Zoek.exe v5.0.0.0 Updated 17-February-2015 Tool run by JEAN on di 17/02/2015 at 19:59:07,00. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\JEAN\DOWNLOADS\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-02-13-190109.log 49315 bytes C:\zoek-results2015-02-15-094144.log 763 bytes C:\zoek-results2015-02-16-101630.log 438 bytes C:\zoek-results2015-02-16-132527.log 37251 bytes ==== Empty Folders Check ====================== C:\Program Files\Reimage deleted successfully C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\{BAF091CA-86C4-4627-ADA1-897E2621C1B0} not found "C:\Windows\tasks\DriverToolkit Autorun.job" not found "C:\Windows\tasks\RMSchedule.job" not found C:\Program Files\Cyti Web deleted C:\Program Files\Allin1Convert_8h deleted C:\Users\JEAN\AppData\Local\Allin1Convert_8h deleted C:\Users\JEAN\appdata\locallow\Allin1Convert_8h deleted C:\Program Files\Photo Notifier and Animation Creator deleted C:\Users\JEAN\AppData\Roaming\ProductData deleted C:\Users\JEAN\AppData\Roaming\Registry Mechanic deleted C:\PROGRA~2\ProductData deleted C:\Users\JEAN\AppData\Local\IAC deleted C:\Users\JEAN\Downloads\ReimageRepair.exe deleted C:\Windows\Reimage.ini deleted C:\Users\JEAN\IncrediMailSetup_nl.exe deleted "C:\Windows\tasks\RMAutoUpdate.job" deleted "C:\Program Files\shopperz\csrcc.exe" not deleted "C:\Program Files\shopperz\garrus.dll" not deleted "C:\Program Files\shopperz\grunt.exe" not deleted "C:\Program Files\shopperz\kasumi32.dll" not deleted "C:\Program Files\shopperz\kasumi64.dll" not deleted "C:\Program Files\shopperz\krios.dll" not deleted "C:\Program Files\shopperz\krios64.dll" not deleted "C:\Program Files\shopperz\liara.dll" not deleted "C:\Program Files\shopperz\liara64.dll" not deleted "C:\Program Files\shopperz\mseff32.dll" not deleted "C:\Program Files\shopperz\nseven.exe" not deleted "C:\Program Files\shopperz\prc32.exe" not deleted "C:\Program Files\shopperz\prexec.exe" not deleted "C:\Program Files\shopperz\spdata.dat" not deleted "C:\Program Files\shopperz\tree.js" not deleted "C:\Program Files\shopperz\tsoni.dll" not deleted "C:\Program Files\shopperz\tsoni64.dll" not deleted "C:\Program Files\shopperz\unins000.exe" not deleted "C:\Program Files\shopperz\wrex.exe" not deleted "C:\Program Files\shopperz\wrex64.exe" not deleted "C:\Program Files\shopperz\csrcc.exe" not deleted "C:\Program Files\shopperz\garrus.dll" not deleted "C:\Program Files\shopperz\grunt.exe" not deleted "C:\Program Files\shopperz\kasumi32.dll" not deleted "C:\Program Files\shopperz\kasumi64.dll" not deleted "C:\Program Files\shopperz\krios.dll" not deleted "C:\Program Files\shopperz\krios64.dll" not deleted "C:\Program Files\shopperz\liara.dll" not deleted "C:\Program Files\shopperz\liara64.dll" not deleted "C:\Program Files\shopperz\mseff32.dll" not deleted "C:\Program Files\shopperz\nseven.exe" not deleted "C:\Program Files\shopperz\prc32.exe" not deleted "C:\Program Files\shopperz\prexec.exe" not deleted "C:\Program Files\shopperz\spdata.dat" not deleted "C:\Program Files\shopperz\tree.js" not deleted "C:\Program Files\shopperz\tsoni.dll" not deleted "C:\Program Files\shopperz\tsoni64.dll" not deleted "C:\Program Files\shopperz\unins000.exe" not deleted "C:\Program Files\shopperz\wrex.exe" not deleted "C:\Program Files\shopperz\wrex64.exe" not deleted "C:\PROGRA~2\boost_interprocess\skype_c2c_messaging_mutex" deleted "C:\Users\JEAN\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt" not deleted "C:\Users\JEAN\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt" not deleted "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\sts.js" not deleted "C:\Program Files\shopperz" not deleted "C:\Program Files\shopperz" not deleted "C:\PROGRA~2\boost_interprocess" not deleted "C:\Users\JEAN\AppData\LocalLow\Company" not deleted "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}" not deleted "C:\Users\JEAN\AppData\LocalLow\Company\Product" not deleted "C:\Users\JEAN\AppData\LocalLow\Company\Product\1.0" not deleted "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}" not deleted "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/02/2015 21:04] ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.12 (Possible outdated, latest Stable version: 40.0.2214.111) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ahilkiibpgjnonbhdfkkgjddddmapala - No path found[] dlnembnfbcpjnepmfjmngjenhhajpdfd - No path found[] efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[08/05/2014 14:49] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[02/02/2015 12:58] idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29/11/2012 20:35] jcdgjdiieiljkfkdcloehkohchhpekkn - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[09/04/2012 10:23] ndibdjnfmopecpmkdieinmbadjfpblof - No path found[] niapdbllcanepiiimjjndipklodoedlc - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ahilkiibpgjnonbhdfkkgjddddmapala - No path found[] Avast Online Security - JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki RealDownloader - JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji Skype Click to Call - JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl YouTube - C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo ==== Chromium Startpages ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", ==== Chromium Fix ====================== C:\Users\JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_CLASSES_ROOT\CLSID\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4c2fb10-84c3-44eb-9f9e-860fa1d9a797} deleted successfully HKEY_CLASSES_ROOT\CLSID\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fbcbc43a-dca9-4192-a4c8-b57fd0f77d4d} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3978713732-936569717-2525818349-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{cd1a63ba-a08c-431b-9a34-f240aadc728d} deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\IUSR_NMPR\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\ServiceProfiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low(1406)\Content.IE5 emptied successfully C:\Users\JEAN\Documents\Users\JEAN GELELEENS\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXCG9BEG will be deleted at reboot C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\JEAN\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3042 folders=517 463032743 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\IUSR_NMPR\AppData\Local\Temp emptied successfully C:\Users\JEAN\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JEAN\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files\shopperz\csrcc.exe" not deleted "C:\Program Files\shopperz\garrus.dll" not deleted "C:\Program Files\shopperz\grunt.exe" not deleted "C:\Program Files\shopperz\kasumi32.dll" not deleted "C:\Program Files\shopperz\kasumi64.dll" not deleted "C:\Program Files\shopperz\krios.dll" not deleted "C:\Program Files\shopperz\krios64.dll" not deleted "C:\Program Files\shopperz\liara.dll" not deleted "C:\Program Files\shopperz\liara64.dll" not deleted "C:\Program Files\shopperz\mseff32.dll" not deleted "C:\Program Files\shopperz\nseven.exe" not deleted "C:\Program Files\shopperz\prc32.exe" not deleted "C:\Program Files\shopperz\prexec.exe" not deleted "C:\Program Files\shopperz\spdata.dat" not deleted "C:\Program Files\shopperz\tree.js" not deleted "C:\Program Files\shopperz\tsoni.dll" not deleted "C:\Program Files\shopperz\tsoni64.dll" not deleted "C:\Program Files\shopperz\unins000.exe" not deleted "C:\Program Files\shopperz\wrex.exe" not deleted "C:\Program Files\shopperz\wrex64.exe" not deleted "C:\Program Files\shopperz\csrcc.exe" not deleted "C:\Program Files\shopperz\garrus.dll" not deleted "C:\Program Files\shopperz\grunt.exe" not deleted "C:\Program Files\shopperz\kasumi32.dll" not deleted "C:\Program Files\shopperz\kasumi64.dll" not deleted "C:\Program Files\shopperz\krios.dll" not deleted "C:\Program Files\shopperz\krios64.dll" not deleted "C:\Program Files\shopperz\liara.dll" not deleted "C:\Program Files\shopperz\liara64.dll" not deleted "C:\Program Files\shopperz\mseff32.dll" not deleted "C:\Program Files\shopperz\nseven.exe" not deleted "C:\Program Files\shopperz\prc32.exe" not deleted "C:\Program Files\shopperz\prexec.exe" not deleted "C:\Program Files\shopperz\spdata.dat" not deleted "C:\Program Files\shopperz\tree.js" not deleted "C:\Program Files\shopperz\tsoni.dll" not deleted "C:\Program Files\shopperz\tsoni64.dll" not deleted "C:\Program Files\shopperz\unins000.exe" not deleted "C:\Program Files\shopperz\wrex.exe" not deleted "C:\Program Files\shopperz\wrex64.exe" not deleted "C:\Users\JEAN\AppData\LocalLow\Company\Product\1.0\localStorageIE.txt" not found "C:\Users\JEAN\AppData\LocalLow\Company\Product\1.0\localStorageIE_backup.txt" not found "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}\{FBC0652C-7B29-4FB6-8ADA-91F54B267AD4}\1.5\sts.js" not deleted "C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Program Files\shopperz" not deleted "C:\Program Files\shopperz" not deleted "C:\PROGRA~2\boost_interprocess" not deleted "C:\Users\JEAN\AppData\LocalLow\Company" not found "C:\Users\JEAN\AppData\LocalLow\{D2020D47-707D-4E26-B4D9-739C4F4C2E9A}" not deleted "C:\Users\JEAN\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\DXCG9BEG" not found ==== EOF on di 17/02/2015 at 22:23:52,76 ======================