
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by Eigenaar on zo 05/04/2015 at 17:31:11,73.
Microsoft® Windows Vista™ Home Premium  6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Eigenaar\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

5/04/2015 17:33:42 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully
C:\Users\Eigenaar\AppData\Roaming\U3 deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Users\Eigenaar\AppData\Roaming\WB.CFG deleted
C:\Users\Eigenaar\Downloads\avg_free_stb_all_2014_4744_cnet.exe deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Eigenaar\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\system32 =====
====== C:\Windows\system32\drivers =====
2015-03-25 17:23:48	C2730E796F3A84DE3D4FCFF899028838	92888	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-03-25 17:23:48	AB73A39A5E45F465B02C11C500BB0278	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2015-03-25 17:23:48	17A18AC4B266F74EE6BB163156AA38AC	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-03-25 17:20:37	04B309A1A653177994630C2773E659F1	119512	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-03-24 19:43:32	--------	d-----w-	C:\Program Files\Speccy
2015-03-24 19:35:45	--------	d-----w-	C:\Program Files\trend micro
2015-03-21 19:37:51	--------	d-----w-	C:\Program Files\Common Files\Java
======= C: =====
2015-03-25 22:05:02	74E247D8636AEA02E638A2DED18D4CFD	1385	----a-w-	C:\mbam scanlog 2.txt
====== C:\Users\Eigenaar\AppData\Roaming ======
2015-03-24 20:12:57	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\PnrpSqm
2015-03-24 19:43:50	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Roaming\PeerNetworking
====== C:\Users\Eigenaar ======
2015-03-25 17:22:42	32A7154F9934CF3AA5D945D02D069D1F	17523384	----a-w-	C:\Users\Eigenaar\Downloads\mbam-setup-2.0.0.1000.exe
2015-03-25 17:14:03	32A7154F9934CF3AA5D945D02D069D1F	17523384	----a-w-	C:\Users\Eigenaar\Desktop\mbam-setup-2.0.0.1000.exe
2015-03-24 19:43:33	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2015-03-24 19:42:10	678AB0E8665345E72D11149A36F965BE	5127432	----a-w-	C:\Users\Eigenaar\Downloads\spsetup128 (1).exe
2015-03-24 19:41:52	678AB0E8665345E72D11149A36F965BE	5127432	----a-w-	C:\Users\Eigenaar\Downloads\spsetup128.exe
2015-03-23 21:45:29	E55CCE4E4A0153A3122E76A3DA23B288	2168320	----a-w-	C:\Users\Eigenaar\Downloads\adwcleaner_4.113.exe

====== C: exe-files ==
2015-04-05 15:28:30	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files\Google\Update\Install\{69F0287C-25F1-428D-83BE-EFFBA3755F2A}\41.0.2272.118_41.0.2272.101_chrome_updater.exe
2015-04-05 15:28:30	04A8F29E2CB7A633109E6AF1316F6E97	864336	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\41.0.2272.118\41.0.2272.118_41.0.2272.101_chrome_updater.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-21-433914975-913901757-783570863-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_USERS\S-1-5-21-433914975-913901757-783570863-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C) -http://www8.agame.com/games/shockwave/h/horse_eventing_2/horse_eventing2_girlsgogames_nl.html"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"NDSTray.exe"="NDSTray.exe"
"cfFncEnabler.exe"="cfFncEnabler.exe"
"topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"RtHDVCpl"="RtHDVCpl.exe"
"Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe /start"
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"AVG_UI"="C:\Program Files\AVG\AVG2014\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
"HSON"="%ProgramFiles%\TOSHIBA\TBS\HSON.exe "
"SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe "
"00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"TOSCDSPD"="C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe"
"ehTray.exe"="C:\Windows\ehome\ehTray.exe"
"WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Shockwave Updater"="C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1150596.exe -Update -1150596 -Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; Trident/4.0; GTB6; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C) -http://www8.agame.com/games/shockwave/h/horse_eventing_2/horse_eventing2_girlsgogames_nl.html"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google EULA Launcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google EULA Launcher"
"hkey"="HKLM"
"command"="c:\\Program Files\\Google\\Google EULA\\GoogleEULALauncher.exe IE PA"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Toshiba Registration]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Toshiba Registration"
"hkey"="HKLM"
"command"="C:\\Program Files\\Toshiba\\Registration\\ToshibaRegistration.exe"


==== Startup Folders ======================

2008-08-19 11:40:54	1835	----a-w-	C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2008-08-19 11:40:54	1835	----a-w-	C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk
2009-04-11 12:19:22	1838	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Logitech SetPoint.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [22/03/2015 11:15]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [28/06/2009 08:46]

==== Chromium Look ======================

Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aanjjkgbodmfkdnkkhcjcghgnibdllak - C:\Users\Eigenaar\AppData\Local\CRE\aanjjkgbodmfkdnkkhcjcghgnibdllak.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
aanjjkgbodmfkdnkkhcjcghgnibdllak - C:\Users\Eigenaar\AppData\Local\CRE\aanjjkgbodmfkdnkkhcjcghgnibdllak.crx[]

Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://www.google.com/",
"startup_urls": [ "http://www.google.com/", "http://kw.knack.be/", "http://www.hln.be/" ]


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.hln.be/"
"Search Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA"
"Default_Page_URL"="http://www.google.com/ig/redirectdomain?brand=TSEA&bmod=TSEA"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.hln.be/"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{4DBFE74A-CDA3-48B0-8FD3-A466C6AD442E}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{4DBFE74A-CDA3-48B0-8FD3-A466C6AD442E} Google  Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA;"

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aanjjkgbodmfkdnkkhcjcghgnibdllak deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\aanjjkgbodmfkdnkkhcjcghgnibdllak deleted successfully

==== Empty IE Cache ======================

C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3 folders=2 4756331 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Eigenaar\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on zo 05/04/2015 at 18:08:16,31 ======================