Zoek.exe v5.0.0.0 Updated 08-December-2014 Tool run by Mariska on di 09-12-2014 at 21:40:29,89. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Mariska\Downloads\zoek (1).exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 9-12-2014 21:41:43 Zoek.exe System Restore Point Created Succesfully. ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Empty Folders Check ====================== C:\PROGRA~2\AGEIA Technologies deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\GUT10BB.tmp deleted C:\PROGRA~2\GUM10BA.tmp deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Mariska\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted C:\windows\SysNative\tasks\RocketTab deleted C:\windows\SysNative\tasks\RocketTab Update Task deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Public\Desktop\eBay.lnk deleted "C:\Windows\Installer\1f7dc.msi" deleted "C:\Program Files (x86)\RocketTab\Client.exe" deleted "C:\PROGRA~2\RocketTab\Client.exe" deleted "C:\Program Files (x86)\RocketTab" deleted "C:\PROGRA~2\RocketTab" deleted ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-07-03 14:18:47 -------- d-----w- C:\PROGRA~3\ToshibaEurope 2014-08-07 11:55:21 -------- d-----w- C:\PROGRA~3\Microsoft SkyDrive 2014-08-07 13:50:42 -------- d-----w- C:\PROGRA~3\Apple 2014-08-07 13:53:11 -------- d-----w- C:\PROGRA~3\Apple Computer 2014-08-11 12:15:14 -------- d-----w- C:\PROGRA~3\AVAST Software 2014-08-11 12:18:52 -------- d-----w- C:\PROGRA~3\Google 2014-09-12 10:03:06 -------- d-----w- C:\PROGRA~3\Microsoft Toolkit 2014-09-12 10:19:52 -------- d-----w- C:\PROGRA~3\Microsoft Help 2014-09-22 13:39:13 -------- d-----w- C:\PROGRA~3\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-10-20 12:03:10 -------- d-----w- C:\PROGRA~3\E1864A66-75E3-486a-BD95-D1B7D99A84A7 ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [09-12-2014 13:55] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[09-12-2014 13:55] Avast Online Security - dinge_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Avast Online Security - Mariska\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki ==== Chromium Fix ====================== C:\Users\Mariska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage deleted successfully C:\Users\Mariska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage-journal deleted successfully C:\Users\Mariska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Mariska\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{C43590D0-00BC-4619-BE7F-82E21B7AB7D7}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {C43590D0-00BC-4619-BE7F-82E21B7AB7D7} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2053695585-897894286-4116379823-1002\Software\Microsoft\Internet Explorer\SearchScopes\{C43590D0-00BC-4619-BE7F-82E21B7AB7D7} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:49455;https=127.0.0.1:49455" "ProxyOverride"="<-loopback>" "ProxyEnable"=dword:00000001 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\RocketTab deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FF07604E-C860-40E9-A230-E37FA41F103A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\E40670FF068C9E042A033EF74AF101A3 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\dinge_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\dinge_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Mariska\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Mariska\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\dinge_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\dinge_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Mariska\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Mariska\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\dinge_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Mariska\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=118 folders=21 48003563 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\dinge_000\AppData\Local\Temp emptied successfully C:\Users\Mariska\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Mariska\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 09-12-2014 at 21:53:02,65 ======================