Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Meuli on vr 25/11/2016 at 8:53:39,23. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Meuli\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-11-22-180601.log 149474 bytes C:\zoek-results2016-11-23-185450.log 9612 bytes C:\zoek-results2016-11-23-190224.log 13254 bytes C:\zoek-results2016-11-24-191059.log 7002 bytes ==== Empty Folders Check ====================== C:\Users\Meuli\AppData\Local\NetworkTiles deleted successfully C:\Users\miebo\AppData\Local\NetworkTiles deleted successfully C:\Users\miebo\AppData\Local\VirtualStore deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Meuli\AppData\Roaming\Mozilla\Firefox\Profiles\lpjqso1p.default\jetpack deleted ==== Folders Found ====================== ==== Files Found ====================== --- C:\zoek_backup\C_ProgramData_Norton_{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_22.5.0.124_QuickStart_FolderForAll_McAfee Security Scan Plus.lnk.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2229 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:47:08 MD5: 60F8180FB12D198E6E2116DA361F4631 SHA1: 82CF10C748A16C748D7269A8909E36DCA12CE096 --- C:\zoek_backup\C_Users_All Users_Norton_{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_22.5.0.124_QuickStart_FolderForAll_McAfee Security Scan Plus.lnk.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2229 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:47:08 MD5: 60F8180FB12D198E6E2116DA361F4631 SHA1: 82CF10C748A16C748D7269A8909E36DCA12CE096 --- C:\zoek_backup\C_Users_Meuli_AppData_Local_Microsoft_CLR_v4.0_UsageLogs_Mcafee.TrueKey.Uninstaller.Exe.log.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2333 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-20 22:20:43 MD5: F5ECE3F684E20EF9B79B387D5DD19D68 SHA1: 87EE0F7336763565A03C7CD0EC01F8D5B94965AF --- C:\zoek_backup\C_Windows_Prefetch_MCAFEE.TRUEKEY.UNINSTALLER.EX-3262E9F8.pf.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 34025 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-22 18:09:39 MD5: EF46A15C5BB9B0239A5363F31D71F94A SHA1: 12093C1E29BF2EDB6282E1BDF01F3D28E51E4CB0 --- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Local_Microsoft_CLR_v4.0_32_UsageLogs_Mcafee.TrueKey.InstallerService.exe.log.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2096 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:57:39 MD5: 569BFC0D1A09B9BA51D7FA047208049D SHA1: 02EC954436D637E9AE65D675A9257642DAC444D5 --- C:\zoek_backup\C_ProgramData_Norton_{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_22.5.0.124_QuickStart_FolderForAll_McAfee Security Scan Plus.lnk.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2229 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:47:08 MD5: 60F8180FB12D198E6E2116DA361F4631 SHA1: 82CF10C748A16C748D7269A8909E36DCA12CE096 --- C:\zoek_backup\C_Users_All Users_Norton_{0C55C096-0F1D-4F28-AAA2-85EF591126E7}_NIS_22.5.0.124_QuickStart_FolderForAll_McAfee Security Scan Plus.lnk.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2229 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:47:08 MD5: 60F8180FB12D198E6E2116DA361F4631 SHA1: 82CF10C748A16C748D7269A8909E36DCA12CE096 --- C:\zoek_backup\C_Users_Meuli_AppData_Local_Microsoft_CLR_v4.0_UsageLogs_Mcafee.TrueKey.Uninstaller.Exe.log.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2333 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-20 22:20:43 MD5: F5ECE3F684E20EF9B79B387D5DD19D68 SHA1: 87EE0F7336763565A03C7CD0EC01F8D5B94965AF --- C:\zoek_backup\C_Windows_Prefetch_MCAFEE.TRUEKEY.UNINSTALLER.EX-3262E9F8.pf.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 34025 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-22 18:09:39 MD5: EF46A15C5BB9B0239A5363F31D71F94A SHA1: 12093C1E29BF2EDB6282E1BDF01F3D28E51E4CB0 --- C:\zoek_backup\C_Windows_SysWOW64_config_systemprofile_AppData_Local_Microsoft_CLR_v4.0_32_UsageLogs_Mcafee.TrueKey.InstallerService.exe.log.vir --- Company: ------ File Description: ------ File Version: ------ Product Name: ------ Copyright: ------ Original Filename: ------ File type: ----a-w- File size: 2096 Created time: 2016-11-24 19:09:46 Modified time: 2016-11-19 13:57:39 MD5: 569BFC0D1A09B9BA51D7FA047208049D SHA1: 02EC954436D637E9AE65D675A9257642DAC444D5 ==== Registry Search Results for "McAfee" ====================== [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE] [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE\MSC] [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE\MSC\SETTINGS] ==== Registry Search Results for "McAfee" ====================== [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE] [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE\MSC] [HKEY_USERS\S-1-5-21-81677117-3975090573-2044214416-1002\SOFTWARE\MCAFEE\MSC\SETTINGS] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Meuli\AppData\Roaming\Mozilla\Firefox\Profiles\lpjqso1p.default user_pref("browser.startup.homepage", "https://www.google.be/"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon" [22/11/2016 19:04] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{C1A2A613-35F1-4FCF-B27F-2840527B6556}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFAddon" [22/11/2016 19:04] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Meuli\AppData\Roaming\Mozilla\Firefox\Profiles\lpjqso1p.default - Foxtrick - %ProfilePath%\extensions\{9d1f059c-cada-4111-9696-41a62d64e3ba}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Meuli\AppData\Roaming\Mozilla\Firefox\Profiles\lpjqso1p.default 8088B6419F8A2F3C6E1F8312A1C427C9 - D:\programmas\Adobe CS 5.5\Acrobat 10.0\Acrobat\browser\nppdf32.dll - Adobe Acrobat A5F2FB62C5988C5CCA1F580267BE07E0 - D:\programmas\Adobe CS 5.5\Acrobat 10.0\Acrobat\Air\nppdf32.dll - Adobe Acrobat F114FBA6246530B89DD1E04351E0EAC5 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll - Shockwave Flash E288BCB3E135DAC497B49847CCDCED00 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_205.dll - Shockwave Flash D2B5242013356AF422A42B9FAA4056C2 - C:\Users\Meuli\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin F87775104528B63550571B996CC002EE - C:\Users\Meuli\AppData\Local\MyComGames\npmycomdetector.dll - mycomgames3 component npmycomdetector.dll FD63DE29FE0A7E738BD81CA0EDDD8020 - C:\Users\Meuli\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.2\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Internet Security\Engine\22.8.1.14\Exts\Chrome.crx[12/11/2016 04:09] iikflkcanblccfahdhdonehdalibjnif - No path found[] Chrome Media Router - Meuli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Norton Security Toolbar - miebo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe Chrome Media Router - miebo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Meuli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Meuli\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\miebo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\miebo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\miebo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\miebo\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Meuli\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Meuli\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\miebo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\miebo\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Meuli\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Meuli\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\miebo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\miebo\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Meuli\AppData\Local\Mozilla\Firefox\Profiles\lpjqso1p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Meuli\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\miebo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3044 folders=529 540753002 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Meuli\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on vr 25/11/2016 at 9:10:03,44 ======================