
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by acer on 29-06-15 at 14:07:50,16.
Microsoft Windows 8.1 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\acer\Downloads\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

29-06-15 14:11:04 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\ClearfiCopyHook {ED32C084-BABB-11E1-B491-D4D66088709B} C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext_x64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Empty Folders Check ======================

C:\PROGRA~2\AGEIA Technologies deleted successfully
C:\PROGRA~2\FreeTime deleted successfully
C:\Program Files\Blender Foundation deleted successfully
C:\Program Files\McAfee deleted successfully
C:\PROGRA~3\APN deleted successfully
C:\Users\acer\AppData\Roaming\HeidiSQL deleted successfully
C:\Users\acer\AppData\Roaming\Vso deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2262041034-2454871270-514107219-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\AGEIA Technologies not found
C:\PROGRA~2\FreeTime not found
"C:\WINDOWS\Installer\1a7ffc0b.msi" not found
C:\PROGRA~2\Application Updater deleted
C:\PROGRA~2\IObit Apps Toolbar deleted
C:\Users\acer\AppData\Roaming\pcouffin.log deleted
C:\PROGRA~3\simplitec deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\acer\AppData\LocalLow\IObit Apps deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
"C:\windows\Installer\3557f.msi" deleted

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-01-28 13:57:17	--------	d-----w-	C:\PROGRA~3\Riot Games
2015-02-01 16:24:25	--------	d-----w-	C:\PROGRA~3\Apple
2015-02-01 16:24:43	--------	d-----w-	C:\PROGRA~3\LogiShrd
2015-02-01 18:14:52	--------	d-----w-	C:\PROGRA~3\IObit
2015-02-21 10:53:28	--------	d-----w-	C:\PROGRA~3\VSO
2015-02-21 19:57:30	--------	d-----w-	C:\PROGRA~3\Baidu
2015-02-21 20:48:03	--------	d-----w-	C:\PROGRA~3\MAGIX
2015-02-24 18:58:45	--------	d-----w-	C:\PROGRA~3\Movavi
2015-04-05 20:16:12	--------	d-----w-	C:\PROGRA~3\NVIDIA
2015-04-16 11:54:45	--------	d-----w-	C:\PROGRA~3\Oracle
2015-04-16 11:55:05	--------	d-----w-	C:\PROGRA~3\Sun

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.5.0.19\coFFPlgn" [22-06-15 21:05]

==== Chromium Look ======================

Google Chrome Version: 43.0.2357.130

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360\Engine\21.7.0.11\Exts\Chrome.crx[05-03-15 10:45]

Ask Toolbar - acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko
Comodo Drag&Drop Service - acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aneodkojaglhnkkdbbdnmmmgimlcaogo
Comodo Web Inspector - acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\bdngekjahnmlkinegnhdmmbcfnmbclnn
PrivDog - acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
Comodo Media Downloader - acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dihmnpngfonlhjmgkflpnibiaaliendo
Norton Identity Safe - acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif

