Zoek.exe v5.0.0.0 Updated 24-12-2014 Tool run by Wiely en Nancy on za 27/12/2014 at 15:30:17.83. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Wiely en Nancy\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-25-193410.log 38059 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{148F258A-74D4-422E-BB2-37F8BD4210EC} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1545A523-2F96-422C-A3FC-A898B7FC302B} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{18B16BA3-3868-4070-9853-226A2A2D056} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1DDF7B54-F2DC-4099-BA77-1CE57AF8D4DC} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2444B981-F5B1-4A65-B65F-D52F50F692} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{29F91E24-5098-43F0-B0A2-666DA9635490} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35439A92-CCF2-4E6E-BA35-7C5374606F34} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{466e37d8-90a0-4b5c-bfcd-576091e16479} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{490A998-99E7-4352-83D2-9D511972A2} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D928FE0-8777-4BA9-AA32-A26F7D63B537} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{629CA26C-F22B-4D02-A9BC-A77ACDF2EDE6} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83BC8E5A-274C-48DF-A049-F179B9D39133} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8EC4C437-641C-4AED-8E52-29345D39715} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9d4a7141-d3b4-49ff-b7ff-72140b790aa0} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9C17708-766F-4681-A0A8-1FEF5193DD7E} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACDA997E-480A-425B-BBBC-C6651F68B7F8} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C44003C-9AE3-48EE-B92C-4DC19988A6C} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C5C339F3-E613-4A51-BE55-878A3D7AEA33} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce6da49a-ea09-48cf-8044-6b1e3ca6640e} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D592BF25-8A09-41F2-BF8B-38733A916DB7} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5B29CF6-1B26-4E64-8B9-8284F71AE0AC} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D894382A-7381-4EEE-A72D-9692A9A86073} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED1FF644-44C-45B5-9726-1E66E4D76033} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE14D91A-8FD7-4B04-A123-4B8ABE49D9C4} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F219819D-B483-43DD-8B3A-D979FB32ED24} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3CFB3C4-41B2-4376-ADBC-5AFBFF28CFC} deleted successfully HKEY_USERS\S-1-5-21-2356501859-2226477021-2701769862-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4915132-64D1-441B-88F4-36DCC9CD04A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{466e37d8-90a0-4b5c-bfcd-576091e16479} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9d4a7141-d3b4-49ff-b7ff-72140b790aa0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ce6da49a-ea09-48cf-8044-6b1e3ca6640e} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\DriverToolkit not found "C:\Users\Wiely en Nancy\AppData\Roaming\DYKL.exe" not found "C:\Users\Wiely en Nancy\AppData\Roaming\QEPFQ.exe" not found C:\Program Files\MP3jam deleted C:\Program Files\VirtualDJ deleted C:\Program Files\SlimCleaner deleted C:\Program Files\Stab deleted C:\Users\Wiely en Nancy\AppData\Roaming\DVDVideoSoft deleted C:\Users\Wiely en Nancy\AppData\Roaming\Mp3jam deleted C:\Users\Wiely en Nancy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VirtualDJ deleted C:\Users\Wiely en Nancy\AppData\Locallow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A} deleted C:\Windows\system32\tasks\Driver Booster SkipUAC (SYSTEEM) deleted C:\Windows\system32\tasks\Driver Booster SkipUAC (Wiely en Nancy) deleted C:\Windows\system32\tasks\DYKL deleted C:\Windows\system32\tasks\QEPFQ deleted C:\Windows\system32\tasks\SlimCleaner Run deleted C:\Users\Wiely en Nancy\.android deleted C:\user.js deleted C:\found.000 deleted C:\found.001 deleted C:\Users\Wiely en Nancy\AppData\Roaming\MAGIX deleted C:\Users\Wiely en Nancy\AppData\Roaming\skype.ini deleted C:\PROGRA~2\APN deleted C:\PROGRA~2\IHProtectUpDate deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\MAGIX deleted C:\Users\Wiely en Nancy\AppData\Local\com deleted C:\Users\Wiely en Nancy\AppData\Local\cache deleted C:\Users\Wiely en Nancy\AppData\Local\CrashRpt deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Registry Cleaner deleted C:\Users\Wiely en Nancy\Downloads\wzmp_8.exe deleted C:\Users\Wiely en Nancy\Downloads\FreeYouTubeToMP3Converter (1).exe deleted C:\Users\Wiely en Nancy\Downloads\FreeYouTubeToMP3Converter.exe deleted C:\Users\Wiely en Nancy\Downloads\Youtube_Music_Downloader_Setup.exe deleted C:\Users\Wiely en Nancy\AppData\LocalLow\Company deleted C:\Users\Wiely en Nancy\AppData\LocalLow\ADSRemoval deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\wininit.ini deleted C:\Windows\system32\drivers\Msft_Kernel_webinstr_01009.Wdf deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\AI_RecycleBin deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\Wiely en Nancy\Documents\Add-in Express deleted "C:\Windows\tasks\DriverToolkit Autorun.job" deleted "C:\Windows\tasks\DYKL.job" deleted "C:\Windows\tasks\QEPFQ.job" deleted "C:\Users\Wiely en Nancy\AppData\Roaming\DYKL" deleted "C:\Windows\tasks\DYKL.job" deleted "C:\Users\Wiely en Nancy\AppData\Roaming\QEPFQ" deleted "C:\Windows\tasks\QEPFQ.job" deleted "C:\Users\Wiely en Nancy\AppData\Roaming\TNNS" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\WIELYE~1\AppData\Roaming\Disruptive Innovations SARL\BlueGriffon\Profiles\9q5cixz9.default - CSS Stylesheet Editor - %ProfilePath%\extensions\csseditor@bluegriffon.com.xpi - EyeDropper - %ProfilePath%\extensions\eyedropper@bluegriffon.com.xpi - FontSquirrel Manager - %ProfilePath%\extensions\fs@bluegriffon.com.xpi - Fullscreen - %ProfilePath%\extensions\fullscreen@bluegriffon.com.xpi - Google Font Directory Manager - %ProfilePath%\extensions\gfd@bluegriffon.com.xpi - Czech CZ Language Pack - %ProfilePath%\extensions\langpack-cs@bluegriffon.org.xpi - Deutsch DE Language Pack - %ProfilePath%\extensions\langpack-de@bluegriffon.org.xpi - English US Language Pack - %ProfilePath%\extensions\langpack-en-US@bluegriffon.org.xpi - Espaol Espaa Language Pack - %ProfilePath%\extensions\langpack-es-ES@bluegriffon.org.xpi - Suomenkielinen FI Language Pack - %ProfilePath%\extensions\langpack-fi@bluegriffon.org.xpi - Franais Language Pack - %ProfilePath%\extensions\langpack-fr@bluegriffon.org.xpi - Galego Espaa Language Pack - %ProfilePath%\extensions\langpack-gl@bluegriffon.org.xpi - Hebrew IL Language Pack - %ProfilePath%\extensions\langpack-he@bluegriffon.org.xpi - Magyar HU Language Pack - %ProfilePath%\extensions\langpack-hu@bluegriffon.org.xpi - Italiano IT Language Pack - %ProfilePath%\extensions\langpack-it@bluegriffon.org.xpi - Japanese Language Pack - %ProfilePath%\extensions\langpack-ja@bluegriffon.org.xpi - Korean KR Language Pack - %ProfilePath%\extensions\langpack-ko@bluegriffon.org.xpi - Nederlands NL Language Pack - %ProfilePath%\extensions\langpack-nl@bluegriffon.org.xpi - Polski Language Pack - %ProfilePath%\extensions\langpack-pl@bluegriffon.org.xpi - Slovenski jezik Language Pack - %ProfilePath%\extensions\langpack-sl@bluegriffon.org.xpi - sr Language Pack - %ProfilePath%\extensions\langpack-sr@bluegriffon.org.xpi - Svenska SE Language Pack - %ProfilePath%\extensions\langpack-sv-SE@bluegriffon.org.xpi - Chinese Simplified zh-CN Language Pack - %ProfilePath%\extensions\langpack-zh-CN@bluegriffon.org.xpi - Traditional Chinese zh-TW Language Pack - %ProfilePath%\extensions\langpack-zh-TW@bluegriffon.org.xpi - MathML - %ProfilePath%\extensions\mathml@bluegriffon.com.xpi - Opquast Accessibility First Step - %ProfilePath%\extensions\op1@bluegriffon.com.xpi - Snippets - %ProfilePath%\extensions\snippets@bluegriffon.com.xpi - SVG-edit - %ProfilePath%\extensions\svg-edit@googlegroups.com.xpi - Table Layouts - %ProfilePath%\extensions\tablelayout@bluegriffon.com.xpi - One-click Templates - %ProfilePath%\extensions\templatesManager@bluegriffon.com.xpi - Thumbnailer - %ProfilePath%\extensions\thumbnailer@bluegriffon.com.xpi - Tip of the Day - %ProfilePath%\extensions\tipoftheday@bluegriffon.com.xpi ProfilePath: C:\Users\WIELYE~1\AppData\Roaming\kompozer.net\KompoZer\Profiles\0h1kh9ui.default - Undetermined - %ProfilePath%\extensions\installed-extensions.txt - KompoZer classic - %ProfilePath%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) New Tab Redirect Plus - Wiely en Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpoebddognhfcnfbfjdbgmgadkmmdkj ==== Chromium Fix ====================== C:\Users\Wiely en Nancy\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnpoebddognhfcnfbfjdbgmgadkmmdkj deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Search Page"="http://www.google.com" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Default_Page_URL"="http://www.google.com/" "Default_Search_URL"="http://www.google.com" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" "Default_Page_URL"="http://www.google.com/" "Default_Search_URL"="http://www.google.com" "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wiely en Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Wiely en Nancy\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=659 folders=137 259350056 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Wiely en Nancy\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\WIELYE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Wiely en Nancy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on za 27/12/2014 at 16:02:32.31 ======================