Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Nelleke on di 18-08-2015 at 16:35:10,25. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Nelleke\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-07-10-140541.log 206166 bytes C:\zoek-results2015-07-14-110312.log 35578 bytes C:\zoek-results2015-08-04-112523.log 9670 bytes C:\zoek-results2015-08-04-154854.log 26775 bytes ==== Empty Folders Check ====================== \1AB.tmp \7563.tmp \A2F8.tmp \acrord32_sbx \comtypes_cache \hb.11240 \hb.3888 \hb.5808 \hb.5828 \hb.6340 \hb.6952 \hb.8084 \HP Support Framework \HPWarrantyChecker \Picasa3 \WPDNSE \{702d1477-e297-4a1f-a0d8-eda80e85cf53} \{F240637A-36E7-4EE3-9876-E24535DE32FB} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\IObit\Advanced SystemCare 8 not found C:\Program Files (x86)\IObit not found C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\jetpack deleted "C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi" deleted "C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\ffextension@weheartit.com.xpi" deleted "C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi" deleted ==== Folders Found ====================== 2013-12-13 19:07:39 2013-12-13 19:07:39 -------- d-----w- C:\IObit 2015-07-09 19:18:49 2015-07-09 19:18:49 -------- d-----w- C:\Program Files (x86)\Common Files\IObit 2013-12-13 19:07:00 2015-07-09 19:28:39 -------- d-----w- C:\ProgramData\IObit 2015-07-09 19:28:39 2015-07-09 19:28:39 -------- d-----w- C:\ProgramData\IObit\IObit Uninstaller 2013-12-13 19:07:00 2015-07-09 19:28:39 -------- d-----w- C:\Users\All Users\IObit 2015-07-09 19:28:39 2015-07-09 19:28:39 -------- d-----w- C:\Users\All Users\IObit\IObit Uninstaller 2013-12-13 19:07:41 2015-07-09 19:22:33 -------- d-----w- C:\Users\Nelleke\AppData\LocalLow\IObit 2013-12-13 19:22:49 2015-07-10 14:04:51 -------- d-----w- C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\IObit 2015-08-04 08:59:00 2015-08-04 08:59:18 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_IObit 2015-08-04 08:59:19 2015-08-04 08:59:23 -------- d---a-w- C:\zoek_backup\C_Users_Nelleke_AppData_Roaming_IObit 2015-08-04 08:59:15 2015-08-04 08:59:17 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_IObit\IObit Malware Fighter 2015-08-04 08:59:17 2015-07-10 14:04:31 -------- d---a-w- C:\zoek_backup\C_Program Files (x86)_IObit\IObit Uninstaller 2015-08-04 08:59:22 2015-08-04 08:59:22 -------- d---a-w- C:\zoek_backup\C_Users_Nelleke_AppData_Roaming_IObit\IObit Malware Fighter 2015-08-04 08:59:22 2015-08-04 08:59:23 -------- d---a-w- C:\zoek_backup\C_Users_Nelleke_AppData_Roaming_IObit\IObit Uninstaller ==== Files Found ====================== --- C:\ProgramData\IObit\ASCDownloader\ASC8\IObit Malware Fighter.exe --- Company: IObit File Description: IObit Malware Fighter File Version: 3.2 Product Name: IObit Malware Fighter 3 Copyright: Copyright© 2005-2015 Original Filename: File type: ----a-w- File size: 28389664 Created time: 2015-07-09 19:23:46 Modified time: 2015-07-09 19:23:51 MD5: 4CB35168D19F7D2D7203C5B05F947BE9 SHA1: 2FC080A28441A7BC95DBE28BD67F7BAAF92E78D2 --- C:\ProgramData\IObit\ASCDownloader\ASC8\IObit Malware Fighter.exe.dat --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 756 Created time: 2015-07-09 19:24:08 Modified time: 2015-07-09 19:24:08 MD5: 0904968394603716ED2F50323D78D66A SHA1: 684CAE8ACDD1A7BE9D2E1EF8EFA1E6D48D3572DA --- C:\Users\All Users\IObit\ASCDownloader\ASC8\IObit Malware Fighter.exe --- Company: IObit File Description: IObit Malware Fighter File Version: 3.2 Product Name: IObit Malware Fighter 3 Copyright: Copyright© 2005-2015 Original Filename: File type: ----a-w- File size: 28389664 Created time: 2015-07-09 19:23:46 Modified time: 2015-07-09 19:23:51 MD5: 4CB35168D19F7D2D7203C5B05F947BE9 SHA1: 2FC080A28441A7BC95DBE28BD67F7BAAF92E78D2 --- C:\Users\All Users\IObit\ASCDownloader\ASC8\IObit Malware Fighter.exe.dat --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 756 Created time: 2015-07-09 19:24:08 Modified time: 2015-07-09 19:24:08 MD5: 0904968394603716ED2F50323D78D66A SHA1: 684CAE8ACDD1A7BE9D2E1EF8EFA1E6D48D3572DA --- C:\zoek_backup\C_windows_SysNative_IObitSmartDefragExtension.dll.vir --- Company: IObit File Description: IObit Smart Defrag Extension File Version: 1.0.0.1 Product Name: Smart Defrag Copyright: Copyright © 2005-2013 Original Filename: IObitSmartDefragExtension.dll File type: ----a-w- File size: 128288 Created time: 2015-08-04 08:59:24 Modified time: 2015-01-10 13:32:16 MD5: 293C21F0EE9720B9B710DDA40A545CFD SHA1: E8BFEF1A2F46218ED83B6C6251DB00977A1918CA --- C:\zoek_backup\C_Program Files (x86)_IObit\Advanced SystemCare 8\IObitUninstaller.exe --- Company: IObit File Description: Uninstall Programs File Version: 4.3.0.5 Product Name: Uninstall Programs Copyright: Copyright(C) 2005-2015 Original Filename: File type: ----a-w- File size: 8032544 Created time: 2015-08-04 08:59:04 Modified time: 2015-05-20 17:52:44 MD5: 0A6B46C7DF4CC23C106E7494321AE5F3 SHA1: EAD7F039153F1F9826876BF842234574741A4FE2 ==== Registry Search Results for "IObit" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\ADSRemoval] "UninstallString"="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\adsremoval\\unins000.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\ADSRemoval] "InstallLocation"="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\adsremoval" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 6] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 6] "installpath"="C:\\Program Files (x86)\\IObit\\Advanced SystemCare Ultimate" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 7] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 7] "installpath"="C:\\Program Files (x86)\\IObit\\Surfing Protection" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 8] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 8] "apppath"="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare 8] "installpath"="C:\\Program Files (x86)\\IObit\\Surfing Protection" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Advanced SystemCare Ultimate] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\ASC] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\ASC] "Path"="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\ASC.