Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gebruiker on ma 11-01-2016 at 21:18:47,85. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Checkboxes used] ==== System Restore Info ====================== 11-1-2016 21:24:18 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\Wondershare Video Editor deleted C:\Users\Gebruiker\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted "C:\Windows\Installer\5eb55f.msi" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" deleted "C:\PROGRA~2\COMMON~1\Wondershare" deleted "C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== 2015-12-27 22:10:47 B5E1B7E21E6E1AA90D76DC8C8A824E91 911 ----a-w- C:\Windows\Tasks\EPSON XP-322 323 325 Series Update {E25DF790-8A69-40A4-86E9-D178D5AB5FFC}.job 2015-12-27 22:10:47 3965601AD742A9210EBDC26EE74B2B20 3978 ----a-w- C:\Windows\Sysnative\Tasks\EPSON XP-322 323 325 Series Update {E25DF790-8A69-40A4-86E9-D178D5AB5FFC} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2016-01-10 19:11:34 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== 2015-12-27 10:09:20 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Data Care 2015-12-27 10:09:20 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Data Care 2015-12-27 10:09:17 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seminarium voor Orthopedagogiek 2015-12-27 10:08:44 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Deployment 2015-12-27 10:08:44 -------- d-----w- C:\Users\Gebruiker\AppData\Local\Apps ====== C:\Users\Gebruiker ====== 2016-01-10 19:11:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe ====== C: exe-files == 2016-01-10 19:11:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Gebruiker.exe 2016-01-10 19:11:22 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Desktop\RSITx64.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-77803279-1982300115-570051971-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT EPLTarget\P0000000000000000 /M XP-322 323 325 Series" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s" "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT EPLTarget\P0000000000000001 /M XP-322 323 325 Series" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPLTarget\P0000000000000000"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT EPLTarget\P0000000000000000 /M XP-322 323 325 Series" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe -s" "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_YATINEE.EXE /EPT EPLTarget\P0000000000000001 /M XP-322 323 325 Series" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2015-05-13 12:42:52 890 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [02-01-2016 11:09] C:\Windows\tasks\DropboxUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [19-11-2015 00:22] C:\Windows\tasks\DropboxUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [19-11-2015 00:22] C:\Windows\tasks\EPSON XP-322 323 325 Series Update {188151E1-EAB4-4390-BCC0-1B348DDA926B}.job --a------ C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.exe [22-11-2013 00:30] C:\Windows\tasks\EPSON XP-322 323 325 Series Update {E25DF790-8A69-40A4-86E9-D178D5AB5FFC}.job --a------ C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.exe [22-11-2013 00:30] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-05-2015 10:29] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [13-05-2015 10:29] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\EPSON XP-322 323 325 Series Update {188151E1-EAB4-4390-BCC0-1B348DDA926B}" [C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE] "C:\Windows\SysNative\tasks\EPSON XP-322 323 325 Series Update {E25DF790-8A69-40A4-86E9-D178D5AB5FFC}" [C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSNEE.EXE] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions ====================== ProfilePath: C:\Users\GEBRUI~1\AppData\Roaming\TomTom\HOME\Profiles\djx6yx8o.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Slides - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/?gws_rd=ssl" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.nl/?gws_rd=ssl" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{7888568E-5B0E-4620-8B42-36C7B9C454E3}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{7888568E-5B0E-4620-8B42-36C7B9C454E3} - https://www.google.com/search?q={searchTerms} ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8DBC5A0A-31C4-46C7-B252-6B593EA11A87} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A0A5CBD84C137C642B25B695E31AA178 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1722 folders=103 509301460 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 11-01-2016 at 22:17:34,84 ======================