==== Chromium Startpages ======================

C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences
l_time":"13072048860124988","last_active_pingday":"13074246003984786","last_launch_time":"13074268267077702","lastpingday":"13079343605149843","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"homepage":"http://www.google.nl/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"B97E0E75C8385193C5077FEB7F7398A46D92B778D022AC57904CE8BFB4F44872"},"default_search_provider":{"keyword":"554AECF71212C2B0DFCD01A855EC016A40FA1DC553FCF51C826830136BF7A628","name":"33EB17FCCAE1A1A739FE83D9EB718B95539F57EDED33E1CD03B8663CF8D269FA","search_url":"96E0F449E224708B0A696FA1C46516D5E46F96A6FE66C21C20A5C3036A0C977C"},"default_search_provider_data":{"template_url_data":"F2028D34AD366E82F9275F2A2FAD10D09877D24EB717D9C6DFCB4C11C27B22C7"},"extensions":{"settings":{"aaaaahaeginbdcckocjkhbciadcafnep":"2F3D301E5DE22B57F1EF4EA723D32D11FE4A8D026EF427C294C82AD661BE2EAC","aaaaahlfahldnilidgnlikdckbfehhca":"10626742DEA139C1E68D0DFC84588EB5EC4AAFDD4A7B6934C9560D2749B4A3D4","aaaaaiabcopkplhgaedhbloeejhhankf":"CCC6C3BCA86691C7C479DB9511D440E05274AD780CAB7CF2A3F5C885DF056865","aapocclcgogkmnckokdopfmhonfmgoek":"B0EFA148A465DEAA5B33A45061B0F64B6075C71BFB701F118BE345EEBC1682A6","ahfgeienlihckogmohjhadlkjgocpleb":"63B1FBD86451415E3E7F79280A5EB387537008735E6E1B13A81E6EF49E5DF3E7","aohghmighlieiainnegkcijnfilokake":"CC4E1EB65CE89CD78A0F198DA376410458400F01D1FC0CF086B62C9C35082A82","apdfllckaahabafndbhieahigkjlhalf":"87B473F806930016810ABB04600528C663137468F5109FFD3878532113572F0A","bepbmhgboaologfdajaanbcjmnhjmhfn":"7B01F95529F412E064E9079233E59187895E5ED6C08E8D7274CBBB34F418A6F1","blpcfgokakmgnkcojhhkbfbldkacnbeo":"016708BDD7D314ED5D3B3EF1E2E0EED07AD835707344683610C8EB1BE6B190B3","coobgpohoikkiipiblmjeljniedjpjpf":"B7DB7A423FBE7E0F0541D62E76804E901AC5A8199C179C5BB0EC5541DA0EC1A2","eemcgdkfndhakfknompkggombfjjjeno":"4063E050C520DE0F72A4C1C6947F9B67D9DADCB8C299140A3B3D53CEAE22ABE0","ennkphjdgehloodpbhlhldgbnhmacadg":"44277CE72F3E84B688657ADD01E7D6E5FA0EA93D920F277B64A0C204BF30A08A","felcaaldnbdncclmgdcncolpebgiejap":"987933C06BF05B22660D7B0BAE1CA8B1020D5528DB37D4C6898F71EF2CEC1011","gfdkimpbcpahaombhbimeihdjnejgicl":"E568409E0E0683743734641222143EA507C49F2568CE3D2B32D5890AF56D918F","iikflkcanblccfahdhdonehdalibjnif":"ACCBCB0F8DFCAAAAA4562F017DB9C4481AD367EB7585FB0A84E8B10C7F470C33","kmendfapggjehodndflmmgagdbamhnfd":"2B5A98523AA0CD4568ADF3B4E7E48AA0D31E6871597576BC8477F3CDE3BB7321","mfehgcgbbipciphmccgaenjidiccnmng":"BB10C454D1F43CF8B463ACFE65D124D984DEDE2EFCF5796BCA205D3CF352B144","mfffpogegjflfpflabcdkioaeobkgjik":"FB41CFC59B79A726F151BE7D8E47886F43ED736E0C78A3A87C04A0DF66F4472F","mgndgikekgjfcpckkfioiadnlibdjbkf":"918B0F65E7ACC4DD2D73D5228E7659504D5DAB3FE418C6A68824AD4A740AC3CB","mhjfbmdgcfjbbpaeojofohoefgiehjai":"1EF7F15FA137B650BA9BFEC76C2643222B9FF9837994A8E3E052B30AD5DE468A","mkfokfffehpeedafpekjeddnmnjhmcmk":"0DA7ED72CE5FBD321D62A2FCE1ADC50349C91A6E1892C2C22EA6DD57C5E38EC1","neajdppkdcdipfabeoofebfddakdcjhd":"D91F644F20BBCCF22C615019FD424166B59608D2C6ED25A2A85BB94229F2D940","nkeimhogjdpnpccoofpliimaahmaaome":"85C8AFA76C5197D6E3835088DB986F7766C7EAAA558BA796BC75C79BDDFB736F","nmmhkkegccagdldgiimedpiccmgmieda":"0AEAE015E0661BCB6FBA071F5F817CDA7A6324C2E0EB5A2864BAA9BCB5F84957","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"2F77ADA589305D8A12516830F086B68342B7C7A5D1F733D9DD968F837F4D0432","pjkljhegncpnkpknbcohdijeoejaedia":"CD18E7EBB86B78841AD6B4B6FA9D3B51FD1B4ADB99D09E75104835123444BDBE"}},"google":{"services":{"last_username":"F54FA38D7BE711675594F35E9A8B24702D4BC242C8A266E4B4767FDD84784D7D","username":"4968D525C354A1A1DC8155FDB342C0E532985C227F4D35C01527E0D3EC266D76"}},"homepage":"00F2A61FC73413EC57C3AA6D04F132FA6768F0395CC83AACC148D5BA4C109827","homepage_is_newtabpage":"55002F560078E5F0940763130F20DEF576B5DD17ED157DBB7B8D23D49E1462DB","pinned_tabs":"74C293ED34DE2F156200D393F7A6BBB1FAB137ED983B3D9D2FC5658DA986FE6C","prefs":{"preference_reset_time":"E8777021CE43DBC3427037F2D863A95F7FD26FEBF2EFE7FB0778F4A0736C7D14"},"profile":{"reset_prompt_memento":"27B4AD1C853B3EBCB9538D561D81AF5D52D15B3407AA2985D586AB5C9D8B636F"},"safebrowsing":{"incidents_sent":"57D94203B2C9CF6C3BC32DB11E10813925169A2337657E07FB4C29341D142219"},"search_provider_overrides":"0956B2F52CB921AFC04E5E900D3E1236B69F669AF9DBCD1E46C893027B929FA3","session":{"restore_on_startup":"8930BD438FA80C65430AFEE291E2607678AF4B2D306760BAAC60F63B6FE649EF","startup_urls":"6D073256C043F6EBA7C5765C20EE03482D3A400EBD0F9C46F981902848C24C6C"},"software_reporter":{"prompt_reason":"3D52FA6E75E17449D3E1631E50FD69DC31728E31068A135297AF8E26A7FF9644","prompt_seed":"D1A38A56F47E406FC0576E29BA8DBD9E8CEB6FE909E6699BDABFFCC4551CC248","prompt_version":"1B7ADE835284292B21C6B59FF857F7069AA837D2C9D5C266E8220C96224A08C7"},"sync":{"remaining_rollback_tries":"9C9200F58E68B9FC27A1198E2EA8C1011FD7925BBA768021BD6EE1050678CE8E"}},"super_mac":"771FAAAAC828E560F5DEF195F8275E824BD8160101E065D0ACE10901406B6CB5"},"safebrowsing":{"incidents_sent":{"6":{"script_request_incident":"42"}}},"sync":{"remaining_rollback_tries":0}}


