Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Cursist on za 06-06-2015 at 13:41:57,76. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Cursist\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 6-6-2015 13:46:52 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\Program Files\TrueSuite deleted successfully C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) deleted successfully C:\Users\Cursist\AppData\Roaming\Opera Software deleted successfully C:\Users\Cursist\AppData\Local\Adobe deleted successfully C:\Users\Cursist\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Cursist\AppData\Roaming\Mozilla\Firefox\Profiles\pk07andz.default user.js not found ---- Lines extensions.bRrV9wSxaU4n0vbw removed from prefs.js ---- user_pref("extensions.bRrV9wSxaU4n0vbw.epoch", "1425634906"); user_pref("extensions.bRrV9wSxaU4n0vbw.url", "http://musicforallpro.info/sync2/?q=hfZ9oemMhdCHtNbPhd98qjCEqShTB6lKDzt4ok4rtNtVh7n0rjkErHaHrjaHqdnEtMFH ---- FireFox user.js and prefs.js backups ---- prefs_06-06-2015_1404_.backup ==== Deleting Files \ Folders ====================== C:\Program Files\TrueSuite not found C:\PROGRA~2\Malwarebytes' Anti-Malware (portable) not found "C:\Users\Cursist\AppData\Roaming\TUGAVHH.exe" not found "C:\Users\Cursist\AppData\Roaming\ZW.exe" not found C:\Users\Cursist\AppData\Roaming\akuaahga deleted C:\Users\Cursist\AppData\Roaming\bdhxbqwy deleted C:\Users\Cursist\AppData\Roaming\bxnrtmvv deleted C:\Users\Cursist\AppData\Roaming\clkzqhma deleted C:\Users\Cursist\AppData\Roaming\hiogbxzc deleted C:\Users\Cursist\AppData\Roaming\hofdovdv deleted C:\Users\Cursist\AppData\Roaming\hwzqafbp deleted C:\Users\Cursist\AppData\Roaming\jrzhodcl deleted C:\Users\Cursist\AppData\Roaming\kalltiky deleted C:\Users\Cursist\AppData\Roaming\ltoypsbz deleted C:\Users\Cursist\AppData\Roaming\nrplfoej deleted C:\Users\Cursist\AppData\Roaming\otenwojg deleted C:\Users\Cursist\AppData\Roaming\ouuovpbl deleted C:\Users\Cursist\AppData\Roaming\rhlbefsw deleted C:\Users\Cursist\AppData\Roaming\uyjvkqcw deleted C:\Users\Cursist\AppData\Roaming\ynimargq deleted C:\Users\Cursist\AppData\Local\Installer deleted C:\Users\Cursist\AppData\Local\CrashRpt deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\GroupPolicy\Machine deleted C:\Windows\system32\GroupPolicy\User deleted C:\Windows\system32\GroupPolicy\gpt.ini deleted "C:\Windows\tasks\TUGAVHH.job" deleted "C:\Windows\tasks\ZW.job" deleted "C:\Users\Cursist\AppData\Roaming\srcfhevf\colers.dll" deleted "C:\Users\Cursist\AppData\Roaming\srcfhevf\colers.dll" deleted "C:\Users\Cursist\AppData\Roaming\srcfhevf" not deleted "C:\Users\Cursist\AppData\Roaming\srcfhevf" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Cursist\AppData\Local\Temp ==== 2015-06-03 19:21:02 9CEC626BAED2B0504CF352D2B46D14EE 287120 ----a-w- C:\Users\Cursist\AppData\Local\Temp\JavaIC.dll 2015-06-03 19:21:02 69809CDCF1F94CE88ECFF73E59CC540B 331488 ----a-w- C:\Users\Cursist\AppData\Local\Temp\msscct32.dll 2015-06-03 19:21:02 47F17F26012C5A8BA364799837968E2C 323352 ----a-w- C:\Users\Cursist\AppData\Local\Temp\YSearchUtil.dll 2015-06-03 19:21:02 29B5C9882EE8867C2F6F373965172307 96288 ----a-w- C:\Users\Cursist\AppData\Local\Temp\cct.dll ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-06-03 19:21:40 204FBC5577EEF260B5FEA3326148CF4A 96352 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll ====== C:\Windows\system32\drivers ===== 2015-06-04 14:15:18 3C21F7E95FFCA33EF1A83AA33D9663CF 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-06-04 14:15:18 167BCE00050B19DA25065335645A3C7A 