Zoek.exe v5.0.0.0 Updated 28-06-2014 Tool run by Harry on zo 29-06-2014 at 10:09:31,40. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Harry\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 29-6-2014 10:11:17 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Adobe deleted successfully C:\PROGRA~3\Avid deleted successfully C:\PROGRA~3\Canon IJ Network Tool deleted successfully C:\PROGRA~3\CanonEPP deleted successfully C:\PROGRA~3\CanonIJEPPEX2 deleted successfully C:\PROGRA~3\com.aspexsoftware.Silhouette_Studio.license deleted successfully C:\PROGRA~3\ioloGovernor deleted successfully C:\Users\Harry\AppData\Local\Adobe deleted successfully C:\Users\Harry\AppData\Local\CrashDumps deleted successfully C:\Users\Harry\AppData\Local\kpn deleted successfully C:\Users\Harry\AppData\Local\PDFC deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3179191620-1565394956-564863355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully HKEY_USERS\S-1-5-21-3179191620-1565394956-564863355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully HKEY_USERS\S-1-5-21-3179191620-1565394956-564863355-1000\Software\Microsoft\Internet Explorer\SearchScopes\{FEBBB3D0-0E3C-46E0-A22D-8C30532D2F13} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~3\com.aspexsoftware.Silhouette_Studio.license not found C:\Users\Harry\AppData\Roaming\Dealply deleted C:\PROGRA~2\DealPly deleted C:\PROGRA~2\DealPlyLive deleted C:\Users\Harry\AppData\Roaming\Thinstall deleted C:\PROGRA~3\DealPlyLive deleted C:\PROGRA~3\Package Cache deleted C:\Users\Harry\AppData\Local\Thinstall deleted C:\Users\Harry\AppData\Local\DealPlyLive deleted C:\Windows\Tasks\Dealply.job deleted C:\windows\SysNative\Tasks\Dealply deleted C:\Users\Harry\Searches deleted C:\Windows\SysNative\config\systemprofile\Searches deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Harry\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-06-27 15:58:10 80621A595D8AC5A16BC0E91750301BC1 366592 ----a-w- C:\Windows\SysWOW64\CNMNPPM.DLL ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-06-27 16:12:51 6473F886644E5159F2D808A64ED11455 119296 ----a-w- C:\Windows\Sysnative\CNC_AZI.dll 2014-06-27 16:12:50 E2306DCA0A9525BDE21FC522E66167A3 367616 ----a-w- C:\Windows\Sysnative\CNC_AZC.dll 2014-06-27 16:12:50 B9184D868A44D5E09EC5804BB3C196E4 487424 ----a-w- C:\Windows\Sysnative\CNC_AZL.dll 2014-06-27 16:12:50 493574E218AA18161D14EECFD572A0E8 17920 ----a-w- C:\Windows\Sysnative\CNHMCA6.dll 2014-06-27 16:12:50 16486C561E45C8A50E01114A2118DE74 70656 ----a-w- C:\Windows\Sysnative\CNC175ED.TBL 2014-06-27 16:12:32 93B9E4D0B7BD601372C5B50FE0381533 385024 ----a-w- C:\Windows\Sysnative\CNMLMAZ.DLL 2014-06-27 15:58:10 E7F344507DE8FB326D1089FF6C207C5F 39424 ----a-w- C:\Windows\Sysnative\CNMN6UI.DLL 2014-06-27 15:58:10 225399AEA05354FFC1AC4B41711ADD13 359936 ----a-w- C:\Windows\Sysnative\CNMN6PPM.DLL 2014-06-27 15:52:17 93B9E4D0B7BD601372C5B50FE0381533 385024 ----a-w- C:\Windows\Sysnative\CNMLMAN.DLL 2014-06-27 15:52:11 24BE25375BA0BE82D0DAEE66F5777792 302080 ----a-w- C:\Windows\Sysnative\CNCALAN.DLL 2014-06-27 15:52:08 DD7FC01ACC0C7954F6F0EF517F9B9AFC 248320 ----a-w- C:\Windows\Sysnative\CNMIUAN.DLL ====== C:\Windows\Sysnative\drivers ===== 2014-06-12 12:09:07 17F685B67C74B8F7BFED4308790B71DE 288192 ----a-w- C:\Windows\Sysnative\drivers\FWPKCLNT.SYS 2014-06-12 12:09:07 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E 1903552 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys ====== C:\Windows\Tasks ====== 2014-06-17 14:54:39 ECA038A940E1EDE2D348E72D3115DCBC 332 ----a-w- C:\Windows\Tasks\HPCeeScheduleForHarry.job 2014-06-17 14:54:39 5796CE16560AA3CAE1A70A56AFA5AA92 3186 ----a-w- C:\Windows\Sysnative\Tasks\HPCeeScheduleForHarry ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-12 17:35:24 -------- d-----w- C:\Program Files\trend micro 2014-06-06 07:05:24 -------- d-----w- C:\Program Files\Speccy ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Harry\AppData\Roaming ====== ====== C:\Users\Harry ====== 2014-06-27 16:28:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX890 series 2014-06-27 16:10:18 4C9B7C07E60BEC54D040697C6D63AC8E 30346824 ----a-w- C:\Users\Harry\Downloads\mp68-win-mx890-1_02-ea24.exe 2014-06-27 15:58:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MX880 series ====== C: exe-files == 2014-06-27 16:26:42 C1DDF24C40BA13D1015890431A9D7B5F 468112 ----a-w- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 2014-06-27 16:26:42 09106822B056876C9833CCB7FA39EA0F 423080 ---ha-w- C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSU.exe 2014-06-27 16:12:53 3986EDAFCE4EA28720C3555678103FEC 55472 ------w- C:\Program Files\CanonBJ\IJPrinter\Canon MX890 series\IJDIA6.exe 2014-06-27 16:10:18 4C9B7C07E60BEC54D040697C6D63AC8E 30346824 ----a-w- C:\Users\Harry\Downloads\mp68-win-mx890-1_02-ea24.exe 2014-06-27 15:56:47 