Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Akwasi on ma 25-05-2015 at 12:03:59,33. Microsoft Windows 8.1 met Bing 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Akwasi\Desktop\zoek (3).exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 25-5-2015 12:15:24 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Sony Mobile deleted successfully C:\PROGRA~3\E1864A66-75E3-486a-BD95-D1B7D99A84A7 deleted successfully C:\PROGRA~3\Sony Mobile deleted successfully C:\Users\Akwasi\AppData\Roaming\hpqlog deleted successfully C:\Users\Akwasi\AppData\Roaming\Systweak deleted successfully C:\Users\Akwasi\AppData\Local\StormFall deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3764115802-191146261-799288072-1001\Software\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{8CDE19E6-71C2-4B46-89B7-35F6A18C571A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\892cc6a3 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssTrayService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\HssWd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\hshld deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\hshld deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "AVG-Secure-Search-Update_1114avt"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Sony Mobile not found C:\Users\Akwasi\AppData\Roaming\Avg_Update_1114avt not found C:\PROGRA~3\E1864A66-75E3-486a-BD95-D1B7D99A84A7 not found C:\zoek_backup deleted C:\PROGRA~3\964f1a60c494a45 deleted C:\Users\Akwasi\AppData\Local\8415 deleted C:\PROGRA~2\WSE_Lasaoren deleted C:\Users\Akwasi\AppData\Roaming\WB.CFG deleted C:\Users\Akwasi\AppData\Roaming\appdataFr2.bin deleted C:\Users\Akwasi\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\StormFall.lnk deleted C:\Users\Akwasi\AppData\Roaming\StormFall deleted C:\Users\Akwasi\AppData\Roaming\WSE_Lasaoren deleted C:\Users\Akwasi\AppData\Roaming\Hotspot Shield deleted C:\Users\Akwasi\AppData\Roaming\AdvancedSystemProtector deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Hotspot Shield deleted C:\Users\Akwasi\AppData\Local\nszB427.tmp deleted C:\Users\Akwasi\AppData\Local\PriceFountain deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hotspot Shield deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Akwasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceFountain deleted C:\Users\Akwasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StormFall deleted C:\Users\Akwasi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Akwasi\Downloads\avg_free_stb_all_2015_5557_cnet.exe deleted C:\windows\SysNative\tasks\WSE_Lasaoren deleted C:\Windows\tasks\WSE_Lasaoren.job deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\Hotspot Shield deleted C:\Users\Public\Desktop\Hotspot Shield.lnk deleted "C:\PROGRA~2\Hotspot Shield\bin\af_proxy.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\cmw_srv.exe" deleted "C:\PROGRA~2\Hotspot Shield\bin\HSSCP.exe" deleted "C:\PROGRA~2\Hotspot Shield\bin\HssRep.4.15.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\hsssrvlib.4.15.dll" deleted "C:\PROGRA~2\Hotspot Shield\bin\zlib1.dll" deleted "C:\PROGRA~2\Hotspot Shield" not deleted "C:\PROGRA~3\Hotspot Shield" deleted "C:\PROGRA~2\Hotspot Shield\bin" not deleted "C:\PROGRA~3\Hotspot Shield\config" deleted "C:\PROGRA~3\Hotspot Shield\config\hsspx" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Akwasi\AppData\Local\Temp ==== 2015-05-12 08:29:38 B94BC5A03F1498DAB06550B9221C60BF 21062608 ----a-w- C:\Users\Akwasi\AppData\Local\Temp\Sony\Sony PC Companion\AutoUpdate\Sony PC Companion_2.10.259_NetStorage.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-22 08:13:01 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-05-21 16:16:07 -------- d-----w- C:\PROGRA~2\Tweaking.com 2015-05-09 06:17:52 -------- d-----w- C:\PROGRA~2\AVG ======= C: ===== ====== C:\Users\Akwasi\AppData\Roaming ====== 2015-05-21 15:32:21 -------- d-----w- C:\Users\Akwasi\AppData\Local\Avg 2015-05-12 06:26:43 407AAB8C27CF7081EECE071C90A65B83 17 ----a-w- C:\Users\Akwasi\AppData\Local\resmon.resmoncfg 2015-05-05 19:23:54 -------- d-----w- C:\Users\Akwasi\AppData\Local\ElevatedDiagnostics 2015-04-27 06:56:03 -------- d-----w- C:\Users\Akwasi\AppData\Roaming\Identities ====== C:\Users\Akwasi ====== 2015-05-22 08:09:44 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Akwasi\Downloads\RSITx64.exe 2015-05-21 16:16:13 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com 2015-05-21 16:12:59 F253B6E18E01FB6A30EB163DBFB04EE5 12840520 ----a-w- C:\Users\Akwasi\Downloads\tweaking.com_windows_repair_aio_setup.exe 2015-05-09 06:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG ====== C: exe-files == 2015-05-22 08:13:02 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Akwasi.exe 2015-05-21 16:16:07 FB3CCA8566EFA483A66B2FDA7D9E1802 1367040 ----a-w- C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\uninstall.