
Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by rossi on ma 06-02-2017 at 11:52:11,43.
Microsoft Windows 10 Home 10.0.14393  x64
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\rossi\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2017-02-05-121710.log	52908 bytes
C:\zoek-results2017-02-05-124446.log	71614 bytes

==== Empty Folders Check ======================

C:\Users\rossi\AppData\Local\NetworkTiles deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\PC Clean Plus not found
C:\Program Files (x86)\SystemHealer not found
"C:\WINDOWS\tasks\PC Clean Plus_DEFAULT.job" deleted
"C:\WINDOWS\tasks\PC Clean Plus_UPDATES.job" deleted
"C:\WINDOWS\tasks\System HealerPeriod.job" deleted
"C:\WINDOWS\tasks\System HealerStartUp.job" deleted
"C:\WINDOWS\tasks\WpsExternal_rossi_20170116192331.job" deleted
"C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" deleted
"C:\WINDOWS\SysNative\tasks\PC Clean Plus" deleted
"C:\WINDOWS\SysNative\tasks\PC Clean Plus_DEFAULT" deleted
"C:\WINDOWS\SysNative\tasks\PC Clean Plus_UPDATES" deleted
"C:\WINDOWS\SysNative\tasks\System Healer Task" deleted
"C:\WINDOWS\SysNative\tasks\System HealerPeriod" deleted
"C:\WINDOWS\SysNative\tasks\System HealerStartUp" deleted
"C:\WINDOWS\SysNative\tasks\SystemHealer Monitor" deleted
"C:\WINDOWS\SysNative\tasks\SystemHealer Run Delay" deleted

==== Folders Found ======================


==== Files Found ======================


--- C:\Windows\run.vbs ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 1058
Created time: 2016-03-01 09:50:28
Modified time: 2016-03-01 09:50:28
MD5: A0CC725A2D9346021D8AC458E4F2C73F
SHA1: 14A4D1EB25AED6B74B571605ED78D95CDA7D95F1


==== Registry Search Results for "run.vbs" ======================


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"userinit"="wscript C:\\WINDOWS\\run.vbs,"

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default
user_pref("browser.startup.homepage", "http://www.youndoo.com/?z=406cbd47d4b0baa238d5532g9z2b7q9obz3t3q8qbw&from=bcn&uid=HGSTXHTS721010A9E630_JR10044M0EH99N0EH99NX&type=hp");
user_pref("browser.newtab.url", "http://www.youndoo.com/?z=406cbd47d4b0baa238d5532g9z2b7q9obz3t3q8qbw&from=bcn&uid=HGSTXHTS721010A9E630_JR10044M0EH99N0EH99NX&type=hp");
user_pref("browser.search.defaultenginename", "youndoo");
user_pref("browser.search.selectedEngine", "youndoo");

ProfilePath: C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\Profiles\9zl721p2.default
user_pref("browser.startup.homepage", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");
user_pref("browser.newtab.url", "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");
user_pref("browser.search.selectedEngine", "");
user_pref("keyword.URL", "http://www-searching.com/search.aspx?site=shdefault1&prd=smw&pid=s&shr=d&q={searchTerms}&s=H24ztrmbl10AU,eb4d6126-b5b0-4b74-9d11-36ba594b1fb7,");

ProfilePath: C:\Users\rossi\AppData\Roaming\Mozilla\Firefox\naweriweentcofise\Profiles\9zl721p2.default
user_pref("browser.startup.homepage", "C:\ProgramData\Hotfreshs\ff.HP");
user_pref("browser.newtab.url", "C:\ProgramData\Hotfreshs\ff.NT");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files (x86)\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [02-02-2017 15:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\rossi\AppData\Roaming\Profiles\Zusotainlujeght.default
- Firefox Hotfix - %ProfilePath%\extensions\firefox-hotfix@mozilla.org.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

UC浏览器活动 - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\acbckhilidhkcoenjgmejpgnnmcbhjhi
UC Nexus - rossi\AppData\Local\UCBrowser\User Data\Default\Extensions\pogijhnlcfmcppgimcaccdkmbedjkmhi

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131307240233226372&GUID=DD403D68-AD6F-409F-9FD4-BA0819408E59"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131307240233226372&GUID=DD403D68-AD6F-409F-9FD4-BA0819408E59"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?FORM=WLETDF&PC=WLEM&q={searchTerms}&src=IE-SearchBox"
{ielnksrch} Search the web Url="https://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHumfA2eDXzyC7zAaD6FDDoG3E77bpNChke1eGNaLnCkGUCWBdBkSRwbaRXX5jqgylGDgzJhg3cT8G1cNWw7prirxfgffQVzEwIcpPvNL4bAQ-4P1ACu7tTwNFThgSECm0kFPVtcGscBnwVc22yhfOPkhA_czsVRK9OUU63Zvw,,&q={searchTerms}"

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\rossi\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\rossi\AppData\Local\Mozilla\Firefox\Profiles\9zl721p2.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\rossi\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\rossi\AppData\Local\UCBrowser\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=819 folders=231 361278660 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\rossi\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on ma 06-02-2017 at 12:04:54,87 ======================