
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Lucho on do 24-03-2016 at 22:26:02,69.
Microsoft Windows 10 Home 10.0.10586  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lucho\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2016-03-24-161318.log	18322 bytes

==== Empty Folders Check ======================

C:\Users\Lucho\AppData\Local\ActiveSync deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2980937076-3705342242-4026936015-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully
HKEY_USERS\S-1-5-21-2980937076-3705342242-4026936015-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Settings\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F053C368-5458-45B2-9B4D-D8914BDDDBFF} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{5e1bc830-4746-11e5-b970-0800200c9a66} deleted successfully

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Lucho\AppData\Roaming\Mozilla\Firefox\Profiles\u4n69b4p.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_24-03-2016_2240_.backup

ProfilePath: C:\Users\yegrw\AppData\Roaming\Mozilla\Firefox\Profiles\2bvmy8e6.default

user.js not found
---- Lines {5e1bc830-4746-11e5-b970-0800200c9a66} removed from prefs.js ----
user_pref("extensions.xpiState", "{\"app-profile\":{\"{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}\":{\"d\":\"C:\\\\Users\\\\yegrw\\\\AppData\\\\Roaming\\\\
---- FireFox user.js and prefs.js backups ---- 

prefs_24-03-2016_2240_.backup

==== Deleting Files \ Folders ======================

C:\PROGRA~2\TextAloud deleted
C:\Users\Lucho\AppData\Roaming\Mozilla\Firefox\Profiles\u4n69b4p.default\jetpack deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\Lucho\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2016-03-09 10:19:06	F45665E77D11F3C1552EDBEAD1559DC8	1997152	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-03-09 10:19:02	33190E86460C4FF7382848187463DC28	576864	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-03-09 10:18:56	64D4F5DE44B64B8284BADE5819B5195A	394080	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-03-09 10:18:51	8949F77132A4F8F3BA17C6727099F002	127840	----a-w-	C:\WINDOWS\Sysnative\drivers\USBSTOR.SYS
2016-03-04 14:24:00	DE7FCC77F4A503AF4CA6A47D49B3713D	36600	----a-w-	C:\WINDOWS\Sysnative\drivers\npf.sys
2016-03-01 21:32:49	58BFFEF692A47FCE3FAAEDBC8F3DCBBB	2152288	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-03-01 21:32:33	70165A0A2653FB8AFDE3D85000727F29	277856	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-03-01 21:32:31	A4411C522D41707D5BCA817A5BB9E30B	114688	----a-w-	C:\WINDOWS\Sysnative\drivers\bridge.sys
2016-03-01 21:32:30	F871CE85AF64D81A9CB6C361CF797144	185184	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-03-01 21:32:30	DBACD4E4FE191D0CE7C624ACA389535E	29696	----a-w-	C:\WINDOWS\Sysnative\drivers\xinputhid.sys
2016-03-01 21:32:29	0B3B0C1D86050355676640488FA897D3	430944	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb.sys
2016-03-01 21:32:28	F279536122B83FD0D8E158AA753E1B7C	238592	----a-w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-03-01 21:32:28	EDDB0D726DBECDFC1DBCC6DB464E5A13	146272	----a-w-	C:\WINDOWS\Sysnative\drivers\appid.sys
2016-03-01 21:32:28	469441BAE3FF8A16826FC62C51EF5E18	563552	----a-w-	C:\WINDOWS\Sysnative\drivers\acpi.sys
2016-03-01 21:32:25	B7E1CAA9429E4C3E7E01CB35B97E1536	534368	----a-w-	C:\WINDOWS\Sysnative\drivers\USBHUB3.SYS
2016-03-01 21:32:23	E3C82823B22463BC38AA4F8ADA852624	104960	----a-w-	C:\WINDOWS\Sysnative\drivers\rasl2tp.sys
2016-03-01 21:32:23	1A490555FD330CA2764D89191177C867	285696	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb10.sys
====== C:\WINDOWS\Tasks ======
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-03-23 22:40:12	--------	d-----w-	C:\Program Files\trend micro
2016-03-04 15:21:29	--------	d-----w-	C:\Program Files\DVDVideoMedia
======= C:\PROGRA~2 =====
2016-03-21 09:19:12	--------	d-----w-	C:\PROGRA~2\NFOPad
2016-03-04 16:03:59	--------	d---a-w-	C:\PROGRA~2\Free Audio Editor 2016
2016-03-04 15:56:25	--------	d-----w-	C:\PROGRA~2\COMMON~1\Freemake Shared
2016-03-04 15:56:22	--------	d---a-w-	C:\PROGRA~2\Freemake
2016-02-29 13:17:44	--------	d---a-w-	C:\PROGRA~2\COMMON~1\Skype
======= C: =====
====== C:\Users\Lucho\AppData\Roaming ======
2016-03-21 09:19:12	--------	d-----w-	C:\Users\Lucho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NFOPad
2016-03-17 23:25:39	--------	d-----w-	C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Dropbox
2016-03-11 00:54:47	--------	d-----w-	C:\Users\le_my\AppData\Local\Dropbox
2016-03-04 15:56:33	--------	d-----w-	C:\Users\Lucho\AppData\Local\FreemakeVideoConverter
2016-03-04 15:56:26	--------	d-----w-	C:\Users\Lucho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake\Uninstall
2016-03-04 15:56:26	--------	d-----w-	C:\Users\Lucho\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Freemake
2016-03-04 14:31:42	--------	d-----w-	C:\Users\Lucho\AppData\Local\Movavi
2016-03-04 14:31:42	--------	d-----w-	C:\Users\Lucho\AppData\Local\converter
====== C:\Users\Lucho ======
2016-03-24 10:28:03	086799C07332F3E3C1D29D7B7D6FD114	1530368	----a-w-	C:\Users\Lucho\Downloads\adwcleaner_5.105.exe
