Zoek.exe v5.0.0.0 Updated 23-11-2014 Tool run by Ries van Ool on di 25-11-2014 at 16:46:06,57. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ries van Ool\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-10-29-202753.log 113372 bytes C:\zoek-results2014-11-17-143457.log 799 bytes C:\zoek-results2014-11-25-082436.log 114695 bytes ==== Empty Folders Check ====================== C:\Users\Ries van Ool\AppData\Roaming\WinRAR deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-589480253-1782796221-1050078968-1000\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\McComponentHostService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet003\Services\McComponentHostService deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\E "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"=- ==== Deleting Files \ Folders ====================== C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} not found "C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\gzypyktz-v@tuyaear.com" not found "C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\OneClickDownload@OneClickDownload.com" not found C:\ProgramData\McAfee Security Scan deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} deleted C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} deleted C:\Program Files\AVG\AVG2012 deleted ==== Files Found In C:\Users\Ries van Ool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup ====================== 2008-09-05 14:45:44 174 --sha-w- 7F1698BAB066B764A314A589D338DAAE C:\Users\RIESVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\desktop.ini --- C:\Users\Ries van Ool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini 2014-10-27 09:38:12 645 ----a-w- 51886CE64009CCA5C7C065ED5B7999B5 C:\Users\RIESVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\program.lnk --- C:\Users\Ries van Ool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\program.lnk 2014-11-14 12:15:42 965 ----a-w- 694C4A8A46CD5BD359A68FB06BCEA59F C:\Users\RIESVA~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk --- C:\Users\Ries van Ool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [10-09-2013 08:51] ==== Firefox Extensions ====================== ProfilePath: C:\Users\RIESVA~1\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\2020Player@2020Technologies.com - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} - Undetermined - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\OneClickDownload@OneClickDownload.com - Undetermined - C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack - Undetermined - C:\Program Files\AVG\AVG2012\Firefox4 - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1} - Undetermined - C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default\extensions\gzypyktz-v@tuyaear.com - RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext ProfilePath: C:\Users\RIESVA~1\AppData\Roaming\TomTom\HOME\Profiles\wzte9anm.default - Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Ries van Ool\AppData\Roaming\Mozilla\Firefox\Profiles\oaq4cx52.default F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit) EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit) 96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit) 358878E398AB0FB8B1EE176C2E3EDF48 - C:\Program Files\Google\Google Updater\2.4.2432.1652\npCIDetect14.dll - Google Updater AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox 5B4DA1113F240C3F06FFF9D52761528B - C:\Program Files\Google\Picasa3\npPicasa3.dll - Picasa 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin C1680C34DE8A405C8829AB93236576FD - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector DAD55CEF682EAE6FA7B4C9487563A496 - C:\Windows\system32\Adobe\Director\np32dsw_1166636.dll - Shockwave for Director / Shockwave for Director B6A800D881A0176C544988870861E798 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 677D19A0ADA38861D513B19A86D12EB6 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin 3A9E1940B4459CC97FDCBB24FCB69004 - C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) 0FCEAA7D12B7B0BA825E5C770B1DCA48 - C:\Program Files\Mozilla Firefox\plugins\nprpplugin.dll - RealPlayer Download Plugin AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat 11D9EC08007CCDD653E6762E289E7C1B - C:\Program Files\Mozilla Firefox\plugins\nppluginrichmediaplayer.dll - PluginRichmediaplayer 0132218093298D7F72A40222F4FBF04F - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2 A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2 CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2 052575195474BA9646272680BF993D64 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2 A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2 136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2 1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2 EC321774436E1B7EE2EA334F41A3CF70 - C:\Program Files\Mozilla Firefox\plugins\npnul32.dll - Mozilla Default Plug-in 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin AE84791D996D1F05A2446B0C447D937A - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat 0132218093298D7F72A40222F4FBF04F - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.2 A7DA4A3F6E86E55E25F60D2BA46B24D0 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.2 CE1411064661AFB6DC4E18BACB50BF61 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.2 052575195474BA9646272680BF993D64 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.2 A8CD2D78D83C1466BB81BBC94A6C96A3 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.2 136ECFCBEA4FBFF8918D3B4AE2729C7F - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.2 1E17EB861D4EAD9CAC51C246B5E3426A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.2 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14-08-2013 14:24] RealDownloader - Ries van Ool\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ries van Ool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ries van Ool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Ries van Ool\AppData\Local\Mozilla\Firefox\Profiles\oaq4cx52.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Ries van Ool\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1156 folders=496 215526419 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Ries van Ool\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\RIESVA~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Ries van Ool\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehmsdri.log" not deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\ehRecvr.log" not deleted ==== EOF on di 25-11-2014 at 17:12:45,63 ======================