Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by hfm on di 12-05-2015 at 22:40:57,61. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hfm\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 12-5-2015 22:57:08 Zoek.exe System Restore Point Created Successfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\hfm\AppData\Roaming\ProductData deleted C:\PROGRA~3\ProductData deleted C:\PROGRA~3\Package Cache deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\hfm\AppData\Roaming\Mozilla\Firefox\Profiles\3dszcye3.default 9AE02005247DA91AB1743F5208DBEF76 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.135 Google Slides - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Bookmark Manager - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik Google Wallet - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - hfm\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Wallet - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://dub110.mail.live.com/?fid=flXPJhd3UCv0mI3zUqHrFQlg2" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7PRFF_nlNL608" {8C8BDECA-373C-43B4-B852-B148C64FFFF7} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\hfm\Desktop\OpenOffice 4.1.1.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\Users\hfm\Desktop\Samsung Easy Document Creator (2).lnk - C:\Program Files (x86)\Samsung\Easy Document Creator\EDC.exe C:\Users\hfm\Desktop\Samsung SCX-3400 Series - Snelkoppeling.lnk - C:\Users\hfm\Desktop\Watchtower Library 2014 - Nederlands.lnk - C:\Program Files (x86)\Watchtower\Watchtower Library 2014\O\WTLibrary.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Acer Backup Manager.lnk - C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManager.exe C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe C:\Users\Public\Desktop\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\express.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Public\Desktop\Help and Support.lnk - C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Public\Desktop\Skype.lnk - C:\WINDOWS\Installer\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}\SkypeIcon.exe C:\Users\Public\Desktop\Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe startmenu C:\Users\Public\Desktop\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Users Start Menu ====================== C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Realtek HD Audio configuratie.lnk - C:\Program Files (x86)\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Base.lnk - C:\Program Files (x86)\OpenOffice 4\program\sbase.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Calc.lnk - C:\Program Files (x86)\OpenOffice 4\program\scalc.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Draw.lnk - C:\Program Files (x86)\OpenOffice 4\program\sdraw.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Impress.lnk - C:\Program Files (x86)\OpenOffice 4\program\simpress.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Math.lnk - C:\Program Files (x86)\OpenOffice 4\program\smath.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice Writer.lnk - C:\Program Files (x86)\OpenOffice 4\program\swriter.exe C:\Users\hfm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1\OpenOffice.lnk - C:\Program Files (x86)\OpenOffice 4\program\soffice.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\WINDOWS\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abMedia.lnk - C:\Program Files (x86)\Acer\abMedia\abMedia.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer\abPhoto.lnk - C:\Program Files (x86)\Acer\abPhoto\abPhoto.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG\AVG 2015.lnk - C:\Program Files (x86)\AVG\AVG2015\avgui.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin\Garmin Express.lnk - C:\Program Files (x86)\Garmin\Express\express.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Installatie ongedaan maken.lnk - C:\Program Files (x86)\Google\Picasa3\Uninstall.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3\Picasa-fotoviewer configureren.lnk - C:\Program Files (x86)\Google\Picasa3\PicasaPhotoViewer.exe /reconfig C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Deployment Manager - Snelkoppeling.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung Printers\Samsung Easy Deployment Manager C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\StartMenu8.exe startmenu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Start Menu 8\Verwijder Start Menu 8.lnk - C:\Program Files (x86)\IObit\Start Menu 8\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging Console.lnk - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe -config C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging starten.lnk - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe -userstart C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Eindpuntbeveiliging\Trusteer Eindpuntbeveiliging stoppen.lnk - C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe -shutdown C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Watchtower Library 2014\Watchtower Library 2014 - Nederlands.lnk - C:\Program Files (x86)\Watchtower\Watchtower Library 2014\O\WTLibrary.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip\WinZip 19.0.lnk - C:\Program Files (x86)\WinZip\WINZIP64.EXE ==== shortcuts in Quick Launch ====================== C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Persoon 1 - Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory="Profile 1" C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Device Fast-lane.lnk - C:\Program Files (x86)\Acer\Acer Device Fast-lane\DeviceFastLaneUI.exe C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\File Explorer.lnk - C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\hfm\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Riekie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Riekie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Riekie\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\3QF2VZU7 will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\hfm\AppData\Local\Mozilla\Firefox\Profiles\3dszcye3.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\hfm\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=14 folders=10 51994956 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hfm\AppData\Local\Temp will be emptied at reboot C:\Users\Riekie\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\hfm\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\hfm\AppData\Local\Microsoft\Windows\INetCache\IE\3QF2VZU7" not found ==== EOF on wo 13-05-2015 at 0:11:13,47 ======================