==== Chromium Fix ======================

C:\Users\acer\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\aaaalipaokhkccgmgkdglfinfnfhflko deleted successfully
C:\Users\acer\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage deleted successfully
C:\Users\acer\AppData\Local\Comodo\Dragon\User Data\Default\Local Storage\chrome-extension_aaaalipaokhkccgmgkdglfinfnfhflko_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.search.ask.com/?tpid=ORJ-ST-SPE&o=APN11467&pf=V7&trgb=CR&p2=%5EBED%5EOSJ000%5EYY%5EBE&gct=hp&apn_ptnrs=BED&apn_dtid=%5EOSJ000%5EYY%5EBE&apn_dbr=cr_42.0.2311.90&apn_uid=AD1C0710-C54A-4CBE-B502-5597F64D54B5&itbv=12.24.1.53&doi=2015-04-16&psv=&pt=tb"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{69C9936C-73DD-49E1-B7B3-D61AFBD297F9}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{69C9936C-73DD-49E1-B7B3-D61AFBD297F9}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{AC55216A-6028-4AE2-8242-028503875233} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D6FC4FD972195474287281FD6D8D4F0D deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE26E302-876A-48D9-9058-3129E5B99999} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9DF4CF6D-9127-4745-8227-18DFD6D8F4D0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\203E62EEA6789D84098513925E9B9999 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\D6FC4FD972195474287281FD6D8D4F0D deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\acer\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\acer\AppData\Local\Comodo\Dragon\User Data\Default\Cache emptied successfully
C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=291 folders=118 12813325 bytes)

==== Empty Temp Folders ======================

C:\Users\acer\AppData\Local\Temp will be emptied at reboot
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\acer\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on 29-06-15 at 14:34:48,68 ======================