Zoek.exe v5.0.0.0 Updated 22-March-2015 Tool run by m8 on ma 23/03/2015 at 21:13:26,12. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\m8\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 23/03/2015 21:13:59 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\ASRock Utility deleted successfully C:\Program Files\Avira deleted successfully C:\Program Files\Foxy Games deleted successfully C:\Program Files\SlimDrivers deleted successfully C:\Program Files\Common Files\Apple deleted successfully C:\PROGRA~2\Ableton deleted successfully C:\PROGRA~2\Canon IJ Network Tool deleted successfully C:\PROGRA~2\WinZip deleted successfully C:\Users\m8\AppData\Local\CrashDumps deleted successfully C:\Users\m8\AppData\Local\DriverToolkit deleted successfully C:\Users\m8\AppData\Local\Unity deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32E04C38-DE7B-4C98-A025-266D207328} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3DBBADD0-8FF5-43DC-8F26-FA86A1EABA} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5CFE470E-1993-4EE4-8A38-6857105D3DAC} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{71474397-4C7E-4220-8A1-B9CCA0134F4D} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84214DAE-6CFD-43F9-9E77-53EC8CE93122} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BDF20DEC-143B-42C3-A499-80D74C4F8984} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DB164329-39D4-43BA-997D-7A10C3F6407F} deleted successfully HKEY_USERS\S-1-5-21-4246564931-2995351235-441353944-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB8CA7CB-184-4F64-9AFE-6D7A146A9E83} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\m8\AppData\Roaming\Mozilla\Firefox\Profiles\v79bjqv7.default user.js not found ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- prefs_20152303_2130_.backup ==== Deleting Files \ Folders ====================== C:\Program Files\ASRock Utility not found C:\Program Files\Avira not found C:\Program Files\Foxy Games not found C:\Program Files\SlimDrivers not found C:\Program Files\Gardens Inc 3 - A Bridal Pursuit CE deleted C:\Users\m8\AppData\Roaming\AlawarEntertainment deleted C:\PROGRA~2\AlawarWrapper deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\Package Cache deleted C:\Users\m8\AppData\Local\globalUpdate deleted C:\Users\Public\Documents\ShopperPro deleted C:\Windows\system32\tasks\YTDownloader deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Users\m8\AppData\Roaming\Mozilla\Firefox\Profiles\v79bjqv7.default\jetpack deleted "C:\Windows\System32\WPRO_41_2001woem.tmp" deleted "C:\Windows\System32\WPRO_41_2001woem.tmp" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\m8\AppData\Roaming\Mozilla\Firefox\Profiles\v79bjqv7.default user_pref("browser.startup.homepage", "www.google.be"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\m8\AppData\Roaming\Mozilla\Firefox\Profiles\v79bjqv7.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\m8\AppData\Roaming\Mozilla\Firefox\Profiles\v79bjqv7.default 0806948270D853B709CCBBF38AF167E4 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9DF0C4F0CEF60158614EDD1B3AB441EE - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin F0E80E561C3F715DB01ACCC97B72463A - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Photo Gallery 893BF7D2261C56C24F813405D9D018E0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 D7492728A4C06EC99B10F8219B1F31F5 - C:\Program Files\Java\jre1.8.0_40\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U40 F47B4F0D0DF0C28759B60CF0B0090A11 - C:\Program Files\Java\jre1.8.0_40\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.400.25 77887617FA24E755A5A431E3E28E25E1 - C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll - Shockwave for Director / Shockwave for Director D2B5242013356AF422A42B9FAA4056C2 - C:\Users\m8\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin F0F5F4BF2305E593E438C76DA61C8A9F - C:\Users\m8\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 2E2238EBD0269E9143B0A9CE916E47FD - C:\Users\m8\AppData\Local\Hola\firefox\app\vlc\npvlc.dll - Hola VLC Web Plugin 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash 8DA2ED6B04EA33F2EAE8BA883F903729 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\m8\AppData\Local\Google\Chrome deleted ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Users\m8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\m8\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\m8\AppData\Local\Mozilla\Firefox\Profiles\v79bjqv7.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=207 folders=55 1701344611 bytes) ==== Empty Temp Folders ====================== C:\Users\Classic .NET AppPool\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\DefaultAppPool\AppData\Local\temp emptied successfully C:\Users\m8\AppData\Local\temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\CLASSI~1.NET\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\m8\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\System32\WPRO_41_2001woem.tmpsearch" not found "C:\Windows\System32\WPRO_41_2001woem.tmpsearch" not found ==== EOF on ma 23/03/2015 at 21:34:29,55 ======================