Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Patric2 on di 17/05/2016 at 9:11:21,41. Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Documents and Settings\Patric2\Bureaublad\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-05-11-141255.log 66606 bytes C:\zoek-results2016-05-12-134144.log 7729 bytes C:\zoek-results2016-05-13-062026.log 48321 bytes C:\zoek-results2016-05-13-075811.log 946 bytes C:\zoek-results2016-05-13-140428.log 574623 bytes C:\zoek-results2016-05-14-165052.log 13045 bytes C:\zoek-results2016-05-15-132137.log 193816 bytes C:\zoek-results2016-05-16-122356.log 54133 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Folders Found ====================== 2016-05-12 13:31:56 2016-05-12 13:31:56 -------- d---a-w- C:\zoek_backup\C_Documents and Settings_Patric2_Local Settings_Application Data_Avg2014(2) 2016-05-12 13:31:55 2016-05-12 13:31:56 -------- d---a-w- C:\zoek_backup\C_WINDOWS_system32_config_systemprofile_Application Data_AVG2014(2) ==== Files Found ====================== --- C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\5VF5MCH3\6_Logo-PCH-2014-december[1].png --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 5453 Created time: 2016-05-15 13:26:23 Modified time: 2016-05-15 13:26:24 MD5: 9521C56C6B81E84F7DBB30E8115B674F SHA1: 770F759D7E78DA8C87B969B9E58CC0A8AF46965B --- C:\Documents and Settings\Patric2\Onlangs geopend\JAMESSPAARDERS 2014.doc.lnk --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 553 Created time: 2014-05-01 06:46:19 Modified time: 2014-05-01 06:46:19 MD5: D0DE77969DAE4D695E573FD6E1DF980B SHA1: AB011C0B05513085F7C95CBD9A1C57130D85A51D --- C:\Program Files\Common Files\Little Registry Cleaner\Backups\2014_12_11_134951.xml --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 119166 Created time: 2014-12-11 12:49:51 Modified time: 2014-12-11 12:49:53 MD5: 03EBC4CF1D1398B52FE6DE824056500B SHA1: F1F1846F51A05AAD00A6318A6EC9F51D1566C992 --- C:\Program Files\Common Files\Little Registry Cleaner\Logs\2014_12_11_134743.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 42349 Created time: 2014-12-11 12:47:43 Modified time: 2014-12-11 12:47:42 MD5: 43317E969E253B63726306ABE69C90A5 SHA1: 02D43A4F4279A65A863388CDADE84E9BA471CBD5 --- C:\WINDOWS\$NtServicePackUninstall$\reg02014 --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: -c--a-w- File size: 8192 Created time: 2008-10-08 12:16:44 Modified time: 2008-10-08 12:16:44 MD5: 7449D6300ED9AEDD5149CAF54B36E1CD SHA1: AE038B96A496F728A5F45495AABD13BDF927B9BC --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\KB2898855v2_20140225_185250774-Microsoft .NET Framework 4 Client Profile-MSP0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13034832 Created time: 2014-02-25 17:52:56 Modified time: 2014-02-25 18:01:06 MD5: 889E89538B34402507FA20DC7676F28D SHA1: 3BDD9E2E6E34E5FE70C16F777DC97B622FB9301A --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\KB2898855v2_20140225_185250774.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 65840 Created time: 2014-02-25 17:52:48 Modified time: 2014-02-25 18:01:07 MD5: C21F51CF3ED78F59E398C3E5B4BD0B09 SHA1: 697D452D4B3680227685F46CDD7DF779C646D228 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\KB2901110v2_20140225_183054259-Microsoft .NET Framework 4 Client Profile-MSP0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 12480442 Created time: 2014-02-25 17:31:13 Modified time: 2014-02-25 17:36:01 MD5: 9969DFEFC21170B7F4544DE62394420D SHA1: 95BB69C8DC06B869AD8ABD429FE15364E23F55E4 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\KB2901110v2_20140225_183054259-Microsoft .NET Framework 4 Extended-MSP1.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 3402844 Created time: 2014-02-25 17:36:01 Modified time: 2014-02-25 17:38:33 MD5: 1613C5950732D9B586AC3E4DB3DC2BD5 SHA1: CA0357B3CC6AABC9C3D2B6EB451E9AE2E7FDBA32 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\KB2901110v2_20140225_183054259.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 68922 Created time: 2014-02-25 17:30:52 Modified time: 2014-02-25 17:38:34 MD5: 663A87657D409B7EABDD24BBC0D01A68 SHA1: 814AD857702313964F5CDC74AFDDB06855E4016F --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2572073_20111015_132014656-Msi0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 13034398 Created time: 2011-10-15 13:20:15 Modified time: 2011-10-15 13:25:15 MD5: AFCB879D05F4D3AD1CB1BFFD0DCCD21D SHA1: D03316850E5DC894F0A38CADFA83A301196737FA --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2572073_20111015_132014656.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 508700 Created time: 2011-10-15 13:20:12 Modified time: 2011-10-15 13:25:16 MD5: A8754E1E98384AAD0A2F800635A8AB4D SHA1: 13238B96347281F93776CD0CB94359DBF2BED4AA --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2836941_20140225_180116009-Msi0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 7823504 Created time: 2014-02-25 18:01:16 Modified time: 2014-02-25 18:02:15 MD5: 43130F624A515E8A93591FA9207A6024 SHA1: CD6E4A9A5460A72F6222F4FED79C3F98E2D60823 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2836941_20140225_180116009.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 115272 Created time: 2014-02-25 18:01:12 Modified time: 2014-02-25 18:02:15 MD5: E9E143590D7CB083E3D25BE5E948F6D2 SHA1: 732BB09C79EB2E7CAF20769B1D2936F7C8DFCC89 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2898856_20140225_172038056-Msi0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 14895202 Created time: 2014-02-25 17:20:38 Modified time: 2014-02-25 17:26:07 MD5: DC2A23E20C21F177372801F6437384EB SHA1: A18EC62EFC68789FC8B350A2CE0C7AB168EF5525 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2898856_20140225_172038056.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 505262 Created time: 2014-02-25 17:20:30 Modified time: 2014-02-25 17:26:07 MD5: FD3BCB4054CED9FF0CB5A9A5372737F7 SHA1: EFA5099059491ADCB4D24522E440E3161F012D71 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2901111_20140225_174649181-Msi0.txt --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 14920136 Created time: 2014-02-25 17:46:50 Modified time: 2014-02-25 17:52:36 MD5: 7E78AEE77E4BCA3C533B5240E3A480BE SHA1: 4F8888145AD88B3BC7239BED8AF8C0A39CFB5641 --- C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Microsoft .NET Framework 2.0-KB2901111_20140225_174649181.html --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 505444 Created time: 2014-02-25 17:46:42 Modified time: 2014-02-25 17:52:36 MD5: 2C9C87B7CA1DB0783C7A7B3F2FC84DE4 SHA1: AB9000135402BD91F70E679FF412C7DECAC01CC2 ==== Registry Search Results for "avg2014" ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3E50E0F5227E31B4C9692FAABE07044F] "D5C17343E668F26498A6AB57CEE0DEEA"="C:\\Program Files\\AVG\\AVG2014\\mfaverx.txt" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7F2195191CEF3C24693DF3C8D16CB932] "D5C17343E668F26498A6AB57CEE0DEEA"="C?\\Program Files\\AVG\\AVG2014\\sb.dat" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EB06BD404D6EB77448B48C83D896EEAE] "D5C17343E668F26498A6AB57CEE0DEEA"="02:\\SOFTWARE\\AVG\\AVG2014\\SetupFlags\\FF_IDP2" ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{ABDE892B-13A8-4d1b-88E6-365A6E755758}"="C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [28/11/2013 15:33] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22/06/2010 13:40] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions idhngdhcfkoamngbedgpaokgjbnpdiji - C:\WINDOWS\Profiles\All Users\Application Data\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14/08/2013 16:24] RealDownloader - Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji ==== Chromium Startpages ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", "urls_to_restore_on_startup": [ "http://www.google.com/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?} HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nl ==== Empty IE Cache ====================== C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Documents and Settings\Patric2\Local Settings\Application Data\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=501 folders=232 202026791 bytes) ==== Empty Temp Folders ====================== C:\Documents and Settings\Default User\Local Settings\Temp emptied successfully C:\Documents and Settings\LocalService\Local Settings\Temp emptied successfully C:\Documents and Settings\NetworkService\Local Settings\Temp emptied successfully C:\Documents and Settings\Patric2\Local Settings\Temp will be emptied at reboot C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\DOCUME~1\Patric2\LOCALS~1\Temp successfully emptied ==== Deleting Files / Folders ====================== "C:\Documents and Settings\Patric2\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not deleted ==== EOF on di 17/05/2016 at 9:54:00,01 ======================