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-06-04 14:15:18 155BF99B2B87E0C298CAC3B4B8136D83 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-06-04 10:12:09 -------- d-----w- C:\Program Files\trend micro 2015-06-03 19:21:56 -------- d-----w- C:\Program Files\Common Files\Java 2015-06-03 19:21:05 -------- d-----w- C:\Program Files\Java ======= C: ===== ====== C:\Users\Cursist\AppData\Roaming ====== 2015-06-05 10:58:48 -------- d-----w- C:\Users\Cursist\AppData\Roaming\srcfhevf 2015-06-03 19:20:24 -------- d-----w- C:\Users\Cursist\AppData\Locallow\Sun ====== C:\Users\Cursist ====== 2015-06-05 17:05:58 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT (2).exe 2015-06-05 17:04:28 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT (1).exe 2015-06-04 14:10:55 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Cursist\Downloads\mbam-setup-2.1.6.1022 (1).exe 2015-06-04 14:10:39 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Cursist\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-04 10:11:36 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT.exe 2015-06-03 19:21:57 -------- d-----w- C:\ProgramData\Sun 2015-06-03 19:21:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2015-06-03 19:21:10 -------- d-----w- C:\ProgramData\Oracle 2015-06-03 19:19:55 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\Cursist\Downloads\chromeinstall-8u45.exe ====== C: exe-files == 2015-06-05 17:05:58 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT (2).exe 2015-06-05 17:04:28 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT (1).exe 2015-06-04 14:10:55 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Cursist\Downloads\mbam-setup-2.1.6.1022 (1).exe 2015-06-04 14:10:39 6CDEAC78E5677E304477FB36351C3195 21546080 ----a-w- C:\Users\Cursist\Downloads\mbam-setup-2.1.6.1022.exe 2015-06-04 11:19:15 B5D664B372816B6D3DB6E3730F091AA2 5469600 ------w- C:\EEK\bin\a2emergencykit.exe 2015-06-04 11:19:15 9AFD5FD2A4001D64B7B6A8228BD05D19 432328 ------w- C:\EEK\Start Commandline Scanner.exe 2015-06-04 11:19:15 68EB001A76162315186EA5906F1F139E 432328 ------w- C:\EEK\Start Emergency Kit Scanner.exe 2015-06-04 11:19:15 1448A2E4CC57E8B57E9423A90EA473A7 3073832 ------w- C:\EEK\bin\a2cmd.exe 2015-06-04 10:12:09 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Cursist.exe 2015-06-04 10:11:36 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Cursist\Downloads\RSIT.exe 2015-06-03 19:21:27 EED888394AC81A663F12C6EC43AB2838 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2015-06-03 19:21:27 4586CD8F1C929EF184098A22FE31A857 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2015-06-03 19:21:27 1E2E159D0621A466CFA7CE06E4DA9CAE 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2015-06-03 19:21:18 FF589C55E0CB6A0A1BD9570217BB1A42 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\tnameserv.exe 2015-06-03 19:21:18 FD8978875A992C876AF430B35DF9CFA7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\pack200.exe 2015-06-03 19:21:18 F16868F20E4701142FAEF8C9FA847D27 30304 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jabswitch.exe 2015-06-03 19:21:18 EF66D96BC42BCE52686A7635AB11D8DD 68192 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javacpl.exe 2015-06-03 19:21:18 EED888394AC81A663F12C6EC43AB2838 191072 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaw.exe 2015-06-03 19:21:18 D3DA34876B7F6D06D26D29CA77BD25A2 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ktab.exe 2015-06-03 19:21:18 CF683290B3369A1491A5B8B4D19F79B3 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jjs.exe 2015-06-03 