Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Gebruiker on zo 31-05-2015 at 21:29:35,93. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-05-31-185101.log 14108 bytes ==== Torpig Check ====================== HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== ==== Folders in C:\PROGRA~3 0-6 Months Old ====================== 2014-12-13 21:51:01 -------- d--h--w- C:\PROGRA~3\Common Files 2014-12-19 22:08:42 -------- d-----w- C:\PROGRA~3\AVG 2015-01-10 14:18:08 -------- d-----w- C:\PROGRA~3\MFAData 2015-01-10 14:34:11 -------- d-----w- C:\PROGRA~3\AVG2015 2015-02-24 13:02:37 -------- d-----w- C:\PROGRA~3\VS Revo Group 2015-04-18 20:30:23 -------- d-----w- C:\PROGRA~3\Unchecky 2015-04-30 15:00:11 -------- d-----w- C:\PROGRA~3\SUPERAntiSpyware.com ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\Mozilla\Firefox\Profiles\g8b3u645.default - S3.Google Translator - %ProfilePath%\extensions\s3google@translator.xpi - Google Translator for Firefox - %ProfilePath%\extensions\translator@zoli.bod.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 selector is not a valid CSS selector - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb OneTab - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\chphlpgkkbolifaimnlloiipkdnihall Google Analytics Opt-out Add-on by Google - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh IBA Opt-out (by Google) - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Bookmark Manager - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik SearchPreview - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcjdanpjacpeeppdjkppebobilhaglfo Last updated at time on date - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd Better Suggestions - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbfdokehccobfbpmkpmdenljlmpfbamp FlashControl - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfidmkgnfgnkihnjeklbekckimkipmoe Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Last updated at time on date - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch Adblock Plus - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oedjbhdeaifcejeemjeddocgjjmehfnd StopFlash - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oiiohfpnbijbgdidjfcpcljcfbmkaooi Uitzending Gemist Downloader - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\onogpacodgjlaoicjnmbfnigmbojmnlc better Browser - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh Bitdefender QuickScan - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie Send from Gmail (by Google) - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc AdBlock - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\phaphcbelkpifalkhcgcnbgenciapcpa AVG PrivacyFix - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pmejhjjecaldkllonlokhkglbdbkdcni ==== Chromium Startpages ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences sl_cert_decisions":{}},"pattern_pairs":{"*,*":{"per_plugin":{"adobe-reader":1,"adobe-shockwave":1,"apple-quicktime":1,"avgnpss.dll":1,"google-chrome-pdf":1,"google-talk":1,"google-update":1,"npDeployJava1.dll":1,"npGoogleUpdate3.dll":1,"npdrmv2.dll":1,"npitunes.dll":1,"nprpchromebrowserrecordext.dll":1,"npsitesafety.dll":1,"ppGoogleNaClPluginChrome.dll":1,"realplayer":1,"windows-media-player":1}},",*":{"cookies":1},"https://mail.google.com:443,*":{"last_used":{"notifications":1422302166.4026}},"https://mail.google.com:443,https://mail.google.com:443":{"last_used":{"notifications":1422302166.8686}}},"plugin_whitelist":{"adobe-flash-player":false,"adobe-reader":true,"adobe-shockwave":true,"apple-quicktime":true,"avgnpss":{"dll":true},"google-chrome-pdf":true,"google-update":true,"internal-remoting-viewer":false,"npDeployJava1":{"dll":true},"npGoogleUpdate3":{"dll":true},"npdrmv2":{"dll":true},"npitunes":{"dll":true},"nprpchromebrowserrecordext":{"dll":true},"npsitesafety":{"dll":true},"ppGoogleNaClPluginChrome":{"dll":true},"realplayer":true,"windows-media-player":true},"pref_version":1,"whitelist_version":1},"created_by_version":"37.0.2062.124","default_content_settings":{},"exit_type":"Crashed","exited_cleanly":true,"gaia_info_picture_url":"https://lh4.googleusercontent.com/-5OJALUOXdGE/AAAAAAAAAAI/AAAAAAAAAa4/jYn1fc7qAtA/s256-c/photo.jpg","gaia_info_update_time":"13077566062307898","icon_version":3,"is_managed":false,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Standaardprofiel","password_manager_enabled":false,"per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"safebrowsing":{"enabled":true},"savefile":{"default_directory":"C:\\Users\\Gebruiker\\Desktop","type":1},"search":{"suggest_enabled":true},"selectfile":{"last_directory":"C:\\rsit"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13057079858422125"},"signin":{"signedin_time":"13075306873384625"},"spellcheck":{"dictionary":"nl","use_spelling_service":false},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","Managed