2016-03-23 23:27:36	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Lucho\Downloads\mbam-setup-neuber.2005-2.2.0.1024.exe
2016-03-23 22:39:30	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Lucho\Downloads\RSITx64.exe
2016-03-17 23:25:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-03-17 23:25:38	--------	d-----r-	C:\WINDOWS\sysWoW64\config\systemprofile\Documents
2016-03-17 23:25:38	--------	d-----r-	C:\WINDOWS\sysWoW64\config\systemprofile\Desktop
2016-03-04 16:04:00	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Audio Editor 2016
2016-03-04 15:56:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freemake
2016-03-04 15:56:25	--------	d-----w-	C:\ProgramData\Freemake
2016-03-04 15:21:30	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoMedia
2016-03-04 15:04:47	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\Public\Gregg Braden - La Verdad Profunda..mp3
2016-03-04 14:55:04	--------	d-----w-	C:\ProgramData\Wondershare
2016-03-04 14:54:25	--------	d-----w-	C:\Users\Public\Documents\Wondershare
2016-03-04 14:31:53	--------	d-----w-	C:\Users\Lucho\.fontconfig
2016-03-04 14:31:16	--------	d-----w-	C:\ProgramData\Movavi
2016-03-04 14:30:51	--------	d-----w-	C:\ProgramData\Movavi Video Converter 16
2016-03-04 14:23:57	--------	d-----w-	C:\ProgramData\Apowersoft
2016-02-29 13:17:44	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2016-03-24 10:28:45	21A9971CFC202A618078B263DCB02144	120	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2980937076-3705342242-4026936015-1001\$IDYGTII.exe
2016-03-24 10:28:03	086799C07332F3E3C1D29D7B7D6FD114	1530368	----a-w-	C:\Users\Lucho\Downloads\adwcleaner_5.105.exe
2016-03-23 23:27:36	49E3825ACB348F848D9B841E4D48FD3B	22908888	----a-w-	C:\Users\Lucho\Downloads\mbam-setup-neuber.2005-2.2.0.1024.exe
2016-03-23 22:40:12	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Lucho.exe
2016-03-23 22:39:30	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Lucho\Downloads\RSITx64.exe
2016-03-21 09:19:13	0A4A8B60A1D16CBD74BB286ABDED97B2	67932	----a-w-	C:\Program Files (x86)\NFOPad\uninstall.exe
2016-03-17 23:25:45	E43AA745F344781FB6327217A403CE11	173032	----a-w-	C:\Program Files (x86)\Dropbox\Client\DropboxUninstaller.exe
2016-03-17 23:25:45	96929028E3465F942244D65E5CC5E4F2	25577864	----a-w-	C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
2016-03-17 23:25:45	4FBC7F8467B13B972AA551A7B8C898C8	29992	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbxsvc.exe
2016-03-17 23:25:45	11C0FD048F0B27643EAB1EB95C4FB236	29480	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbxsvc.exe
2016-03-17 23:25:22	2D6F0B10D099AB8E4CCD4FF5CA4718A9	70569968	----a-w-	C:\Program Files (x86)\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.16.1\DropboxClient_3.16.1.exe
=== C: other files ==
2016-03-24 16:46:15	DAFDA8DB68F58C0A0A8508BBCAD3D7B6	67392	----a-w-	C:\Users\Lucho\Downloads\BOTA_fundamentos06.zip
2016-03-24 16:13:40	3A63C1B8240841A92721CDE6066F1DD0	4870	----a-w-	C:\Users\Lucho\AppData\Local\Temp\xpi\tmp.zip
2016-03-19 11:13:21	A254F8971EA9DBE235696FFA7DB38EF4	40893	----a-w-	C:\Users\Lucho\AppData\Local\Microsoft\Windows\INetCache\IE\BGZKHPJ4\message[1].zip
2016-03-17 23:25:45	99EE4E194F003E3F8A4821ED753DFF42	58992	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-stable.sys
2016-03-17 23:25:45	99EE4E194F003E3F8A4821ED753DFF42	58992	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-dev.sys
2016-03-17 23:25:45	53D529D2E3555EB95745D32ABCB76775	49264	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-stable.sys
2016-03-17 23:25:45	53D529D2E3555EB95745D32ABCB76775	49264	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-dev.sys
2016-03-17 23:25:45	53D529D2E3555EB95745D32ABCB76775	49264	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_x86\dbx-canary.sys
2016-03-17 23:25:44	99EE4E194F003E3F8A4821ED753DFF42	58992	----a-w-	C:\Program Files (x86)\Dropbox\Client\driver_amd64\dbx-canary.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2980937076-3705342242-4026936015-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_USERS\S-1-5-21-2980937076-3705342242-4026936015-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
"CLMLServer_For_P2G8"="C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"Bonus.SSR.FR12"="C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe /autorun"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avuirunnerx.exe C:\Program Files (x86)\AVG\AVG2015\avgui.exe"
"CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon"
"IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Dropbox"="C:\Program Files (x86)\Dropbox\Client\Dropbox.exe /systemstartup"
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"
"DelaypluginInstall"="C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe"
"ProductUpdater"="C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Lucho\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"IAStorIcon"="C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe 60"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"FileOpenBroker"="C:\Program Files\FileOpen\Services\FileOpenBroker64.exe"