19:21:18 C57CA849D13177E1F43CFEF51374F1EE 159328 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\unpack200.exe 2015-06-03 19:21:18 B66ED84383EA6C6218CA47BC49C15615 50784 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\ssvagent.exe 2015-06-03 19:21:18 A1A1BC927541346D840BBB511F557848 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\policytool.exe 2015-06-03 19:21:18 98903A3C01AA820E7FCC19A0A60126C0 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\klist.exe 2015-06-03 19:21:18 88FFC43B0E3BB3E30F70CB7B08D499B4 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java-rmi.exe 2015-06-03 19:21:18 5DF39BE82C777B7EDAD34E3A7A7EADB7 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmid.exe 2015-06-03 19:21:18 4EA6A4DD2EB584C4C2BF39A9A7D0D580 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\keytool.exe 2015-06-03 19:21:18 4586CD8F1C929EF184098A22FE31A857 271968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\javaws.exe 2015-06-03 19:21:18 3C0A1F0D13A8998E9A1825A853FF3B39 15456 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\kinit.exe 2015-06-03 19:21:18 2682BB5D60C30DCB5A2BC414D01D6764 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\rmiregistry.exe 2015-06-03 19:21:18 1F29E31C6B9A487FF32006C4E223BA4F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\orbd.exe 2015-06-03 19:21:18 1E2E159D0621A466CFA7CE06E4DA9CAE 190560 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\java.exe 2015-06-03 19:21:18 1CCD26E1E9FC582ABAA5D5FD1FA47A6B 76384 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\jp2launcher.exe 2015-06-03 19:21:18 134D4B0A753808F8F8645DCF3FA00173 15968 ----a-w- C:\Program Files\Java\jre1.8.0_45\bin\servertool.exe 2015-06-03 19:19:55 EE001F0D8A06518EB2A133741F265BEC 562272 ----a-w- C:\Users\Cursist\Downloads\chromeinstall-8u45.exe 2015-06-02 19:39:26 B2129ADCEABFC398443EB52290339872 10708000 ----a-w- C:\Users\Cursist\AppData\Roaming\Azureus\tmp\AZU1009666210723372541.tmp\Vuze_5.6.0.0c_win32.exe === C: other files == 2015-06-04 14:15:18 3C21F7E95FFCA33EF1A83AA33D9663CF 23256 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-06-04 14:15:18 167BCE00050B19DA25065335645A3C7A 51928 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-06-04 14:15:18 155BF99B2B87E0C298CAC3B4B8136D83 92888 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-06-04 11:19:16 B794DCF38C965FA2F93C45A7C3D582C5 57024 ------w- C:\EEK\bin\cleanhlp64.sys 2015-06-04 11:19:15 DBC8CDAFC84E96E894C3BAAED9B30F47 50200 ------w- C:\EEK\bin\cleanhlp32.sys 2015-06-04 11:19:15 D27A8B7BB0E15DFBFC6B4E774EE17AD9 26176 ------w- C:\EEK\bin\a2ddax64.sys 2015-06-04 11:19:15 B0CC0B50441372157F31C4C023D43A3E 22056 ------w- C:\EEK\bin\a2ddax86.sys 2015-06-03 19:21:18 5DDC15149346900F16B38C65502BACA9 14130 ----a-w- C:\Program Files\Java\jre1.8.0_45\lib\deploy\ffjcext.zip 2015-06-01 20:17:48 4329DBF968CADF7E124C05BF77D26517 160601287 ----a-w- C:\Users\Cursist\AppData\Local\Temp\m2i_20150601221748297\KPN-Suite_update_641.zip 2015-06-01 01:36:36 23D6B92BC7EB100FC1294E6B124B7E75 1635 ----a-w- C:\Users\Cursist\AppData\Local\Temp\m2i_20150601033636063\KPN-Suite_update_641.zip 2015-05-31 01:09:51 23D6B92BC7EB100FC1294E6B124B7E75 1635 ----a-w- C:\Users\Cursist\AppData\Local\Temp\m2i_20150531030951868\KPN-Suite_update_641.