Zoek.exe Version 4.0.0.5 Updated 26-October-2013 Tool run by Mario on wo 30/10/2013 at 18:50:00,40. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: D:\MARIO\Desktop\zoek.exe [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-10-30-165126.log 28235 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Mario\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2013-10-06 09:18:48 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Windows\Sysnative\drivers\EsgScanner.sys ====== C:\Windows\Tasks ====== 2013-10-06 09:18:48 62B79C9C89B17503F4D23759B04072E0 3320 ----a-w- C:\Windows\Sysnative\Tasks\SpyHunter4Startup ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-10-30 15:36:43 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2013-10-05 01:43:28 -------- d-----w- C:\PROGRA~2\Speed Analysis 2 ======= C: ===== ====== C:\Users\Mario\AppData\Roaming ====== 2013-10-30 16:51:26 -------- d-----w- C:\Users\Mario\AppData\Local\Temp 2013-10-06 09:18:46 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2013-10-05 01:43:34 -------- d-----w- C:\Users\Mario\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-05 01:43:25 -------- d-----w- C:\Users\Mario\AppData\Local\Programs ====== C:\Users\Mario ====== 2013-10-05 01:43:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter 2013-10-05 01:43:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow ====== C: exe-files == 2013-10-30 15:37:03 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Mario.exe 2013-10-29 12:52:17 52F7A79FCEF85B369A838C7A2A7B7C54 27576432 ----a-w- C:\Users\Mario\AppData\Roaming\Spotify\Spotify_new.exe 2013-10-26 16:12:35 4B78E9AE06F7C310E30EE2FA5B7EBC3C 1721296 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_C993F490EED40C1B.exe 2013-10-26 16:12:31 6DD139BF3D3FEC03D7344FD9ABFB189B 401488 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_B8EC3A3F9520668F.exe 2013-10-26 16:12:28 BB4F6465EEB9ACAA5C60C36983740219 310352 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_4814EB429669E41D.exe 2013-10-26 16:12:24 B9D8842FF3EDAC918039C6F62F322E9A 1073232 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_08875ABF44579E20.exe 2013-10-26 16:11:42 A30351F539D71D6199BD2295CC234E96 531424 ----a-w- C:\Program Files (x86)\Google\Update\Install\{F65192E9-DD97-4631-9394-91408A965DFB}\GoogleToolbarInstaller_updater_signed.exe 2013-10-26 16:11:42 A30351F539D71D6199BD2295CC234E96 531424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.4601.54\GoogleToolbarInstaller_updater_signed.exe 2013-10-26 16:09:57 8FE68EACA8D5196E75A3BF85BB686370 9546080 ----a-w- C:\Program Files (x86)\Google\Update\Install\{A1F2D11F-23A2-4FFB-B712-BBC70EFE60F4}\30.0.1599.101_29.0.1547.76_chrome_updater.exe 2013-10-26 16:09:57 8FE68EACA8D5196E75A3BF85BB686370 9546080 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\30.0.1599.101\30.0.1599.101_29.0.1547.76_chrome_updater.exe 2013-10-26 16:04:48 CEFEBDB9E274BD90C12D131ED25CC819 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateOnDemand.exe 2013-10-26 16:04:47 EB8EEB98D01B5D31898D8E53C3789832 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateBroker.exe 2013-10-26 16:04:47 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdateSetup.exe 2013-10-26 16:03:54 CF7B0E597C1F34E528285495721DEEE9 237960 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe 2013-10-26 16:03:54 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleUpdate.exe 2013-10-26 16:03:54 0DC0DE2966A6DBA4CFBF6639DF44F5BA 319880 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe 2013-10-26 16:03:52 4AFFF5FE4E69C8E7C5F1E4F3511301CF 818968 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.165\GoogleUpdateSetup.exe === C: other files == 2013-10-30 17:31:01 43138F21F36C947EE1FA4D874F5C7C34 64561565 ----a-w- C:\ProgramData\AVG2012\IDS\quarantine\f1691645-778b-47d3-b25d-bdb90feb31fc.zip 2013-10-26 16:05:05 212FA1410C6BE612C46D49E3494C531E 274817 ----a-w- C:\ProgramData\AVG2012\IDS\config\internalList.zip ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "discountfinder@moneymillionaire.com"="C:\ProgramData\Kortingzoeker\FFExtension20121117151407" [22/11/2012 19:51] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [11/06/2011 20:32] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\q01o4t91.default - Lizardlink - %ProfilePath%\extensions\firefox@lizardlink.biz.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Mario\AppData\Roaming\Mozilla\Firefox\Profiles\q01o4t91.default E5AF72B7353FF8D431A7C463A4229524 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll - Shockwave Flash D4BD9F86123C87ECA570418B69326F99 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.170.2 F13A0DF244CED22684AF1ECAAA5983BF - C:\ProgramData\Kortingzoeker\FFExtension20121117151407\plugins\npdf.dll - MoneyMillionaire plugin 87BBF47F728AEEE862F9823D5B4C0BBC - C:\Users\Mario\AppData\Local\Google\Update\1.3.21.65\npGoogleUpdate3.dll - Google Update 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions iapkompmljjcdangdahmcnicaoianjnf - C:\ProgramData\Kortingzoeker\GCExtension.crx[17/11/2012 15:14] jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG2012\Chrome\safesearch.crx[26/07/2012 03:23] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[23/05/2011 19:24] Google Docs - Mario - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Mario - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Mario - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Mario - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf MoneyMillionaire extension - Mario - Default\Extensions\iapkompmljjcdangdahmcnicaoianjnf Need for Speed World is a FREE to play online racing game where you can compete with millions of players around the World. - Mario - Default\Extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk Card number - Mario - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda DivX Plus Web Player HTML5 \u003Cvideo\u003E - Mario - Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Mario - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\gebruiker.MARIO\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDUONOGL will be deleted at reboot C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Mario\AppData\Local\Mozilla\Firefox\Profiles\q01o4t91.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Mario\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Mario\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\PROGRA~2\Lizardlink" not found "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ER5TF6PF" not found "C:\Users\Mario\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\NDUONOGL" not found ==== EOF on wo 30/10/2013 at 19:02:15,09 ======================