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23-03-2016 22:54]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [18-02-2016 18:47]
C:\WINDOWS\tasks\DropboxUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [18-02-2016 18:47]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-08-2015 23:56]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [11-08-2015 23:56]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\AVGPCTuneUp_Task_BkGndMaintenance" [C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineCore" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskMachineUA" [C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon" ["C:\Program Files (x86)\Intel\Intel(R) ME FW Recovery Agent\bin\Bootstrap.exe"]
"C:\WINDOWS\SysNative\tasks\Java Platform SE Auto Updater" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{F665B83C-082F-4B6F-9B89-DEFE94AD9D18}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Lucho\AppData\Roaming\Mozilla\Firefox\Profiles\u4n69b4p.default
user_pref("browser.startup.homepage", "https://www.google.nl/");

ProfilePath: C:\Users\yegrw\AppData\Roaming\Mozilla\Firefox\Profiles\2bvmy8e6.default
user_pref("browser.startup.homepage", "https://mail.google.com/mail/u/0/#inbox");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\FFExt\online_banking@kaspersky.com" [07-08-2015 19:30]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lucho\AppData\Roaming\Mozilla\Firefox\Profiles\u4n69b4p.default
- Adblock Plus Pop-up Addon - %ProfilePath%\extensions\adblockpopups@jessehakanen.net.xpi
- RT News - %ProfilePath%\extensions\jid1-ssDJXxMbIOgwuw@jetpack.xpi
- Video DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\yegrw\AppData\Roaming\Mozilla\Firefox\Profiles\2bvmy8e6.default
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Lucho\AppData\Roaming\Mozilla\Firefox\Profiles\u4n69b4p.default
7C67580DFE143EF19E7418B0F054B5F6	- C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll -	Shockwave Flash


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
blbkdnmdcafmfhinpmnlhhddbepgkeaa - https://chrome.google.com/webstore/detail/blbkdnmdcafmfhinpmnlhhddbepgkeaa[]
dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\urladvisor.crx[29-10-2013 19:09]
hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\online_banking_chrome.crx[29-10-2013 19:09]
hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\content_blocker_chrome.crx[29-10-2013 19:09]
jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\virtkbd.crx[07-08-2015 19:27]
pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 14.0.0\ChromeExt\ab.crx[29-10-2013 19:09]

AdBlock - yegrw\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/?gws_rd=ssl"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.nl/?gws_rd=ssl"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
HKCU\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} - http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\le_my\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lucho\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Lucho\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\Users\yegrw\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\yegrw\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\le_my\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Lucho\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Lucho\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\Users\yegrw\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\yegrw\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Lucho\AppData\Local\Mozilla\Firefox\Profiles\u4n69b4p.default\cache2 emptied successfully
C:\Users\yegrw\AppData\Local\Mozilla\Firefox\Profiles\2bvmy8e6.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\yegrw\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=702 folders=62 272815098 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot