Zoek.exe v5.0.0.0 Updated 02-April-2015 Tool run by Indyphite on zo 05-04-2015 at 20:01:04,09. Microsoft Windows 7 Enterprise 6.1.7600 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Indyphite\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 5-4-2015 20:03:50 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\Bullfrog deleted successfully C:\Program Files\DeltaFix deleted successfully C:\Program Files\DOwnSavee deleted successfully C:\Program Files\FIndBBestDealu deleted successfully C:\Program Files\SaverExttensIIon deleted successfully C:\PROGRA~2\Ableton deleted successfully C:\PROGRA~2\ALLSiaver deleted successfully C:\PROGRA~2\EuXstiraCoupon deleted successfully C:\PROGRA~2\FinodBestDeal deleted successfully C:\PROGRA~2\FunDueals deleted successfully C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\RoboSSaverr deleted successfully C:\Windows\serviceprofiles\Localservice\AppData\Roaming\Xfire deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{06BACCDF-DAD8-4B7C-B70C-4DA26A354E11} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0D6143A9-E444-429F-8714-8D84F021818B} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{437946B9-D3DD-4B8A-9450-26111B4322DB} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{567BADD9-3976-4F15-8B1D-06D58E61652E} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{57B2D403-1880-4FA5-B829-273BC4282490} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6CF76561-BC15-44ED-BAE1-FE64EF164459} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86F74FAF-A5CE-4B03-9324-2005777EA708} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{927CF684-223D-4E53-9346-11380BD015FC} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9A85C7FA-77B5-47B1-ADA3-DE0E6E75D4F4} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE767132-822C-4BBF-B563-8274B4273063} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F68204F6-991D-4A50-96C4-ED0B05F679B6} deleted successfully HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC9BC362-625A-4785-B8E6-953FDE4FCD15} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\24c54e38 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\24c54e38 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fomoquci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\fomoquci deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wodugide deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\UniversalUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\UniversalUpdater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\b786bdb3c67d deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\b786bdb3c67d deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\Bullfrog not found C:\Program Files\DeltaFix not found C:\Program Files\DOwnSavee not found C:\Program Files\FIndBBestDealu not found C:\Program Files\SaverExttensIIon not found C:\Program Files\FIndBBestDealu not found C:\Program Files\DOwnSavee not found C:\Program Files\DuiscouniTTExtenisi deleted C:\Program Files\IE Tab Seamless deleted C:\a1577e27d4f9e011adf3 deleted C:\ProgramData\ccefef2ffd56ab56 deleted C:\ProgramData\14767284692563962710 deleted C:\PROGRA~2\oghnbhdffajbjgplkcnblklomgcpblmo deleted C:\Program Files\trend micro deleted C:\PROGRA~2\Premium deleted C:\Program Files\GUT1677.tmp deleted C:\Program Files\GUT3C55.tmp deleted C:\Program Files\GUM1667.tmp deleted C:\Program Files\GUM3C54.tmp deleted C:\Program Files\Skillbrains deleted C:\found.000 deleted C:\found.001 deleted C:\Users\Indyphite\AppData\Roaming\appdataFr3.bin deleted C:\Users\Indyphite\AppData\Roaming\82924F48-1427063162-11B2-8000-64456E4E6973 deleted C:\Windows\system32\config\systemprofile\AppData\Roaming\Hotspot Shield deleted C:\PROGRA~2\Browser Manager deleted C:\PROGRA~2\APN deleted C:\PROGRA~2\Browser AdBlocker deleted C:\PROGRA~2\The AdBlocker deleted C:\PROGRA~2\IBUpdaterService deleted C:\PROGRA~2\TheBflix deleted C:\PROGRA~2\InstallMate deleted C:\Users\Indyphite\AppData\Local\updater.log deleted C:\Users\Indyphite\AppData\Local\82924F48-1427066983-11B2-8000-64456E4E6973 deleted C:\Windows\wininit.ini deleted C:\Windows\system32\tasks\update-S-1-5-21-1540145430-2221875033-2756909443-1013 deleted C:\Windows\system32\tasks\update-sys deleted