Zoek.exe v5.0.0.0 Updated 21-05-2014 Tool run by Adri-Joke on vr 27-06-2014 at 9:56:49,02. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x86 Running in: Normal Mode No Internet Access Detected Launched: C:\Users\ADRI-J~1\AppData\Local\Temp\Rar$DIa0.378\zoek.com [Scan all users] [Script inserted] ==== System Restore Info ====================== 27-6-2014 9:59:37 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-600855162-4097672422-440617176-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1B336F2F-FAC5-4FDD-8D9E-2D032FB879F7} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"=- [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"=- "Babylon Client"=- "SearchSettings"=- ==== Deleting Files \ Folders ====================== C:\Users\Adri-Joke\AppData\Local\0f6d67c0017beee011d4489fbd2dc2bb not found C:\Users\ADRI-J~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\adremoveext@adremoveext.net not found C:\Users\Adri-Joke\AppData\Locallow\Search Settings deleted C:\PROGRA~2\ProductData deleted C:\PROGRA~2\Babylon deleted C:\Users\Adri-Joke\AppData\Local\Slick Savings deleted C:\Users\Adri-Joke\AppData\Local\Babylon deleted C:\Users\Adri-Joke\AppData\LocalLow\IObit Apps deleted C:\Users\Adri-Joke\AppData\LocalLow\ADSRemoval deleted C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted C:\Windows\System32\SET48F9.tmp deleted C:\Windows\System32\SET6EBB.tmp deleted C:\Windows\System32\SET6F75.tmp deleted C:\Users\ADRI-J~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\extensions\adremoveext@adremoveext.net deleted "C:\Users\Adri-Joke\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\suggestor@suggestor.pirrit.com.xpi" deleted "C:\Windows\Installer\5ef6c.msi" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5" [18-06-2014 09:50] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [13-05-2014 13:44] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\pmbxcr.crx[03-03-2014 15:59] cikkkfooompgefbcjlgdjejfdknkheaj - C:\Program Files\Common Files\Spigot\GC\DomainErrorHelper_1.0_0.crx[] gpiifgmgnfdiblgpaepbmfdkcheicgof - C:\Program Files\Common Files\Spigot\GC\nta_1.0_0.crx[] hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files\Common Files\Spigot\GC\saebay_1.1.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Users\Adri-Joke\AppData\Local\Slick Savings\coupons.crx[] nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[23-05-2011 20:24] pfndaklgolladniicklehhancnlgocpp - C:\Program Files\Common Files\Spigot\GC\saamazon_1.0.crx[] Advanced SystemCare Surfing Protection - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd Bitdefender Wallet - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl Digital Clock CE-7 - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceppoilemjnhfdbkekhcnagmfnhokjgm Collusion for Chrome - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ganlifbpkcplnldliibcbegplfmcfigp AdBlock - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Dictionary by Dictionary.com - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gikhgcaliglmioibbockkmjknfnepbdh avast Online Security - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Trustwave SecureBrowsing - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hcghfieafojgpngcjbkbbjfecjbahhif LastPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd Slick Savings - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk Ghostery - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlomiejdfkolichcflejclcbmpeaniij chromeIPass - Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\ompiailgknfdndiefoaoiligalphfdae ==== Chrome Fix ====================== C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adobe-reader.nl.softonic.com_0.localstorage deleted successfully C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:41564" "ProxyOverride"="*origin.com;*ea.com;*akamaihd.net;" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\AB4C6D07EBCD9C14DBAFAD89913E05C1 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cikkkfooompgefbcjlgdjejfdknkheaj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gpiifgmgnfdiblgpaepbmfdkcheicgof deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Babylon deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{70D6C4BA-DCBE-41C9-BDFA-DA9819E3501C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\AB4C6D07EBCD9C14DBAFAD89913E05C1 deleted successfully ==== Empty IE Cache ====================== C:\Users\Adri-Joke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Adri-Joke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Adri-Joke\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2461 folders=623 490671112 bytes) ==== Empty Temp Folders ====================== C:\Users\Adri-Joke\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ADRI-J~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 31-12-2001 at 23:04:21,11 ======================