Zoek.exe v5.0.0.0 Updated 09-January-2015 Tool run by Henk on za 10-01-2015 at 14:16:45,49. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Henk\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-04-181048.log 217742 bytes C:\zoek-results2014-06-05-122028.log 7063 bytes C:\zoek-results2015-01-10-114501.log 56183 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\DSPRobotics deleted successfully C:\PROGRA~2\VideoLAN deleted successfully C:\PROGRA~3\Validity deleted successfully C:\Users\Henk\AppData\Local\StormFall deleted successfully C:\Users\Indra\AppData\Local\WMTools Downloaded Files deleted successfully C:\Users\Lelaa\AppData\Local\VirtualStore deleted successfully C:\Users\Lusia\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1535193200-1948594691-1747739758-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2F1E335A-858A-4BE9-8F6B-D0AF1D018B53} deleted successfully HKEY_USERS\S-1-5-21-1535193200-1948594691-1747739758-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-1535193200-1948594691-1747739758-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MaintainerSvc3.93.1720192 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MaintainerSvc3.93.1720192 deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default ---- FireFox user.js and prefs.js backups ---- user_10-01-2015_1233_.backup user_10-01-2015_1435_.backup prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default ---- Lines Sweet removed from prefs.js ---- user_pref("extensions.2QsQMClqUCGGjNnS.url", "http://installsunny.us/sync2/?q=hfZ9ofbMDMnMCyVUojs4rTwMg708BNmGWj8pjchGheDUojw9rjaFrdw8rdU8rchIC7n0rjnF ---- Lines extensions.2QsQMClqUCGGjNnS removed from prefs.js ---- user_pref("extensions.2QsQMClqUCGGjNnS.epoch", "1420921065"); ---- Lines extensions.P5RkzH6 removed from prefs.js ---- user_pref("extensions.P5RkzH6.epoch", "1420921064"); user_pref("extensions.P5RkzH6.url", "http://sunnyspytaxs.us/sync2/?q=hfZ9ofV9CShEAen0rjn5rihTB6lKDzt4ok4rtNtVh7n0rjnEqHw8rjaEqHn6tMFHhd9Fqda4rdCFrjkEq ---- Lines extensions.dwPbJ3jTBZw removed from prefs.js ---- user_pref("extensions.dwPbJ3jTBZw.epoch", "1420921065"); user_pref("extensions.dwPbJ3jTBZw.url", "http://homedirectorymusicweb.in/sync2/?q=hfZ9ofbTAy1MCyVUojw9pdwMg708BNmGWj8pjchGheDUojw9rdCFqjwErdCGpihIC7n0 ---- FireFox user.js and prefs.js backups ---- user_10-01-2015_1233_.backup user_10-01-2015_1435_.backup prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ProfilePath: C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_10-01-2015_1233_.backup prefs_10-01-2015_1435_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Adblocker deleted C:\ProgramData\Adblocker deleted C:\ProgramData\GoSavee deleted C:\PROGRA~3\pricecchOp deleted C:\Users\Henk\AppData\LocalLow\{095D44AA-C958-530E-2315-116D85DD2F60} deleted C:\Users\Henk\AppData\LocalLow\{11E315BF-17AA-472C-8734-16DD79D814EF} deleted C:\Users\Indra\AppData\LocalLow\{095D44AA-C958-530E-2315-116D85DD2F60} deleted C:\Users\Indra\AppData\LocalLow\{11E315BF-17AA-472C-8734-16DD79D814EF} deleted C:\Users\Lelaa\AppData\LocalLow\{095D44AA-C958-530E-2315-116D85DD2F60} deleted C:\Users\Henk\AppData\Local\Packages\windows_ie_ac_001\AC\{095D44AA-C958-530E-2315-116D85DD2F60} deleted C:\Users\Henk\AppData\Local\Packages\windows_ie_ac_001\AC\{11E315BF-17AA-472C-8734-16DD79D814EF} deleted C:\PROGRA~3\cab4fbb2-1ac7-44d2-9b7d-0c921d8827f4 deleted C:\Users\Henk\AppData\Local\21679 deleted C:\Users\Henk\AppData\Local\5500 deleted C:\Users\Henk\AppData\Local\993 deleted C:\PROGRA~2\Mozilla Firefox\browser\searchplugins\webssearches.xml deleted C:\PROGRA~2\SopCast deleted C:\Users\Henk\AppData\Roaming\MAGIX deleted C:\Users\Indra\AppData\Roaming\MAGIX deleted C:\PROGRA~3\IePluginServices deleted C:\PROGRA~3\MAGIX deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\windows\Syswow64\GroupPolicy\gpt.ini deleted C:\windows\SysWow64\AI_RecycleBin deleted C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default\extensions\firefox@ghostery.com.xpi deleted C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default\jetpack deleted C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\extensions\firefox@ghostery.com.xpi deleted C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\jetpack deleted C:\Users\Henk\Desktop\RipTiger_3-4-8-Setup_softonic.exe deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default\searchplugins\Astromenda.xml" deleted "C:\PROGRA~3\4d09ce8d5400296d\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140715120756" deleted "C:\PROGRA~3\4d09ce8d5400296d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20141010171025" deleted "C:\PROGRA~3\4d09ce8d5400296d\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140715120743" deleted "C:\PROGRA~3\4d09ce8d5400296d\{FDB962F0-B5B8-9460-D12F-7966E97BAA43}.20140715120749" deleted "C:\PROGRA~3\4d09ce8d5400296d" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default user_pref("browser.startup.homepage", "about:home"); ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\6w62ozqw.default-1401555762839 user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\suf8puu9.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701 user_pref("browser.startup.homepage", "about:home"); ProfilePath: C:\Users\Lelaa\AppData\Roaming\Mozilla\Firefox\Profiles\l6aj28mn.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\Lusia\AppData\Roaming\Mozilla\Firefox\Profiles\7c61muc8.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{22C7F6C6-8D67-4534-92B5-529A0EC09405}"="C:\Program Files (x86)\Trend Micro\Client Server Security Agent\bho\1009\FirefoxExtension" [02-03-2014 22:07] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 11:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\Indra\AppData\Roaming\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701 - Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\3upd9wm3.default B33B016B77560C7832BF4D311EA23328 - C:\Users\Henk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 8FE7BA502945BE735D09D5703BD76FDA - C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director Profilepath: C:\Users\Henk\AppData\Roaming\Mozilla\Firefox\Profiles\lbq32xj6.default 9860727E477F17B88E39AF8B69B0407A - C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll - Shockwave Flash D6ED6EB98E759460AD8C66DE23070132 - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2013 18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013 B33B016B77560C7832BF4D311EA23328 - C:\Users\Henk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player 8FE7BA502945BE735D09D5703BD76FDA - C:\windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll - Shockwave for Director / Shockwave for Director ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\Administrator\AppData\Local\Torch deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Administrator\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Administrator\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Administrator\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Gast\AppData\Local\Torch deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome deleted Fake profile C:\Users\Gast\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Gast\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Gast\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Henk\AppData\Local\Torch deleted Fake profile C:\Users\Henk\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Henk\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Henk\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Torch deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Indra\AppData\Local\Torch deleted Fake profile C:\Users\Indra\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Indra\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Indra\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Lelaa\AppData\Local\Torch deleted Fake profile C:\Users\Lelaa\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Lelaa\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Lelaa\AppData\Local\Chromatic Browser deleted Fake profile C:\Users\Lusia\AppData\Local\Torch deleted Fake profile C:\Users\Lusia\AppData\Local\Google\Chrome SxS deleted Fake profile C:\Users\Lusia\AppData\Local\Comodo\Dragon deleted Fake profile C:\Users\Lusia\AppData\Local\Chromatic Browser deleted ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Up to date, latest Stable version: 39.0.2171.95) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bopakagnckmlgajfccecajhnimjiiedh - No path found[] pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pfkfdlcdbajamklbneflfbcmfgddmpae - No path found[] Google Docs - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Henk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake pricechop - Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg Jack Spade - Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmfhcemponaaoollhcoebkpajgdamieo GoSavee - Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni Google Wallet - Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake pricechop - Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg GoSavee - Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni Google Wallet - Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda pricechop - Lusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg GoSavee - Lusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni Google Wallet - Lusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Fix ====================== C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfindertool.com_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_driverfindertool.com_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.tradetracker.net_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.tradetracker.net_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully C:\Users\Lusia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage deleted successfully C:\Users\Lusia\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_services.hearstmags.com_0.localstorage-journal deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg deleted successfully C:\Users\Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg deleted successfully C:\Users\Lusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnbepkilfgbjlpkgblegbhkfphbceicg deleted successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni deleted successfully C:\Users\Lelaa\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni deleted successfully C:\Users\Lusia\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpfjfedncajhjefnmpacbnghfboahlni deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {E6315AA0-9C71-4023-9D9F-4A913FA7592C} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bopakagnckmlgajfccecajhnimjiiedh deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C87834EB-A2A0-B9D4-AA9A-C263D1191051} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96} deleted successfully ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Henk\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Indra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Indra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lelaa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lelaa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Lusia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Lusia\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Henk\AppData\Local\Mozilla\Firefox\Profiles\lbq32xj6.default\cache2 emptied successfully C:\Users\Indra\AppData\Local\Mozilla\Firefox\Profiles\y36bohn4.default-1407176424701\cache2 emptied successfully C:\Users\Lelaa\AppData\Local\Mozilla\Firefox\Profiles\l6aj28mn.default\Cache will be emptied at reboot C:\Users\Lusia\AppData\Local\Mozilla\Firefox\Profiles\7c61muc8.default\Cache emptied successfully C:\Users\Lusia\AppData\Local\Mozilla\Firefox\Profiles\7c61muc8.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Henk\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Indra\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Lelaa\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Lusia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=844 folders=307 104699780 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Henk\AppData\Local\Temp will be emptied at reboot C:\Users\Indra\AppData\Local\Temp will be emptied at reboot C:\Users\Lelaa\AppData\Local\Temp will be emptied at reboot C:\Users\Lusia\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Henk\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Indra\AppData\Local\Temp\Adobe" not found "C:\Users\Lelaa\AppData\Local\Temp\scoped_dir_824_21090" not found ==== EOF on za 10-01-2015 at 14:46:47,31 ======================