User Whitelists","Tabs","Encryption keys"],"app_list":false,"app_settings":false,"apps":false,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAfIn4lnNUy0+9o3trt4zX2gAAAAACAAAAAAAQZgAAAAEAACAAAADXC0p2wP3Sh6Ezm1hNpM0VmCp3A5qTbJciNbOhrCutOgAAAAAOgAAAAAIAACAAAADk2eTKdVzOIkgbEYrpwkDA4z1tNecUS1MIUZcfb57CIUAAAAARvoGI9pzNy1Z0d5KmQdMcQf8gwSlcwYI7IBmSsfliOJixTer+f16c5JxL/R15+bWHxs5n3gJ3UZ/ndBkg2pfcQAAAADlsFkwLbqfRj1U7yLXAgeaWxoLFUpUycEqMLC6olAfXtvG6CWBqMCTMI4kpdoWcf9QkDnxKr9iOi1XhieEtuzw=","extension_settings":true,"extensions":true,"favicon_images":false,"favicon_tracking":false,"first_sync_time":"13075306879312625","has_auth_error":false,"has_setup_completed":true,"history_delete_directives":false,"keep_everything_synced":false,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAfIn4lnNUy0+9o3trt4zX2gAAAAACAAAAAAAQZgAAAAEAACAAAAC4QWU+s+dnDwOLEjRIm92hdmTuXFlloluGT61GHnk9twAAAAAOgAAAAAIAACAAAADLWCuZKR6VaA5j5+PsplVMdymmJRYmotVJFDVyE+MAglAAAACb5a5qnQIJZk3OIo47AC/aIPg5tG3ngym1wN/eME+qLdlPJRvz+B6twGZjFvY7UJmSg1u+0GYkkN/jq95yiOtJbF1ftA1vVY+FPfd8/IxF6UAAAADRH6XK7JaZAmWnWWi+fjxAZdNDBnRlVyr/99a5UFgo8U7HJBaJ0BoeviaPg34atsKs9dGmDwqivRWrp0tYQCkG","last_synced_time":"13077575844169765","managed_user_settings":false,"managed_user_shared_settings":false,"managed_user_whitelists":false,"managed_users":false,"passwords":false,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncVVHxokGaD+N3tE6UppjQCg==","sessions":false,"suppress_start":false,"tabs":false,"themes":false,"typed_urls":false},"sync_promo":{"startup_count":1,"user_skipped":true},"translate":{"enabled":true},"translate_accepted_count":{"cs":0,"da":1,"de":5,"en":23,"es":1,"fr":6,"hr":0,"it":2,"ja":2,"nl":0,"no":1,"pt":1,"ru":0,"sl":0,"sv":2,"zh-CN":5},"translate_blocked_languages":["en"],"translate_denied_count":{"cs":1,"da":0,"de":0,"en":0,"es":0,"fr":0,"hr":1,"it":0,"ja":0,"nl":2,"no":0,"pt":0,"ru":1,"sl":1,"sv":0,"zh-CN":0},"translate_last_denied_time":1.420899e+12,"translate_site_blacklist":[],"translate_too_often_denied":true,"translate_whitelists":{"de":"nl","en":"nl","fr":"nl","zh-CN":"nl"},"zerosuggest":{"cachedresults":""}} C563D0"},"safebrowsing":{"incidents_sent":"DD7AEBD2E52B561CB8734A4306DD757B77533EFFA7CE1519020C32D6EE817346"},"search_provider_overrides":"38942B632324C44D0017DC8AC8D7A63E5003F8250E8EA17004E4148318F9956F","session":{"restore_on_startup":"3D03A856CE4E7206668E31C58BD764B283174C1BDBF89D4CC144F5D5E72734B6","startup_urls":"AF296B8BCD8C0C02A6D230E80CFC3FCAEAE29F466E4998B422A5FA4AC1A839B9"},"software_reporter":{"prompt_reason":"0B2006B3CF7DF1CEFE81B9286745F901209DF8CFB0ECBC829BDD709A743CE451","prompt_seed":"CDF13E14561BD4B5DE04456C7FFEC75E6614D41B35DFDCCCA493EAA8574239FD","prompt_version":"FEF2D2A6C7C93B9167BFEECC5CFBAF9C524362C493AAF3F02ACCF32EE386B121"},"sync":{"remaining_rollback_tries":"C8ECBAEE180531E1032C4CB8EFD843D0D0D2E5789359FDAE3AB72444AA68B615"}},"super_mac":"98FFCC86959642A34266AC1665ECFD31ADE85275DB0E7556A22339B56176CA7B"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.nl/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\71NPI954 will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JXP1URI will be deleted at reboot C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWNBP7C2 will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=8 folders=5 117172 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0WLRFN51" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1BQPLD77" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\GC091OCC" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\71NPI954" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8JXP1URI" not found "C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XWNBP7C2" not found ==== EOF on zo 31-05-2015 at 22:43:32,40 ======================