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "QlbCtrl.exe"="C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start" "SoundMAXPnP"="C:\Program Files\Analog Devices\Core\smax4pnp.exe" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Servicetool"="C:\Program Files\KPN\Servicetool\KPNServicetool_Launcher.exe /auto" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2015-03-03 11:34:57 1153 ----a-w- C:\Users\Cursist\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [19-05-2015 12:00] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-01-2014 18:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [24-01-2014 18:01] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\arg3002" [C:\PROGRA~1\TabNav\arg3002.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Cursist\AppData\Roaming\Mozilla\Firefox\Profiles\pk07andz.default user_pref("browser.startup.homepage", "www.google.com"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Cursist\AppData\Roaming\Mozilla\Firefox\Profiles\pk07andz.default - KPN Servicetool - %ProfilePath%\extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} ==== Firefox Plugins ====================== Profilepath: C:\Users\Cursist\AppData\Roaming\Mozilla\Firefox\Profiles\pk07andz.default 0CA4180B21C6B728578F3B0433BB740E - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 01D93217A9EE48DD37072B671378CC9C - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll - Silverlight Plug-In 28986F0A2342A033345EF9E70D395E4F - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.81 Bookmark Manager - Cursist\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik ==== Chromium Startpages ====================== C:\Users\Cursist\AppData\Local\Google\Chrome\User Data\Default\Preferences ww.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":48338},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.nl:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":51704},"supports_spdy":true},"www.google.nl:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":48445},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50213}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":54312},"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":45820},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":106513},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":46664}},"www.groenegroninger.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":60250},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.thepiratebay.se:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":50651},"supports_spdy":true},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":53500},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.zndsk.com:443":{"supports_spdy":true},"xocdnoption-cd7.kxcdn.com:443":{"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47730},"supports_spdy":true}},"supports_quic":{"address":"192.168.2.3","used_quic":true},"version":3}},"ntp":{"app_page_names":["Apps"],"most_visited_blacklist":{"5a5a4f252df01754dbefdc44a798829e":null,"cd79e23444e504a8a3baf788456370c0":null,"d3daa008cd452111945db50e6242550a":null,"fff2c78cdfd3a2370f9726ae438fe9d6":null}},"password_bubble":{"nopes":5},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://[*.]www.youtube.com:443,*":{"fullscreen":1}},"pref_version":1},"exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\Cursist\\Desktop"},"selectfile":{"last_directory":"F:\\Maart 2015"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13039635357361107"},"spellcheck":{"dictionary":"en-US"},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":143},"translate_last_denied_time":1423483469915.308,"translate_site_blacklist":["tankionline.com"],"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}} 