Zoek.exe v5.0.0.0 Updated 03-August-2014 Tool run by Gebruiker on di 05/08/2014 at 13:48:12,14. Microsoft Windows XP Home Edition 5.1.2600 Service Pack 3 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Documents and Settings\Gebruiker\Bureaublad\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 5/08/2014 13:50:35 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\Amazon deleted successfully C:\Program Files\Fotoservice deleted successfully C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\trend micro deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\Freemake deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\Metacafe deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\WinZipEC deleted successfully C:\DOCUME~1\ALLUSE~1\APPLIC~1\ZoomBrowser deleted successfully C:\Documents and Settings\Gebruiker\Application Data\AdobeUM deleted successfully C:\Documents and Settings\Gebruiker\Application Data\Download Manager deleted successfully C:\Documents and Settings\Gebruiker\Application Data\Lavasoft deleted successfully C:\Documents and Settings\Gebruiker\Application Data\ZoomBrowser EX deleted successfully C:\Documents and Settings\LocalService\Local Settings\Application Data\Google deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1177238915-515967899-682003330-1004\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully HKEY_USERS\S-1-5-21-1177238915-515967899-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-1177238915-515967899-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{8FF5E180-ABDE-46EB-B09E-D2AAB95CABE3} deleted successfully HKEY_USERS\S-1-5-21-1177238915-515967899-682003330-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\jqs@sun.com deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\ComPlus Applications deleted C:\Program Files\MyFree Codec deleted C:\setup_Pixum_EasyBook.exe deleted C:\setup_Pixum_Fotoboek.exe deleted C:\shggx.exe deleted C:\shoo.exe deleted C:\shsssxx.exe deleted C:\xpggx.exe deleted C:\xpoo.exe deleted C:\xpSqlserver.exe deleted C:\xpsssxx.exe deleted C:\zyggx.exe deleted C:\zysssxx.exe deleted C:\Documents and Settings\All Users\Menu Start\Programma's\MyFree Codec deleted C:\WINDOWS\002788_.tmp deleted C:\WINDOWS\SET21.tmp deleted C:\WINDOWS\SET3.tmp deleted C:\WINDOWS\SET4.tmp deleted C:\WINDOWS\SET8.tmp deleted C:\WINDOWS\System32\SET2E.tmp deleted C:\WINDOWS\System32\SET2F.tmp deleted C:\WINDOWS\System32\SET30.tmp deleted C:\WINDOWS\System32\SET31.tmp deleted C:\WINDOWS\System32\SET32.tmp deleted C:\WINDOWS\System32\SET68.tmp deleted C:\WINDOWS\System32\SET69.tmp deleted C:\WINDOWS\System32\SET6B.tmp deleted C:\WINDOWS\System32\SET70.tmp deleted C:\WINDOWS\System32\SET77.tmp deleted C:\WINDOWS\System32\SETBF.tmp deleted C:\Documents and Settings\dub_cm_auto\Application Data\NPE.exe deleted "C:\WINDOWS\system32\xpSqlserver.exe" deleted "C:\WINDOWS\system32\xpggx.exe" deleted "C:\WINDOWS\system32\shsssxx.exe" deleted "C:\WINDOWS\system32\xpsssxx.exe" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\system32 ===== ====== C:\WINDOWS\system32\drivers ===== 2014-08-01 13:12:30 2742DAAD8885C3FF6CF52169B06B61AF 47960 ----a-r- C:\WINDOWS\System32\drivers\SymIM.sys ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Documents and Settings\Gebruiker\Application Data ====== 2014-07-29 23:12:59 25EFBCDFEAA13AF07DF3FA3DC3ABD426 784344 ----a-w- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat ====== C:\Documents and Settings\Gebruiker ====== 2014-08-05 10:01:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe 2014-08-01 13:50:22 -------- d--h--r- C:\Documents and Settings\Gebruiker\Onlangs geopend ====== C: exe-files == 2014-08-05 10:01:43 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Documents and Settings\Gebruiker\Bureaublad\RSIT.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_USERS\S-1-5-21-1177238915-515967899-682003330-1004\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_0_9 -reboot 1" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\CTFMON.EXE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" "QuickTime Task"="C:\Program Files\QuickTime\qttask.exe -atboottime" "AppleSyncNotifier"="C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" "beidsccertprop"="C:\Program Files\Belgium Identity Card\BeID Certprop\beidsccertprop.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" "MSMSGS"="C:\Program Files\Messenger\msmsgs.exe /background" "NBJ"="C:\Program Files\Ahead\Nero BackItUp\NBJ.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "updateMgr"="C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcStd7_0_9 -reboot 1" @="C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe" ==== Startup Folders ====================== 2014-05-14 19:07:27 951 ----a-w- C:\Documents and Settings\Gebruiker\Menu Start\Programma's\Opstarten\OneNote 2007 Schermopname en Snel starten.lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\AppleSoftwareUpdate.job --a------ C:\Program Files\AppleC:oftware Update\SoftwareUpdate.exe [] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13/07/2010 12:43] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [13/07/2010 12:43] C:\WINDOWS\tasks\HPpromotions journeysoftware.job --a------ C:\Program Files\hp\digital imaging\bin\hp promotions\journeysoftware\HPpromo.exe [22/04/2005 17:36] C:\WINDOWS\tasks\Microsoft Windows XP - aanmelding voor kennisgeving over einde van service.job --a------ C:\WINDOWS\system32\xp_eos.exe [27/02/2014 01:28] C:\WINDOWS\tasks\Microsoft Windows XP - maandelijkse kennisgeving over einde van service.job --a------ [Undetermined Task] C:\WINDOWS\tasks\NUSchedule.job --a------ [Undetermined Task] C:\WINDOWS\tasks\OGADaily.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 18:04] C:\WINDOWS\tasks\OGALogon.job --a------ C:\WINDOWS\system32\OGAVerify.exe [31/12/2008 18:04] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [01/07/2014 18:03] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions jbolfgndggfhhpbnkgnpjkfhinclbigj - No path found[] mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files\Norton 360 Premier Edition\Engine\21.4.0.13\Exts\Chrome.crx[26/06/2014 12:22] Norton Identity Protection - Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk ==== Chromium Startpages ====================== C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "startup_urls": [ "http://salco.smartschool.be/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?linkid=69157" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com/ie" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?linkid=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://search.live.com/results.aspx?q={searchTerms}&src=IE-SearchBox&Form=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADBS_nl" {88E5F4B0-FF06-43B4-8CAA-5C8853CA7898} Google Url="http://www.google.co.uk/search?hl=en&q={searchTerms}&meta=" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj deleted successfully ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Gebruiker\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=54 folders=7 33532453 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\Gebruiker\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\LocalService\Local Settings\Temp will be emptied at reboot C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\GEBRUI~1\LOCALS~1\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\RECYCLER successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Gebruiker\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Documents and Settings\LocalService\Local Settings\Temp\Cookies" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\History" not found "C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files" not found ==== EOF on di 05/08/2014 at 14:23:28,28 ======================