Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by MY NAME on wo 03-06-2015 at 9:42:14,97. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\MY NAME\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 3-6-2015 9:50:26 Zoek.exe System Restore Point Created Successfully. ==== Reset Hosts File ====================== # Copyright (c) 1993-2006 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # localhost name resolution is handled within DNS itself. 127.0.0.1 localhost ::1 localhost ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "ffpwdman@bitdefender.com"="C:\Program Files\Bitdefender\Bitdefender\Antispam32\ffpwdman" [04-09-2013 17:04] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ccahoghmggldkcdjiebjkidpfongdfbl - C:\Program Files\Bitdefender\Bitdefender\Antispam32\pmbxcr.crx[20-04-2014 18:45] Bitdefender Wallet - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccahoghmggldkcdjiebjkidpfongdfbl Bookmark Manager - MY NAME\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik ==== Chromium Startpages ====================== C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Preferences "1926E5A33A5B619055251304DF1D3E2C03A544558EF5E5A7307871CB34CF60AD","gmlllbghnfkpflemihljekbapjopfjik":"679BCD72311324E10C9C105DF901CD89E34DB0E9FE4A6EFEA9F03DF8B6B9F8BD","kmendfapggjehodndflmmgagdbamhnfd":"921CD6B3EB83D10F42445ABF7D6F0CE404C4728EDF43D7D5FDE76CBBCFCD0F02","mfehgcgbbipciphmccgaenjidiccnmng":"D0FB780E327A332C0E2CA58BAF71E17CDF2A55DB7C9AF213620186E0BB1E6B01","mfffpogegjflfpflabcdkioaeobkgjik":"21E7DAA4C78BC89D2D54B0ABE0CEA3E6A83B0D0D7EBF045EB51E9BC24123E581","mgndgikekgjfcpckkfioiadnlibdjbkf":"63FF9460C6918C0ED321514351EE8F9A4A04D7C09756ACB6969DFD53982FFB6A","mhjfbmdgcfjbbpaeojofohoefgiehjai":"5D8AEB9E0581F32CE7D4109C6FEEC878430AC09BFE3BFC5886AD8867C9E34EA1","neajdppkdcdipfabeoofebfddakdcjhd":"344B024A22DCD2F14732A1571CCE5290CE693125228F287ADFE1E315800679A2","nkeimhogjdpnpccoofpliimaahmaaome":"45C32E2C40C3B16A1409219E3C96A33F6B7C7725EF4891B993C948D879AB0EC0","nmmhkkegccagdldgiimedpiccmgmieda":"2E797FCEB317BAB8B58A24131B72123DD69EF98A0A4F4382E0BB509C044FFCB3","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"F60D3FE05B4926FB28636C26AF87F16A727B5C88754A48BEA85F4EB0C8DE2DB8","pjkljhegncpnkpknbcohdijeoejaedia":"DB08239D03D8CC061E4B033242CD6D0B45A95D8919828BB612199CB7F792DA5D"}},"google":{"services":{"last_username":"6281283ED22C5B482DC63BE8724CB2939CC9B1B31E1309DE3379B3C19231E7AF","username":"8AEC1F130CD40CDEDCEF01012684679ADB967F102B5AFC7DA9F7B77EBD89AE9A"}},"homepage":"618D5BD5A2F25D40F3434D0A93E90C72335802DD0145FFD7AA1573B4E7CE5FE3","homepage_is_newtabpage":"B6823888419F883D9BB960A990E75DFC4859408DFF66FBFB606AFA3A6751C5E1","pinned_tabs":"75A83BAD91555B63A63BB2C67AC623B5F2707414CFED8A2EA38F0923A7DC0B4B","prefs":{"preference_reset_time":"57E5DF5726A8D9D2108F1DBA7ECBC037EE65A03D87DB3D1FC582C8289BEBD012"},"profile":{"reset_prompt_memento":"858DF11C52FD4D8450C5F40BEAEC8851895A24D5E6B1295208F18D10E6A5D13A"},"safebrowsing":{"incidents_sent":"606AC81FB7740D3491ABFDA5A22E3E0487D3C01262AFB0EBED9C576239ADFE02"},"search_provider_overrides":"93348A97877BFEE48B20031EAAEDB66446BFDA6D4765537EB55025A4CA9CE3E4","session":{"restore_on_startup":"956037AAA0507A5E79E3D14684E5D1DC5F764CE1C7641F0E05D8ABDE2BF8E909","startup_urls":"480A30FF02A0E9D74AAF93B795371A77DBD1D394CE0E01EB7316A042FC6EABFB"},"software_reporter":{"prompt_reason":"4D3243A913A110D11730E9D6AC0D65E6B17554F7A4274EDD1D4A7FF3586F582D","prompt_seed":"55791C73497813E78188E33A3CB3EDAB87802C236242915649343C7C56753A78","prompt_version":"78F1E27500E18B7C7946BAEDEE0AF73DC743EC7AD20B4232BA101AC243E131EA"},"sync":{"remaining_rollback_tries":"02DFB79CAE77C525282B3BCC4A67C8CC499110705B9C96365185AE11A21A4EDD"}},"super_mac":"45229B7C410D9D8E20E1582492C2DE875E91B9FB712875E862D719011A5D1ED1"},"session":{"restore_on_startup":4,"startup_urls":["https://mail.google.com/mail/u/0/#inbox"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\MY NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\MY NAME\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\MY NAME\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=319 folders=109 60836572 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\MY NAME\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\MY NAME~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 03-06-2015 at 12:20:07,61 ======================