09B17F9047CEAF3F0E539452EFDDD26600877FD1CABBE0","ennkphjdgehloodpbhlhldgbnhmacadg":"EAC085C682752DFB3C2D63C1165CE47315894819D7AA1B46477B9DDC737F7071","gfdkimpbcpahaombhbimeihdjnejgicl":"E52EB8D50BFC20A3EB5403754FC7593F43989DCD80A8C033CCD0B11F866CBA70","gmlllbghnfkpflemihljekbapjopfjik":"B087334961AE2712E199AB2243B88BBE70CACBB4566850B942DCDC222BA681DE","kmendfapggjehodndflmmgagdbamhnfd":"3769C12C9BDD4B19E366888AC2F4885569A72B944C3E915CA318475FCD93C208","mfehgcgbbipciphmccgaenjidiccnmng":"4E9321D07FDE0D3F51FD971B25A41C11BEECF55C019BE53B8A92EB7D7EF69D6E","mgndgikekgjfcpckkfioiadnlibdjbkf":"D996E656890D16291658D637214557507405D8668D39C706A6E008B921336636","mhjfbmdgcfjbbpaeojofohoefgiehjai":"39F0815C4B33233871E51BB2CB928771874CD50DCD06D34E0C9119044FBE2654","neajdppkdcdipfabeoofebfddakdcjhd":"2474A4D32FEA7F4C979B403C5842D68367CA759C7E085AFA63572402E1C61A5A","nkeimhogjdpnpccoofpliimaahmaaome":"C36C3D66B64FA11B0C08126DAE44C307B6A2348B0DECA79D61D4E423385A54EC","nmmhkkegccagdldgiimedpiccmgmieda":"D98EA6CCC9A282CCDDCC4DB2042FDE1E338734E79FD90C04AFDD20B173678DAE","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"59E333E36FDD3243930537C905EB31CC2D564D4192DE5AC514ADFF5016C7BBF4","pjkljhegncpnkpknbcohdijeoejaedia":"4A8EE108383A0F33FBCA9C83574AEDB83C6713087BD22321E1C95C8B2705966F"}},"google":{"services":{"last_username":"0FBF04FCE3C3CF093E7B8CB49263E2FCC3EF94F2A3AC4A7C3EB29A15E7AB5B43","username":"0E9234DBEC22CE2C334B328EA4DD50A6C8EF3AB2888DEE6D102826759B95300E"}},"homepage":"A6CFB961E1CD209B25EC8A2C45BB898866028D10F3A99E3CB54EA1BFE4B41473","homepage_is_newtabpage":"D917BB6414BC6EDF12FDBA31174396C7FDCDDAE330A11EAE8F0C7F4F612348C1","pinned_tabs":"08F2E5B8616966A51896F844FC7A89B5B726BB276C5EFED3B4E12F0714AFAEAE","prefs":{"preference_reset_time":"726D60A31731E52C1CA2E9FBBE137D64137111C006C206D11E4A15E7717CE81F"},"profile":{"reset_prompt_memento":"EAA15E0C37098527A9C4F3DBF5ED6920232EEFDF90E065776F91FD599401ADF6"},"safebrowsing":{"incidents_sent":"DE1197170192A3DAF584FF7E92589361E93FCE53095EB1FE49829300B507958C"},"search_provider_overrides":"AB138BF149BD6B72E866D59AAD4933BCE7637414973D7CDFEF224314F2BDA36F","session":{"restore_on_startup":"283AEAC820AF9E1A101725DFD81B9D326768DFC6BFECFB073E12B18F54123692","startup_urls":"D935275DBCCE60ED0B0A55378D5D21992510B6FB2BE4499C94657D97116D53F2"},"software_reporter":{"prompt_reason":"B7CC771668F44C21CC85B6C093D58DB1EBE0EBC75F9F9EFFB51CC916E6083E2F","prompt_seed":"5F25011DC6BC152DBB1CE434CB48E0CBA539C34CA69B36DCFA9F2883E467E243","prompt_version":"AACDBEC5AC8AB40F3C1DC234677E34D36306CB7A45B66F35B0F80A8EC841F5E1"},"sync":{"remaining_rollback_tries":"191F2D43B8C548B2611FB278D90E1E9DB1F0C8789951C5CABEB8BB196789579B"}},"super_mac":"9A9604A135D7E88C62432BE5D457D782E111C60235E2B371EC1D6F04A041C94E"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"]},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\Cursist\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Cursist\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TVWiz deleted successfully ==== Empty IE Cache ====================== C:\Users\Cursist\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cursist\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Cursist\AppData\Local\Mozilla\Firefox\Profiles\pk07andz.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Cursist\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=26 folders=25 2437933 bytes) ==== Empty Temp Folders ====================== C:\Users\Cursist\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Cursist\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\Users\Cursist\AppData\Roaming\srcfhevf" not found "C:\Users\Cursist\AppData\Roaming\srcfhevf" not found ==== EOF on za 06-06-2015 at 14:29:58,95 ======================