Zoek.exe v5.0.0.0 Updated 30-06-2014 Tool run by user on do 03-07-2014 at 0:32:06,06. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user\Downloads\zoek (5).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results20-08-2013-2347.log 83500 bytes C:\zoek-results2013-08-20-221737.log 30780 bytes C:\zoek-results2014-07-02-005421.log 18554 bytes C:\zoek-results25-03-2013-1602.log 2899 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 13 ActiveX Adobe Flash Player 13 Plugin Adobe Reader XI (11.0.07) - Nederlands Ask Toolbar avast Free Antivirus AVG SafeGuard toolbar BlueStacks App Player BlueStacks Notification Center CyberLink YouCam 5 Facebook Video Calling 2.0.0.447 Free YouTube to MP3 Converter version 3.11.32.918 Google Chrome Google Earth Google Toolbar for Internet Explorer Google Update Helper HiJackThis HitmanPro 3.7 Internet Mobile Linkey McAfee Security Scan Plus Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared 64-bit MUI (English) 2007 Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mobile Connection Manager Mozilla Firefox 29.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT PC Speed Maximizer v3.1 phpnuke toolbar PricePeep Realtek Ethernet Controller Driver Search-Results Toolbar Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition Settings Manager Softonic for Windows Speccy Tiny Download Manager (remove only) Torntv 2 Tuvaro toolbar Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) VLC media player 2.0.5 Windows Live - Hulpprogramma voor uploaden Windows Live aanmeldhulp Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_03-07-2014_0050_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_03-07-2014_0050_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_03-07-2014_0050_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\x2r8zr9s.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_03-07-2014_0050_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default ---- Lines {e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So ---- Lines pricepeep@getpricepeep.com.xpi modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So ---- Lines PricePeep modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST So ---- Lines search.net removed from prefs.js ---- user_pref("browser.search.defaultenginename", "default-search.net"); user_pref("browser.search.order.1", "default-search.net"); user_pref("browser.search.selectedEngine", "default-search.net"); user_pref("browser.startup.homepage", "http://www.default-search.net?sid=476&aid=135&itype=n&ver=12349&tm=329&src=hmp"); user_pref("keyword.URL", "http://www.default-search.net/search?sid=476&aid=135&itype=a&ver=12521&tm=329&src=ds&p="); ---- FireFox user.js and prefs.js backups ---- user_03-07-2014_0050_.backup user_20-08-2013_2324_.backup user_25-03-2013_0047_.backup prefs_03-07-2014_0050_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"=- ==== Deleting Files \ Folders ====================== "C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" not found C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\default-search.xml deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml deleted C:\PROGRA~2\AVG SafeGuard toolbar deleted C:\Users\user\AppData\Roaming\PC Speed Maximizer deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\DealPly deleted C:\PROGRA~3\AVG SafeGuard toolbar deleted C:\Users\user\AppData\Local\AVG SafeGuard toolbar deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\user\Searches deleted C:\Users\user\Downloads\SoftonicDownloader_voor_windowsandroid (1).exe deleted C:\Users\user\Downloads\SoftonicDownloader_voor_windowsandroid.exe deleted C:\Users\Gast\AppData\LocalLow\phpnuke deleted C:\Users\user\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG SafeGuard toolbar deleted C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\bingp.xml deleted C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\default-search.xml deleted C:\Users\user\Desktop\CyberLink_YouCam_Downloader[1].exe deleted C:\Users\user\Desktop\PC Speed Maximizer.lnk deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\pricepeep@getpricepeep.com.xpi" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\pricepeep@getpricepeep.com.xpi" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\pricepeep@getpricepeep.com.xpi" deleted "C:\Users\user\AppData\Roaming\phpnuke\sqlite3.dll" deleted "C:\Users\user\AppData\Roaming\phpnuke" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [25-07-2013 16:54] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default A58DE0A570148AF5FF3512B2A340D09F - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll - Shockwave Flash FF0D6F82A0EC13952E83B9439100E45D - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\user\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[31-01-2013 03:22] Google Docs - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Gmail - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia MSS+ Extension - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh Adblock for Youtube - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Allin1Convert - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcncagkkhfoombgbihckkccmkjemhohl PricePeep - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb DvdVideoSoft Free Youtube Download - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Google Wallet - user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chrome Fix ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_staticf.dealply.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\licjnkifamhpbaefhdpacpmihicfbomb deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_licjnkifamhpbaefhdpacpmihicfbomb_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.default-search.net?sid=476&aid=135&itype=n&ver=12349&tm=329&src=hmp" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google\Chrome\ExtensionInstallForcelist deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Torntv 2 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PC Speed Maximizer_is1 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eu7oqqak.default\Cache emptied successfully C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\iysuyrxl.default\Cache emptied successfully C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\uaonk95b.default\Cache emptied successfully C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\x2r8zr9s.default\Cache emptied successfully C:\Users\user\AppData\Local\Mozilla\Firefox\Profiles\7onkgtuy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=600 folders=180 45525059 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\user\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 03-07-2014 at 1:04:31,62 ======================