Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Ellen on di 19/05/2015 at 22:31:43,48. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ellen\Downloads\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-06-27-162751.log 2417 bytes C:\zoek-results2015-05-18-170801.log 136571 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\01e674bc-b417-4257-9cd5-f4194fdba9e4 deleted successfully C:\PROGRA~2\AGEIA Technologies deleted successfully C:\PROGRA~2\AVS4YOU deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\MyPlayCity.com deleted successfully C:\PROGRA~2\Nobilis deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\PROGRA~3\Nokia deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\PROGRA~3\PhotoStitch deleted successfully C:\PROGRA~3\ZoomBrowser deleted successfully C:\Users\Ellen\AppData\Roaming\GetRightToGo deleted successfully C:\Users\Ellen\AppData\Roaming\Google deleted successfully C:\Users\Ellen\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Ellen\AppData\Roaming\systweak deleted successfully C:\Users\Ellen\AppData\Roaming\TP deleted successfully C:\Users\Ellen\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Ellen\AppData\Roaming\ZoomBrowser EX deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\Nick\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\01e674bc-b417-4257-9cd5-f4194fdba9e4 not found C:\PROGRA~2\AGEIA Technologies not found C:\PROGRA~2\AVS4YOU not found C:\PROGRA~2\MyPlayCity.com not found C:\PROGRA~2\Nobilis not found C:\Users\Ellen\AppData\Roaming\jdcxxjys not found C:\Program Files (x86)\GUM3D00.tmp not found C:\PROGRA~2\GoHD deleted C:\Users\Ellen\AppData\LocalLow\Conduit deleted C:\Users\Ellen\AppData\LocalLow\DivX_Browser_Bar deleted C:\PROGRA~2\DivX_Browser_Bar deleted C:\PROGRA~2\Conduit deleted C:\Users\Ellen\AppData\Roaming\AlawarEntertainment deleted C:\PROGRA~3\Conduit deleted C:\Users\Ellen\AppData\Local\CRE deleted C:\Users\Ellen\AppData\Local\NativeMessaging deleted C:\Users\Ellen\AppData\Local\DownloadManager deleted C:\Users\Nick\AppData\Local\Software deleted C:\Users\Ellen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Windows\SysNative\roboot64.exe deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\wininit.ini deleted C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Users\Nick\AppData\Roaming\Mozilla\Firefox\Profiles\n9w4afz0.default\extensions\staged deleted "C:\Users\Ellen\AppData\Roaming\cahobnnf\subcalal.dll" deleted "C:\Users\Ellen\AppData\Roaming\cahobnnf\subcalal.dll" deleted "C:\Users\Ellen\AppData\Roaming\cahobnnf" not deleted "C:\Users\Ellen\AppData\Roaming\cahobnnf" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [10/05/2015 21:16] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{4ED1F68A-5463-4931-9384-8FFF5ED91D92}"="C:\Program Files (x86)\McAfee\SiteAdvisor" [10/05/2015 21:16] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Ellen\AppData\Roaming\Mozilla\Firefox\Profiles\vd9etfrr.default-1431286248019 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash 08ACECEB47FAF053C468D8AFE44709AD - C:\Users\Ellen\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fheoggkfdfchfphceeifdbepaooicaho - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx[29/04/2015 16:07] pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Users\Ellen\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions pkmpcdbgnfjfeelcpebpkflcmbkclfho - C:\Users\Ellen\AppData\Local\CRE\pkmpcdbgnfjfeelcpebpkflcmbkclfho.crx[] Google Docs - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho Google Wallet - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia YouTube - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf SiteAdvisor - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho DivX Plus Web Player HTML5 \u003Cvideo\u003E - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm Gmail - Nick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.snapdo.com_0.localstorage deleted successfully C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.snapdo.com_0.localstorage-journal deleted successfully C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkmpcdbgnfjfeelcpebpkflcmbkclfho_0.localstorage deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-889363557-2036165539-3501339599-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{51671E4C-FC17-33C3-F6DD-4355A8F65F7C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\pkmpcdbgnfjfeelcpebpkflcmbkclfho deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{75F9BF4A-AF67-A478-A37B-31D73186D3F3} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ellen\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Nick\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Ellen\AppData\Local\Mozilla\Firefox\Profiles\vd9etfrr.default-1431286248019\cache2 emptied successfully C:\Users\Nick\AppData\Local\Mozilla\Firefox\Profiles\n9w4afz0.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Ellen\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Nick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=498 folders=85 43491573 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Ellen\AppData\Local\Temp will be emptied at reboot C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Nick\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ellen\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Ellen\AppData\Roaming\cahobnnf" not found "C:\Users\Ellen\AppData\Roaming\cahobnnf" not found ==== EOF on di 19/05/2015 at 23:01:41,85 ======================