87EDA24 454656 ----a-w- C:\Windows\System32\vbscript.dll 2014-09-10 20:10:02 010DFAF3EF93994B805BAA1493D47973 243200 ----a-w- C:\Windows\System32\dxtrans.dll 2014-09-10 20:10:01 95D7609E05218407071E353800581BF2 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-09-10 20:10:01 88EBB8526981D03C5777AB0A4AEBA8B4 1068032 ----a-w- C:\Windows\System32\mshtmlmedia.dll 2014-09-10 20:10:01 77F79126444896B5867E6761490735B8 60416 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll 2014-09-10 20:10:01 5074835337862817DB3726558D0908DE 51200 ----a-w- C:\Windows\System32\ieetwproxystub.dll 2014-09-10 20:10:00 E16EA38E5E98E485BE566738367AF16F 673792 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-09-10 20:10:00 24225D0B94B800F4A78A0AC08E7FA4AE 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-09-10 20:10:00 074646C5A979DE79133DE4A8530A9C5D 603136 ----a-w- C:\Windows\System32\msfeeds.dll 2014-09-10 20:09:59 8D4FCAB2643DFEF68040B70F1EDCCBC5 327872 ----a-w- C:\Windows\System32\iedkcs32.dll 2014-09-10 20:09:56 FD96C05DE700F5FD26273D6DDB6495A7 2185728 ----a-w- C:\Windows\System32\iertutil.dll 2014-09-10 20:09:55 D58988722C72D265B51A54103DFC2C6F 1812992 ----a-w- C:\Windows\System32\wininet.dll 2014-09-10 20:09:54 77B7DDF91F3ED2CDB6CF60224EE13433 4232704 ----a-w- C:\Windows\System32\jscript9.dll 2014-09-10 20:09:54 41010A88B70A2168F801DC19EBD4CB4F 1190400 ----a-w- C:\Windows\System32\urlmon.dll 2014-09-10 20:09:53 6A3A809CA7A8F40C89E6F1D301898A66 2014208 ----a-w- C:\Windows\System32\inetcpl.cpl 2014-09-10 20:09:51 7BF1CE9240CB9DD27C3E30733176EB8E 17455104 ----a-w- C:\Windows\System32\mshtml.dll 2014-09-10 20:09:50 A3560FAFC1686D5EE9830B33B5C74B66 11769856 ----a-w- C:\Windows\System32\ieframe.dll 2014-09-10 20:07:02 2413D2216D08FAF7D7178D9E0B481AEB 2285056 ----a-w- C:\Windows\System32\msmpeg2vdec.dll 2014-09-10 17:43:58 DCA0AC63EF309E17BEEDE8D90622285F 1059840 ----a-w- C:\Windows\System32\lsasrv.dll 2014-09-10 17:43:58 1B85FA0D0A93C011B76678733F39DB6C 550912 ----a-w- C:\Windows\System32\kerberos.dll 2014-09-10 17:43:17 79896A78039C9A63C56197843CFBAD0B 1987584 ----a-w- C:\Windows\System32\d3d10warp.dll 2014-09-10 17:43:13 A8DDB7ACB122FC36FF0D7C9B3099A380 793600 ----a-w- C:\Windows\System32\TSWorkspace.dll 2014-09-10 17:43:04 7D11D2B186C369E39D3B3759AE2775CE 445952 ----a-w- C:\Windows\System32\aepdu.dll 2014-09-10 17:43:03 11423EFD825011A0F5EC76D89D0C89A1 302592 ----a-w- C:\Windows\System32\aeinv.dll ====== C:\Windows\system32\drivers ===== 2014-08-22 16:01:22 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_09_00.Wdf ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-08-29 17:26:45 -------- d-----w- C:\Program Files\Collectorz.com ======= C: ===== ====== C:\Users\Koen\AppData\Roaming ====== 2014-08-29 17:27:02 -------- d-----w- C:\Users\Koen\AppData\Local\Collectorz.com ====== C:\Users\Koen ====== 2014-09-07 18:18:13 6DC6EBDF9391271098C40F6BA7779430 4890736 ----a-w- C:\Users\Koen\Downloads\spsetup126.exe 2014-08-29 17:26:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Collectorz.com ====== C: exe-files == 2014-09-14 14:20:17 198DC8EE284854EBDCB0977FCEA50B18 2391632 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\37.0.2062.120\37.0.2062.120_37.0.2062.103_chrome_updater.exe 2014-09-10 20:10:03 42F6F28D4885505F687CAF0459FF9F90 112128 ----a-w- C:\Windows\System32\ieUnatt.exe 2014-09-10 20:10:01 95D7609E05218407071E353800581BF2 108032 ----a-w- C:\Windows\System32\ieetwcollector.exe 2014-09-10 20:10:00 E16EA38E5E98E485BE566738367AF16F 673792 ----a-w- C:\Windows\System32\ie4uinit.exe 2014-09-10 20:10:00 24225D0B94B800F4A78A0AC08E7FA4AE 646144 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe 2014-09-10 20:09:55 665256B575BF83E4B188BE73450C5C29 470016 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2014-09-10 20:09:55 4DABFE3A9D3C67E9D9AD83C7F8FAD855 222720 ----a-w- C:\Program Files\Internet Explorer\ielowutil.exe 2014-09-10 20:09:54 EEA63B8CF19E59C4A51AD2D9A59DDA25 812216 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2014-09-10 17:43:04 13D383D25CB713F645937C8B183EEEE2 148136 ----a-w- C:\Windows\System32\CompatTel\QueryAppBlock.exe === C: other files == 2014-09-15 18:08:37 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Koen\Downloads\frank_english-187631.zip 2014-09-12 18:38:06 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Koen\Downloads\maleficent-dutch-yify-23122.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HotkeyMon"="AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotKeyMon.exe" "HotkeyService"="AsusSender.exe C:\Program Files\ASUS\HotkeyService\HotkeyService.exe" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY" "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SynAsusAcpi"="%ProgramFiles%\Synaptics\SynTP\SynAsusAcpi.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-04-2014 18:12] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [25-04-2014 18:12] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== Bejeweled - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\adpkifcfcacgmnggcbpbjbkdijciiigm Angry Birds - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj Pixlr-o-matic - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehcibdjmpjlekgjhepbfmenfppliikcj AdBlock - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom CircuitLab - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\haghanbgfkfpmepoohpigmglbfejljoj Custom Googleâ„¢ Background - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg Webcam Toy - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfbgimoladefibpklnfmkpknadbklade ==== Chromium Startpages ====================== C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.searchya.com/?f=1&a=dnldyho&cd=2XzuyEtN2Y1L1QzuyByEtB0FyCzz0DtByDtD0BtA0CyEzz0EtN0D0Tzu0CyEtCzztN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1Q1G1I1Q2U1M1F&cr=1301283441&ir=", "startup_urls": [ "http://www.google.com/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=749 folders=63 149814064 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Koen\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Koen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 16-09-2014 at 20:13:58,36 ======================