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Driver Booster] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\IObit Malware Fighter] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\IObit Malware Fighter] "Free"="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\LiveUpdate] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\LiveUpdate] "AppPath"="C:\\Program Files (x86)\\IObit\\LiveUpdate\\LiveUpdate.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\RealTimeProtector] [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\RealTimeProtector] "InstallLocation"="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\" [HKEY_LOCAL_MACHINE\SOFTWARE\IObit\Uninstaller 4] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\IObit Malware Fighter] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\IObitUnstaler] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\//\//\IObit Cloud Anti-Malwre] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shellex\ContextMenuHandlers\IObitUnstaler] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Folder\ShellEx\ContextMenuHandlers\IObitUnstaler] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IObit Malware Fighter] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\lnkfile\shellex\ContextMenuHandlers\IObitUnstaler] [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\ASCExtMenu_64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMFShellExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CFDD9042-CEFB-4B68-B956-90CB0E466B38}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\IObit Uninstaller\\UninstallMenuRight64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\TypeLib\{CFDD9042-CEFB-4B68-B956-90CB0E466B38}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\IObit Uninstaller" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8\\ASCExtMenu_64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{60AD0991-ECD4-49DC-B170-8B7E7C60F51B}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\Advanced SystemCare 8" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter\\IMFShellExt.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{ACB9DC96-D7BB-430F-AE6B-97F0DFDEAFCC}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\IObit Malware Fighter" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{CFDD9042-CEFB-4B68-B956-90CB0E466B38}\1.0\0\win64] @="C:\\Program Files (x86)\\IObit\\IObit Uninstaller\\UninstallMenuRight64.dll" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\TypeLib\{CFDD9042-CEFB-4B68-B956-90CB0E466B38}\1.0\HELPDIR] @="C:\\Program Files (x86)\\IObit\\IObit Uninstaller" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\ProgramData\\IObit\\ASCDownloader\\Smart Defrag.exe"=dword:00000001 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\ProgramData\\IObit\\ASCDownloader\\Driver Booster.exe"=dword:00000001 [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\ProgramData\\IObit\\ASCDownloader\\Smart Defrag.exe"=dword:00000001 [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted] "C:\\ProgramData\\IObit\\ASCDownloader\\Driver Booster.exe"=dword:00000001 ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 user_pref("browser.startup.homepage", "http://www.allemaal-series.org/browse.php"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.selectedEngine", ""); ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default - Undetermined - %ProfilePath%\extensions\compatibility@addons.mozilla.org - HP Smart Print - %ProfilePath%\extensions\hpwebprint@hpwebprint.com ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - Lunapic Image Edit - %ProfilePath%\extensions\corp@lunapic.com.xpi ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default - WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} ProfilePath: C:\Users\Nelleke\AppData\Roaming\Thunderbird\Profiles\2j53e4is.default - Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005 FD82108FD60B63010325D9AF6F00AF99 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll - Shockwave Flash 1F352B5944AF5C2204D9EFF7F845C5AF - C:\Users\Nelleke\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll - Google Update 3CD19649B2C3023D65E67C056457A2BC - C:\Users\Nelleke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 77B6DD23DCA19A217D5A4C4CAF962895 - C:\Users\Nelleke\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll - RocketLife Secure Plug-In Layer EECE85E006E195B1B227A8EB0874BDA8 - C:\Users\Nelleke\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll - Microsoft Office 2013 49D429EBF5305FC9ADD7545B7C914333 - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 6BEAD7859E8A087BE04556AB5A78855C - C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer ==== Chromium Look ====================== ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nelleke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gast\AppData\Local\Mozilla\Firefox\Profiles\7icxe948.default\Cache emptied successfully C:\Users\Nelleke\AppData\Local\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\cache2 emptied successfully ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=536 folders=153 218357045 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Gast\AppData\Local\temp emptied successfully C:\Users\Nelleke\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\UpdatusUser\AppData\Local\temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Nelleke\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on di 18-08-2015 at 17:49:05,48 ======================