
Zoek.exe v5.0.0.0 Updated 10-September-2014
Tool run by Koen on vr 12/09/2014 at 19:04:40,25.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Koen\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

12/09/2014 19:09:22 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\ProShoePepeer deleted successfully
C:\PROGRA~3\374311380 deleted successfully
C:\PROGRA~3\Guitar Pro 6 deleted successfully
C:\Users\Koen\AppData\Local\Sparta deleted successfully
C:\Users\Koen\AppData\Local\VirtualStore deleted successfully
C:\Users\Seppe\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2043100165-3502898724-762426204-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4} deleted successfully
HKEY_USERS\S-1-5-21-2043100165-3502898724-762426204-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Seppe\AppData\Roaming\Mozilla\Firefox\Profiles\wob0ufa0.default

user.js not found
---- Lines spigot removed from prefs.js ----
user_pref("startpage.ntsearch_url", "https://search.yahoo.com/search?fr=spigot-nt-ff&ei=utf-8&ilc=12&type=0&p={searchTerms}");
---- Lines extensions.30gEO4yQwNjV removed from prefs.js ----
user_pref("extensions.30gEO4yQwNjV.epoch", "1410621211");
user_pref("extensions.30gEO4yQwNjV.url", "http://websolutiion.in/sync2/?q=hfZ9ofbGBGhEAen0qHC6tMqLDe49CNU0nUkMCMlNhd9Fqda4rdCEqTk5rHnMBzqUojw9rdUFrTw8
---- FireFox user.js and prefs.js backups ---- 

prefs_20141209_2045_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5B8185A4-4D98-8BE2-7FF9-4FA8AA590CA4}] 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\ProgramData\374311380 not found
C:\51f4d342ff3b1cb50db4 deleted
C:\ProgramData\f62a45d10da6d66e deleted
C:\ProgramData\Performance Optimizer deleted
C:\ProgramData\IePluginServices deleted
C:\ProgramData\WindowsMangerProtect deleted
C:\Program Files (x86)\SupTab deleted
C:\Users\Koen\AppData\Local\BrowserSafeguard deleted
C:\Users\Seppe\AppData\Local\BrowserSafeguard deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Koen\Documents\Optimizer Pro deleted
C:\Users\Seppe\AppData\Roaming\Mozilla\Firefox\Profiles\wob0ufa0.default\extensions\hjv.a3@adodho.net deleted
"C:\Users\Seppe\AppData\Roaming\Search Protection\SearchProtection.exe" deleted
"C:\ProgramData\ProShoePepeer" not deleted
"C:\ProgramData\ProShoePepeer" not deleted
"C:\Users\Seppe\AppData\Roaming\Search Protection" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Koen\AppData\Local\Temp ====
2014-09-11 18:34:50	E073F2C0217B84223CD5CD2790AA93D3	16340144	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw3008_30163\plugins\NPSWF32_13_0_0_168.dll
2014-09-11 18:33:53	7A84009415827C6FC764B00F501654E8	402432	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw3008_30163\node_modules\goldengate\build\Release\goldengate.dll
2014-09-11 18:33:50	DE3DD2C419C7B383E6FD7997A782D5D1	95232	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw3008_30163\node_modules\gameo_utils\build\Release\gameo_utils.dll
2014-08-30 16:40:38	E073F2C0217B84223CD5CD2790AA93D3	16340144	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw6112_31284\plugins\NPSWF32_13_0_0_168.dll
2014-08-30 16:39:59	7A84009415827C6FC764B00F501654E8	402432	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw6112_31284\node_modules\goldengate\build\Release\goldengate.dll
2014-08-30 16:39:57	DE3DD2C419C7B383E6FD7997A782D5D1	95232	----a-w-	C:\Users\Seppe\AppData\Local\Temp\nw6112_31284\node_modules\gameo_utils\build\Release\gameo_utils.dll
2014-08-30 16:39:42	8D265C7B61248ED5F408F3F3346AC90C	1613888	----a-w-	C:\Users\Seppe\AppData\Local\Temp\{00D50E6B-609E-4BB1-9270-EC0AE080CB10}\BrowserExtensionsSetup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-09-11 18:02:02	2413D2216D08FAF7D7178D9E0B481AEB	2285056	----a-w-	C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 12:14:02	1B85FA0D0A93C011B76678733F39DB6C	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-09-10 12:13:59	B094390B6B2D0456821384771020870B	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-09-10 12:13:59	10826DA2FC073702AEAB93AF3D73B066	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-09-11 18:02:02	3469B9FAE899139FEE7356E91693376A	2777088	----a-w-	C:\Windows\Sysnative\msmpeg2vdec.dll
2014-09-10 12:14:02	33EF550DCCC58C93F5B65FD75BAD9832	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-09-10 12:14:01	EE4B105F1DBE1E864AFC72E7F0315432	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-09-10 12:13:35	E2BCB58869598B392D6A78953F61A2D9	578048	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-09-10 12:13:33	88BC88D0BDFB6BBE5765D5ABB233C110	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
====== C:\Windows\Sysnative\drivers =====
2014-08-25 14:09:28	6140163BFE9D8F2DFDBA088ED5521C13	119512	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-08-14 08:27:28	87CE5C8965E101CCCED1F4675557E868	985536	----a-w-	C:\Windows\Sysnative\drivers\dxgkrnl.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-08-25 14:35:36	--------	d-----w-	C:\PROGRA~2\Windows Media Player
2014-08-17 20:48:29	--------	d-----w-	C:\PROGRA~2\Mozilla Maintenance Service
======= C: =====
====== C:\Users\Koen\AppData\Roaming ======
2014-09-12 17:28:41	8234149F2F1A068DBCBEBF66CF69BA10	111520	----a-w-	C:\Users\Koen\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-25 14:39:13	9C3E11ABC1FB9188BA8688109F0B660B	4608	----a-w-	C:\Users\Koen\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-08-25 14:35:16	--------	d-----w-	C:\Users\Default\AppData\Roaming\Media Center Programs
2014-08-25 14:35:16	--------	d-----w-	C:\Users\Default User\AppData\Roaming\Media Center Programs
2014-08-15 12:06:51	--------	d-----w-	C:\Users\Koen\AppData\Local\Adobe
====== C:\Users\Koen ======
2014-08-17 20:48:31	--------	d-----w-	C:\ProgramData\Mozilla
2014-08-17 12:06:52	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-15 09:21:03	--------	d-----r-	C:\Users\Koen\Searches

