Zoek.exe v5.0.0.0 Updated 28-12-2014 Tool run by Eigenaar on ma 29-12-2014 at 22:30:23,67. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-12-29-174620.log 80745 bytes ==== Empty Folders Check ====================== C:\Users\Eigenaar\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1B12D0C2-25E2-41D6-8D6D-437FEBAE4012} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{260DAF0B-A2B5-4ED7-BF44-6972CEAF7A8} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2A2E2B94-6E3F-42E0-9472-68F6E21A68CA} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2C81FB9E-4FFC-417F-A1D7-A6F09C453538} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2CC6095B-5884-489F-BA42-E84F912298CB} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32037CE3-9853-4E78-9C1-F6AF342A56A2} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{331A3DB9-5B93-4656-B1FB-A5FE72FC1B5C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3523BEA9-31C8-4B0D-9FDD-A463432E5DB1} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{36D138C6-666C-4736-8D57-56687A2AF77A} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{38E13C95-5B0B-49C3-A746-5ED2B363F1D7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C1334D1-DEFD-4C43-B0C0-65E59C4142DC} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D23B973-6A59-4E50-8421-54A18B568386} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4217DF13-AEC-4282-A044-733B2CB99BAD} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42FEFF3E-784A-45E8-8FC0-FCCD1C53EB62} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{45A736E9-5BC3-4E85-826D-508AD41ADFA8} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{48B77408-1F6B-473E-B7A4-5A8DD87E591C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4ADF0886-26E0-4AAD-9E6B-225DDB5FAA45} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{504785d1-dcf6-4da2-997f-d04da3ccf816} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FC89B88-7F29-401B-A5B1-B9681E705051} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FC9704F-6931-403C-A925-1DD47ED7655C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{639BC2B7-3F80-40A1-ADBE-B7BAAFCCBD4} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CACD2E-4401-4CB8-9C25-DF7453B847AA} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{781CC73B-4334-4AC2-B559-4A68D90BFE5} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7998fdeb-b4ef-4951-b56f-48fca66f18d8} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A7FBC49-D6E0-4C31-B1B3-C958561C84F} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8CD0A31D-2F06-491E-8572-3A40C549D7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8E814824-7373-4CE3-A2A-507B798F81B3} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{919037A1-8270-43AF-8716-590B6CE9998} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AA21FC4-8C56-4E2B-A1AC-EDD4FEE1AE2} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9DA7F861-AE1C-4116-934D-C98298BCF5FA} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A30DDB25-498F-4852-BB85-E98C7737C42} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a48fa9bd-573e-4376-9746-74cded3a6790} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A680BEBC-52D-4BBB-8D4E-D1E5B075756} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AC46D38E-B8E9-40BA-B1D4-EA7DEF19D3F5} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AFE6AB1A-BD43-4F89-848A-642535F7B497} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B109B8-DE7B-4A6B-899C-A65767FEFA94} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B669AE65-1D76-4428-9F21-E9F78107D3B} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B67C5C8F-E642-4829-82F4-B397F869A64C} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BB03C434-A445-491D-BF13-3B474DC4CC7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C37E61BF-8840-4527-B4BB-4291979ACCC0} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5BFF6A8-99F6-45AB-9BEF-301DAC17125D} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d7d02c71-803f-4828-8827-a98069bad1cd} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D855A756-3EAD-4256-92B0-A9A6653799F} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc5c9b23-4040-428a-82a7-351b10d040d7} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E2FDED5D-9582-4691-A74B-9C626E75C9AF} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E307F8A5-760B-4180-B3E2-9D52A163DE2} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3873431-E80C-4DFB-8AB9-D0A3268B543F} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e4320215-07af-4ba4-a7fe-8980d0c011fb} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E64D5C98-6C70-4100-ADDB-48F3E7F6EC99} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69B1479-8E80-40E6-AE59-8FD042AD93B9} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E828CCE5-7441-46D8-AF2A-4DD2B575FA40} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA6EAE23-7B7F-4AC5-A757-1714DCCDA294} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E5E902-20D0-40E9-83E-89128676ECB} deleted successfully HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FDB594CD-637A-4642-A665-9F211F42BAF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{504785d1-dcf6-4da2-997f-d04da3ccf816} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7998fdeb-b4ef-4951-b56f-48fca66f18d8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{a48fa9bd-573e-4376-9746-74cded3a6790} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d7d02c71-803f-4828-8827-a98069bad1cd} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{dc5c9b23-4040-428a-82a7-351b10d040d7} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e4320215-07af-4ba4-a7fe-8980d0c011fb} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default user.js not found ---- Lines Hold Page removed from prefs.js ---- user_pref("extensions.Hold Page.asul", "1419875351063"); user_pref("extensions.Hold Page.aul", "1419875355191"); user_pref("extensions.Hold Page.irl", true); user_pref("extensions.Hold Page.is", "isgiwhNL"); user_pref("extensions.Hold Page.ug", "bd0b7230-19ee-4c01-a328-b902b8d4ce6f"); ---- FireFox user.js and prefs.js backups ---- prefs_29-12-2014_2241_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\S-1-5-21-1955624486-2683126943-2584034339-1000\Software\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"=- "Optimizer Pro"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "YTDownloader"=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "PCSpeedUp"=- "Optimizer Pro"=- [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files\Hold Page not found C:\Program Files\iWebar not found C:\Program Files\YTDownloader not found C:\Program Files\Optimizer Pro 3.16 not found C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default\{c88279d3-91dd-4bd9-ad38-681f71d6e36d} not found C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default\extensions\{746505DC-0E21-4667-97F8-72EA6BCF5EEF} not found C:\Users\Eigenaar\AppData\Roaming\1H1Q1V1N1N1S1R deleted C:\ProgramData\{9149798A-C1CB-A80C-704D-D88EA0CF0B00} deleted C:\Windows\system32\tasks\upfs7235 deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default\extensions\staged deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default - Undetermined - {c88279d3-91dd-4bd9-ad38-681f71d6e36d} - Hold Page 1.0.1 - %ProfilePath%\extensions\{c88279d3-91dd-4bd9-ad38-681f71d6e36d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\t7bgy9ph.default E7006BB5611298DBDD03FE3519C19AC2 - C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U25 238F239EAEFF7E3E782913D599084E18 - C:\Program Files\Java\jre1.8.0_25\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.250.18 D2377C9458EFEB094E38B8C874AA214C - C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll - Google Update 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In 260488E2BC07C276D1EDD54CCA086809 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaahlfahldnilidgnlikdckbfehhca - No path found[] oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions oilkkkefbalmbfppgjmgjoefbclebkce - No path found[] Search Extension by Ask v3 - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaahlfahldnilidgnlikdckbfehhca ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\t7bgy9ph.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=858 folders=255 153723631 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 29-12-2014 at 23:40:40,00 ======================