C:\Windows\tasks\update-S-1-5-21-1540145430-2221875033-2756909443-1013.job deleted C:\Windows\tasks\update-sys.job deleted C:\Windows\system32\tasks\RunAsStdUser Task deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted C:\Windows\System32\AI_RecycleBin deleted C:\Windows\System32\searchplugins deleted C:\Windows\System32\Extensions deleted C:\Users\Indyphite\Desktop\Continue Salus Protector Uninstaller.lnk deleted "C:\ProgramData\df7dfd809708872c5da605c6147df16d_c" deleted "C:\Program Files\0ca45c95134d\5596b4e010aa.exe" deleted "C:\Program Files\0ca45c95134d\5596b4e010aa.exe" deleted "C:\Program Files\0ca45c95134d\5596b4e010aa.exe" deleted "C:\Program Files\0ca45c95134d" deleted "C:\Program Files\0ca45c95134d" deleted "C:\Program Files\0ca45c95134d" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-03-30 10:44:54 9CA884A033A9013EF939FF6554586200 299520 ----a-w- C:\Windows\uninst.exe 2015-03-12 22:15:30 F9F4905664C5B42B49E78EFA12D1A6B6 20 ----a-w- C:\Windows\x÷V ====== C:\Users\INDYPH~1\AppData\Local\Temp ==== 2015-04-03 01:29:22 2C80666AE49E25F97BF091935B07B03B 41451520 ----a-w- C:\Users\Indyphite\AppData\Local\Temp\Skype.msi 2015-03-31 16:36:22 B7AF755ED6D17FCA716A6A89A140B8A0 40960 ------w- C:\Users\Indyphite\AppData\Local\Temp\is45637729\1903751_stp\gvstb.exe 2015-03-30 21:24:26 9F930B8B376C30A6EAE87F04FC5B836C 40960 ------w- C:\Users\Indyphite\AppData\Local\Temp\is45637729\4673692_stp\gvstb.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-03-24 22:28:53 78A4A686EACE63226191A6B6E2C032B5 818176 ----a-w- C:\Windows\System32\appraiser.dll 2015-03-24 22:28:52 C51404D2BC1BBFE07AD816D48F9A3BA2 327168 ----a-w- C:\Windows\System32\devinv.dll 2015-03-24 22:28:52 B3669BA3F327713A5A84350A67BB160E 623616 ----a-w- C:\Windows\System32\invagent.dll 2015-03-24 22:28:52 7E74B3258C8A73A0311A9A20A582C529 26112 ----a-w- C:\Windows\System32\acmigration.dll 2015-03-24 22:28:52 23BCD2A7842745D9D2F66B7504BEAABC 534528 ----a-w- C:\Windows\System32\generaltel.dll 2015-03-24 22:28:52 2179C6DF7AD2AFDE017BCA7C0B793018 892928 ----a-w- C:\Windows\System32\aeinv.dll 2015-03-24 22:28:51 A808352E076FC706D5A25216EB1C923A 202752 ----a-w- C:\Windows\System32\aepdu.dll ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2015-03-27 21:40:45 -------- d-----w- C:\Windows\system32\Tasks\Safer-Networking ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-03 01:30:28 -------- d-----w- C:\Program Files\Common Files\Skype 2015-04-03 01:30:28 -------- d-----r- C:\Program Files\Skype ======= C: ===== ====== C:\Users\Indyphite\AppData\Roaming ====== 2015-03-30 23:11:36 -------- d-----w- C:\Users\Indyphite\AppData\Local\CrashDumps 2015-03-30 10:46:55 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2015-03-30 10:46:34 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Eidos Interactive 2015-03-27 21:45:54 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Local\Programs 2015-03-27 11:20:34 -------- d-----w- C:\Users\Indyphite\AppData\Local\Diagnostics 2015-03-26 14:20:26 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox 2015-03-20 15:12:12 -------- d-----w- C:\Users\Indyphite\AppData\Local\Spotify 2015-03-20 15:11:29 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Spotify 2015-03-20 10:13:20 -------- d-----w- C:\Users\Indyphite\AppData\Local\Skype 2015-03-20 10:13:04 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Skype 2015-03-16 13:19:13 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\WinRAR 2015-03-16 13:18:49 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-16 12:53:33 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Remote Control Server 2015-03-16 11:54:30 -------- d-----w- C:\Users\Indyphite\AppData\Local\Downloaded Installations 2015-03-12 22:28:25 -------- d-----w- C:\Users\Indyphite\AppData\Local\Programs 2015-03-08 23:21:26 -------- d-----w- C:\Users\Indyphite\AppData\Locallow\RbxLogs 2015-03-08 23:20:45 D73DF1B42D8B643221ADE2400605B8B5 248 ----a-w- C:\Users\Indyphite\AppData\Locallow\rbxcsettings.rbx 2015-03-08 23:20:41 -------- d-----w- C:\Users\Indyphite\AppData\Local\Roblox 2015-03-08 22:16:42 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\LolClient 2015-03-08 22:11:56 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Adobe 2015-03-08 21:58:53 -------- d-----r- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup 2015-03-08 21:58:53 -------- d-----r- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools 2015-03-08 21:58:31 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Identities 2015-03-08 21:58:20 -------- d-s---w- C:\Users\Indyphite\AppData\Locallow\Microsoft 2015-03-08 21:58:10 -------- d-----w- C:\Users\Indyphite\AppData\Local\VirtualStore 2015-03-08 21:58:01 2D0ADB28769B424EE018797BAE69C550 107672 ----a-w- C:\Users\Indyphite\AppData\Local\GDIPFONTCACHEV1.DAT 2015-03-08 21:58:01 -------- d-----w- C:\Users\Indyphite\AppData\Roaming\Media Center Programs 2015-03-08 21:58:01 -------- d-----w- C:\Users\Indyphite\AppData\Local\Temp 2015-03-08 21:58:01 -------- d-----w- C:\Users\Indyphite\AppData\Local\Microsoft Help 2015-03-08 21:58:01 -------- d-----w- C:\Users\Indyphite\AppData\Local\Microsoft 2015-03-08 21:58:01 -------- d-----w- C:\Users\Indyphite\AppData\Local\Google 2015-03-08 21:58:00 -------- d-s---w- C:\Users\Indyphite\AppData\Roaming\Microsoft 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories ====== C:\Users\Indyphite ====== 2015-04-04 12:44:03 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Indyphite\Downloads\RSIT.exe 2015-04-03 01:31:52 -------- d-----w- C:\Users\Indyphite\Tracing 2015-04-03 01:30:29 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2015-04-03 01:23:20 C596B9B2749AF6729BAAF414B713D5D6 1380960 ----a-w- C:\Users\Indyphite\Downloads\SkypeSetup.exe 2015-03-27 21:37:10 -------- d-----w- C:\ProgramData\Licenses 2015-03-27 21:37:04 -------- d-----w- C:\ProgramData\TEMP 2015-03-27 21:36:01 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\Indyphite\Downloads\spywareblastersetup50.exe 2015-03-27 21:27:06 0D97BF4C7817BAFB80D6FCD546448AEE 18824024 ----a-w- C:\Users\Indyphite\Downloads\BOIE9_NLNL_VIS.EXE 2015-03-26 13:12:17 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox 2015-03-16 13:18:49 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-03-08 21:58:53 -------- d-----r- C:\Users\Indyphite\Searches 2015-03-08 21:58:26 -------- d-----r- C:\Users\Indyphite\Contacts 2015-03-08 21:58:10 70F3B35C7754B71A347B43660D5C55ED 636 --sha-r- C:\Users\Indyphite\ntuser.pol 2015-03-08 21:58:02 6FC234AD3752E1267B34FB12BCD6718B 20 --sh--w- C:\Users\Indyphite\ntuser.ini 2015-03-08 21:58:00 -------- d--h--w- C:\Users\Indyphite\AppData 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Videos 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Saved Games 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Pictures 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Music 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Links 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Favorites 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Downloads 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Documents 2015-03-08 21:58:00 -------- d-----r- C:\Users\Indyphite\Desktop ====== C: exe-files == 2015-04-05 16:37:42 039888409F260D0F754D907F06921886 205312 ----a-w- C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LRP7QCHI\VOsrv[1].exe 2015-04-05 01:03:20 D0804290B30C58652724344365C89D12 280576 ----a-w- C:\Windows\System32\SPReview\spreview.exe 2015-04-04 12:44:03 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Indyphite\Downloads\RSIT.exe 2015-04-03 19:01:47 DD5835B490A68732D7ADC176171FBABC 946544 ----a-w- C:\Users\Indyphite\AppData\Local\Roblox\Versions\version-c743e123c2404843\RobloxStudioLauncherBeta.exe 2015-04-03 08:23:26 D2DD524ECE5B69361421566932CE78FB 968048 ----a-w- C:\Users\Indyphite\AppData\Local\Roblox\Versions\version-953d9034d866480b\RobloxPlayerLauncher.exe 2015-04-03 01:23:20 C596B9B2749AF6729BAAF414B713D5D6 1380960 ----a-w- C:\Users\Indyphite\Downloads\SkypeSetup.exe 2015-03-31 16:36:22 B7AF755ED6D17FCA716A6A89A140B8A0 40960 ------w- C:\Users\Indyphite\AppData\Local\Temp\is45637729\1903751_stp\gvstb.exe 2015-03-30 21:24:26 9F930B8B376C30A6EAE87F04FC5B836C 40960 ------w- C:\Users\Indyphite\AppData\Local\Temp\is45637729\4673692_stp\gvstb.exe 2015-03-30 12:10:32 FFF1C44808B645B2BB63F48C2CA17F0D 117760 ----a-w- C:\Westwood\Dune2000\UNINSTD2.EXE 2015-03-30 12:10:31 6FB2FFC7E23D55E14AEA890AF6A78EA6 119296 ----a-w- C:\Westwood\Internet\uninstap.exe 2015-03-30 10:44:54 9CA884A033A9013EF939FF6554586200 299520 ----a-w- C:\Windows\uninst.exe === C: other files == 2015-04-05 10:06:41 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Indyphite\AppData\Local\Temp\mtmp46860593\wto1.