====== C: exe-files ==
2014-09-10 12:13:34	1386CD9322CD4A673FF96BF136D91633	31232	----a-w-	C:\Windows\System32\CompatTel\wicainventory.exe
2014-09-10 12:13:34	0C3028324C475485D6C24D626D9149C3	176288	----a-w-	C:\Windows\System32\CompatTel\QueryAppBlock.exe
=== C: other files ==
2014-09-11 19:35:43	8A80554C91D9FCA8ACB82F023DE02F11	3	----a-w-	C:\Users\Seppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IA0HTKQW\bushofficial[1].com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2043100165-3502898724-762426204-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Koen\AppData\Local\Akamai\netsession_win.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_USERS\S-1-5-21-2043100165-3502898724-762426204-1003\Software\Microsoft\Windows\CurrentVersion\Run]
"Gameo"="C:\Users\Seppe\AppData\Roaming\Gameo\gameo.exe C:\Users\Seppe\AppData\Roaming\Gameo\gameo.dat mode:minimized"
"SearchProtection"="C:\Users\Seppe\AppData\Roaming\Search Protection\SearchProtection.EXE /autostart"
"Browser Extensions"="C:\Users\Seppe\AppData\Roaming\Browser Extensions\CouponsHelper.exe"
"uTorrent"="C:\Users\Seppe\AppData\Roaming\uTorrent\uTorrent.exe  /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Koen\AppData\Local\Akamai\netsession_win.exe"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~3\\perfor~1\\perfor~1.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Adobe ARM"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="APSDaemon"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\Koen\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GarminExpressTrayApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GarminExpressTrayApp"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Garmin\\Express Tray\\ExpressTray.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\Koen\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\Koen\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="uTorrent"
"hkey"="HKCU"
"command"="C:\\Users\\Seppe\\AppData\\Roaming\\uTorrent\\uTorrent.exe /MINIMIZED"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Koen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk]
"item"="Dropbox"
"path"="C:\\Users\\Koen\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk"
"backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\Users\\Koen\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Koen^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Verzenden naar OneNote.lnk]
"item"="Verzenden naar OneNote"
"path"="C:\\Users\\Koen\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Verzenden naar OneNote.lnk"
"backup"="C:\\Windows\\pss\\Verzenden naar OneNote.lnk.Startup"
"backupExtension"=".Startup"
"command"="C:\\PROGRA~1\\MICROS~3\\Office15\\ONENOTEM.EXE"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [10/09/2014 19:04]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2043100165-3502898724-762426204-1000Core.job --a------ C:\Users\Koen\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/11/2013 19:58]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2043100165-3502898724-762426204-1000UA.job --a------ C:\Users\Koen\AppData\Local\Facebook\Update\FacebookUpdate.exe [09/11/2013 19:58]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/10/2013 18:40]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [01/10/2013 18:40]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2043100165-3502898724-762426204-1000Core" [C:\Users\Koen\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2043100165-3502898724-762426204-1000UA" [C:\Users\Koen\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\{4F6DD7C6-45BB-4E54-9557-BFFD5ABA75A3}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\{BB3F6BA6-17B4-445D-9CA9-5014F434D7A5}" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Seppe\AppData\Roaming\Mozilla\Firefox\Profiles\wob0ufa0.default
- Start Page - %ProfilePath%\extensions\{32da2f20-827d-40aa-a3b4-2fc4a294352e}
- Slick Savings - %ProfilePath%\extensions\{46eddf51-a4f6-4476-8d6c-31c5187b2a2f}
- Amazon Shopping Assistant by Spigot - %ProfilePath%\extensions\{84a93d51-b7a9-431e-8ff8-d60e5d7f5df1}
- Ebay Shopping Assistant by Spigot - %ProfilePath%\extensions\{f894a29a-f065-40c3-bb19-da6057778493}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================