E825D6D53DD692C27B0DD3D1C8764640 1177905 ----a-w- C:\Program Files (x86)\DriverTuner\unins000.exe 2014-06-27 15:52:51 C4D09EFE78355FC346E8A9D62081800C 55984 ------w- C:\Program Files\CanonBJ\IJPrinter\Canon MX880 series\IJDIA6.exe 2014-06-27 15:52:51 783ED3A9B8634FFE4A364110541329D8 728224 ----a-w- C:\Windows\System32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX880_series\DELDRV64.exe 2014-06-27 15:52:21 DB546B775518C6A139EC764663D56220 60528 ----a-w- C:\Windows\System32\spool\drivers\x64\3\CNMVSAN.EXE 2014-06-27 15:52:19 8C8C3783C944827700E8CC5758E27499 20592 ----a-w- C:\Windows\System32\spool\drivers\x64\3\CNMSEAN.EXE 2014-06-26 07:02:28 5E55DC4718756E35E7E83AD01D18B16E 122584 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\HPSAObjUtilDT.exe 2014-06-26 06:56:43 AC6998D92A311E7CF0B4DAEC3566F444 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateBroker.exe 2014-06-26 06:56:43 956672375AF066D958E4D07F5ABAFC1A 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe 2014-06-26 06:56:43 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateSetup.exe 2014-06-26 06:56:41 AA0E4F73727BFC8BA404884B1C1DB719 285064 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe 2014-06-26 06:56:41 80E350E0AA963B2125896B13E60A4D68 114568 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdateComRegisterShell64.exe 2014-06-26 06:56:41 397D14958D6C9C2B365469A857B2AC4E 230792 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe 2014-06-26 06:56:40 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleUpdate.exe 2014-06-26 06:56:36 901AC7A94B75648F4084A37640473271 895120 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.24.15\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3179191620-1565394956-564863355-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DymoQuickPrint"="C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe /startup" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Software Update"="c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe" "LaunchHPOSIAPP"="C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\LaunchApp.exe" "PDF Complete"="C:\Program Files (x86)\PDF Complete\pdfsty.exe" "AVG_TRAY"="C:\Program Files (x86)\AVG\AVG10\avgtray.exe" "CanonSolutionMenuEx"="C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon" "NBAgent"="C:\Program Files (x86)\Nero\Nero 11\Nero BackItUp\NBAgent.exe /WinStart" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "KPN Assistent"="C:\Program Files (x86)\KPN\KPN Assistent\KPN Assistent\KPN_Assistent.exe /auto" "TrayServer"="C:\PROGRA~2\MAGIX\FILM_O~1\TrayServer.exe" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "HP Remote Solution"="%ProgramFiles%\Hewlett-Packard\HP Remote Solution\HP_Remote_Solution.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "DymoQuickPrint"="C:\Program Files (x86)\DYMO\DYMO Label Software\DymoQuickPrint.exe /startup" "HydraVisionDesktopManager"="C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe" "ISUSPM"="C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [14-05-2014 09:08] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-04-2013 13:11] C:\Windows\tasks\HPCeeScheduleForHarry.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForHarry" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP Keyboard\ModLEDKey.exe"] "C:\Windows\SysNative\tasks\iolo Process Governor" [C:\Program Files (x86)\iolo\System Mechanic\iologovernor64.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F2772B41-B746-4C9A-8ADD-49247E9B92F5}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{1E73965B-8B48-48be-9C8D-68B920ABC1C4}"="C:\Program Files (x86)\AVG\AVG10\Firefox4" [10-04-2013 11:17] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jmfkcklnlgedgbglfkkgedjfmejoahla - C:\Program Files (x86)\AVG\AVG10\Chrome\safesearch.crx[09-09-2011 04:11] mphpbdjcljebbcnfopfngmfdackbbdgf - No path found[] Google Docs - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf AVG Safe Search - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Google Wallet - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Harry\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.kpnvandaag.nl/#Overzicht" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.kpnvandaag.nl/#Overzicht" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=HPDTDF&pc=HPDTDF&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mphpbdjcljebbcnfopfngmfdackbbdgf deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Harry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Harry\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Harry\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=35 folders=41 22719997 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Harry\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Harry\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 29-06-2014 at 10:29:07,23 ======================