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1540145430-2221875033-2756909443-1015\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Indyphite\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Indyphite\AppData\Roaming\Spotify\Spotify.exe -autostart" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "CrashMon"="C:\Program Files\0ca45c95134d\5596b4e010aa.exe UniversalUpdater http://log.data-url.com/crash/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Update"="C:\Users\Indyphite\AppData\Roaming\VOPackage\VOPackage.exe /runonce" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Indyphite\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Indyphite\AppData\Roaming\Spotify\Spotify.exe -autostart" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [05-02-2015 01:41] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27-10-2014 11:45] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27-10-2014 11:45] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Halo 2 for Vista restart" [C:\Program Files\Microsoft Games\Halo 2\startup.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{607BEAC8-E3DF-4229-9921-7CC44DEE9401}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "speedanalysis02@SpeedAnalysis.com"="C:\Users\Branco\AppData\Roaming\Mozilla\Extensions\speedanalysis02@SpeedAnalysis.com" [] ==== Chromium Look ====================== Google Chrome Version: 39.0.2171.95 (Possible outdated, latest Stable version: 41.0.2272.118) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ahilkiibpgjnonbhdfkkgjddddmapala - C:\Users\Branco\AppData\Local\CRE\ahilkiibpgjnonbhdfkkgjddddmapala.crx[] akogkenicmciojjhoijaipjdhbjphddd - C:\ProgramData\TheBflix\akogkenicmciojjhoijaipjdhbjphddd.crx[] fdloijijlkoblmigdofommgnheckmaki - C:\Program Files\Funmoods\funmoods\1.5.11.16\funmoodsOEM.crx[] gjajpkikblccgefaibcafkfbanllpefi - C:\Users\Branco\AppData\Roaming\7go\7go.crx[] lemilgpbnfoecfjhpfchannnnkeefjmj - C:\Users\Branco\AppData\Local\CRE\lemilgpbnfoecfjhpfchannnnkeefjmj.crx[] Google Slides - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek TheBflix - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\akogkenicmciojjhoijaipjdhbjphddd Google Docs - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap Gmail - Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\akogkenicmciojjhoijaipjdhbjphddd deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.babylon.com/?affID=110809&tt=bandext_3312_2&babsrc=NT_ss&mntrId=30b182910000000000000019db6fd649" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\7go@7go.com deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\speedanalysis02@SpeedAnalysis.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{80CC0966-6223-1979-6980-338838BC37B9} deleted successfully HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ahilkiibpgjnonbhdfkkgjddddmapala deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\akogkenicmciojjhoijaipjdhbjphddd deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fdloijijlkoblmigdofommgnheckmaki deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gjajpkikblccgefaibcafkfbanllpefi deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\lemilgpbnfoecfjhpfchannnnkeefjmj deleted successfully ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27BJ2296 will be deleted at reboot C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNK4VKW6 will be deleted at reboot C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2PQJ5OO will be deleted at reboot C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Indyphite\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=400 folders=91 124996799 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Indyphite\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\INDYPH~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\27BJ2296" not found "C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FNK4VKW6" not found "C:\Users\Indyphite\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z2PQJ5OO" not found ==== EOF on zo 05-04-2015 at 20:35:41,18 ======================