==== Deleted Firefox Extensions ======================

C:\Users\Seppe\AppData\Roaming\Mozilla\Firefox\Profiles\wob0ufa0.default\extensions\{46eddf51-a4f6-4476-8d6c-31c5187b2a2f} deleted
C:\Users\Seppe\AppData\Roaming\Mozilla\Firefox\Profiles\wob0ufa0.default\extensions\{32da2f20-827d-40aa-a3b4-2fc4a294352e} deleted

==== Chromium Look ======================

ESPN News - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn
Google Wallet - Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Google Docs - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AdBlock - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
avast Online Security - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
ESPN News - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn
Google Wallet - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Google Docs - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
ESPN News - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn
Google Wallet - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Preferences
"startup_urls": [ "http://www.sweet-page.com/?type=hp&ts=1408975400&from=cor&uid=HitachiXHTS723232L9A360_090819FCC400NEHB36AGX" ],


==== Chromium Fix ======================

C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn deleted successfully
C:\Users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn deleted successfully
C:\Users\seppe2\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmiedhpkconehbgffhejpicmdogphlcn deleted successfully
C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mmiedhpkconehbgffhejpicmdogphlcn_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1408975400&from=cor&uid=HitachiXHTS723232L9A360_090819FCC400NEHB36AGX&q={searchTerms}"
"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1408975400&from=cor&uid=HitachiXHTS723232L9A360_090819FCC400NEHB36AGX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.sweet-page.com/web/?type=ds&ts=1408975400&from=cor&uid=HitachiXHTS723232L9A360_090819FCC400NEHB36AGX&q={searchTerms}"
"Search Page"="http://www.sweet-page.com/web/?type=ds&ts=1408975400&from=cor&uid=HitachiXHTS723232L9A360_090819FCC400NEHB36AGX&q={searchTerms}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/?gws_rd=ssl"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{892cc6a3} deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Seppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Seppe\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\seppe2\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W557B1P5 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Koen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Seppe\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\seppe2\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=123 folders=43 44314452 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Koen\AppData\Local\Temp will be emptied at reboot
C:\Users\Seppe\AppData\Local\Temp will be emptied at reboot
C:\Users\seppe2\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Koen\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Seppe\AppData\Local\Temp\FXSAPIDebugLogFile.txt" not found
"C:\ProgramData\ProShoePepeer"  not found
"C:\ProgramData\ProShoePepeer"  not found
"C:\Users\Seppe\AppData\Roaming\Search Protection"  not found
"C:\Users\Koen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W557B1P5" deleted
"C:\Users\Seppe\AppData\Local\Temp\nw18344_24643" not found
"C:\Users\Seppe\AppData\Local\Temp\nw3008_30163" not found
"C:\Users\Seppe\AppData\Local\Temp\nw4960_15179" not found

==== EOF on vr 12/09/2014 at 21:07:52,91 ======================