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-3764115802-191146261-799288072-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Akwasi\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "Spotify"="C:\Users\Akwasi\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_USERS\S-1-5-21-3764115802-191146261-799288072-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --restore-last-session --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app --load-component-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\man --flag-switches-begin --flag-switches-end" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HPMessageService"="C:\Program Files (x86)\Hewlett-Packard\HP System Event\HPMSGSVC.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Akwasi\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background" "Spotify"="C:\Users\Akwasi\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Application Restart #6"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --restore-last-session --extensions-on-chrome-urls --test-type --load-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\app --load-component-extension=c:\Program Files\Google\Chrome\Application\Extensions\chrome\man --flag-switches-begin --flag-switches-end" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "SimplePass"="C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe /hideui" "OPBHOBroker"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBroker.exe" "OPBHOBrokerDesktop"="C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [03-09-2014 17:49] C:\Windows\tasks\HPCeeScheduleForAkwasi.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [15-07-2011 04:43] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForAkwasi" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{30424E29-A5D4-448E-A205-850C0DEDEFFA}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\YCMServiceAgent" [C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Chromium Look ====================== Google Chrome Version: 37.0.2062.124 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ehjldlodmkdlooagebfnaghgmkfccipn - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ehjldlodmkdlooagebfnaghgmkfccipn - No path found[] Google Slides - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Sheets - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap AdBlock - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Google Wallet - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Akwasi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "https://www.google.nl/", "startup_urls": [ "https://www.google.nl/" ], ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wny_wnzp_15_08¶m1=1¶m2=f%253D1%26b%3D{browser}%26cc%3Dus%26pa%3DWinYahoo%26cd%3D2XzuyEtN2Y1L1Qzu0BtDtCtDyEtCtCyE0BzytAzz0Dzy0ByBtN0D0Tzu0StCtCyEyBtN1L2XzutAtFyBtFyCtFtCtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyEzz0D0C0CzzzyyEtGyCzz0DtCtGtBtA0C0DtG0A0FtD0BtGtB0BzztB0DzyyE0B0E0F0Ezy2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEyDtB0DzzyC0BzztG0DtAyBtAtGyE0EyE0FtG0B0AtB0CtG0DyBtCtBtB0C0CzyzzzzyCzz2Q%26cr%3D140885170%26a%3Dwny_wnzp_15_08%26os%3DWindows 8.1 Connected" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {A25AC313-DD19-4238-ACA2-401D6BEE4321} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== Reset Google Chrome ====================== C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF588934f.TMP will be reset at reboot C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF6146b5.TMP will be reset at reboot C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFbb179e5.TMP will be reset at reboot C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences.copy was reset successfully C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\HotspotShield deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\PriceFountain deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\IE\XAJZ1VCJ will be deleted at reboot C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== Empty Temp Folders ====================== C:\Users\Akwasi\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Akwasi\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF588934f.TMP" not found "C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF6146b5.TMP" not found "C:\Users\Akwasi\AppData\Local\Google\Chrome\User Data\Default\Preferences~RFbb179e5.TMP" not found "C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\IE\container.dat" not found "C:\PROGRA~2\Hotspot Shield" not found "C:\Users\Akwasi\AppData\Local\Microsoft\Windows\INetCache\IE\XAJZ1VCJ" not found ==== EOF on wo 27-05-2015 at 23:57:38,59 ======================