Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Enja on ma 20-07-2015 at 20:26:18,41. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: D:\Scan programma's\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 20-7-2015 20:28:58 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\Maarten\AppData\Roaming\QuickScan deleted successfully C:\Users\Maarten\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Maarten\AppData\Local\EmieSiteList deleted successfully C:\Users\Maarten\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\fa6789c5 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PCSUService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\SCService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SCService deleted successfully ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Barowse2buy deleted C:\PROGRA~2\bestadblocker deleted C:\PROGRA~2\bRowse2buy deleted C:\PROGRA~2\comParenBuy deleted C:\PROGRA~2\cRazzylowerprice deleted C:\PROGRA~2\funshoPpper deleted C:\PROGRA~2\gEtit4acheAper deleted C:\PROGRA~2\marrkkEtcompare deleted C:\PROGRA~2\SalEPluus deleted C:\PROGRA~2\VideoCnv deleted C:\PROGRA~2\Bigger Notes ANTP deleted C:\PROGRA~2\getit4CHeapper deleted C:\PROGRA~2\Infusionsoft Sync for Gmail deleted C:\PROGRA~2\nicedeaole deleted C:\PROGRA~2\NiceDeeal deleted C:\PROGRA~2\niceedeal deleted C:\PROGRA~2\nnicEdeaL deleted C:\PROGRA~2\PotatoSmile deleted C:\PROGRA~2\UGamesFree deleted C:\ProgramData\dealsmarket deleted C:\PROGRA~3\bagknlcdkflibonnopdnaaoilknplicm deleted C:\Users\Maarten\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\Download.lnk deleted C:\PROGRA~3\efhpfgfibidjgokemhomnggkmkhgplbk deleted C:\PROGRA~3\4948095258861623422 deleted C:\PROGRA~3\44ab2a6bfb3dd87e deleted C:\PROGRA~2\LinkeyDeals deleted C:\PROGRA~2\PC Speed Up deleted C:\Users\Maarten\AppData\Roaming\appdataFr3.bin deleted C:\PROGRA~3\browse2buy deleted C:\PROGRA~3\browse2bUUy deleted C:\PROGRA~3\onlineshopping deleted C:\PROGRA~3\freedealsapp deleted C:\PROGRA~3\addeal deleted C:\PROGRA~3\dealbomb deleted C:\PROGRA~3\dealwithit deleted C:\PROGRA~3\smdmf deleted C:\Users\Maarten\AppData\Local\Microsoft\Silverlight\OutOfBrowser\Speedchecker.PCSpeedUp deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Clip Converter deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Up deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\windows\SysNative\Tasks\PC SpeedUp Service Deactivator deleted C:\Windows\Tasks\PC SpeedUp Service Deactivator.job deleted C:\Users\Maarten\AppData\LocalLow\DataMngr deleted C:\Users\Maarten\Desktop\PC Speed Up.lnk deleted "C:\PROGRA~2\Antsy Pair\Antsy Pair.exe" deleted "C:\PROGRA~3\{20aee3d6-0fd7-ea77-20ae-ee3d60fd8f58}\16bc4bb3f8df6b2f" deleted "C:\PROGRA~3\{20aee3d6-0fd7-ea77-20ae-ee3d60fd8f58}\db41ede6df0b8cfb" deleted "C:\PROGRA~3\{20aee3d6-0fd7-ea77-20ae-ee3d60fd8f58}\Download.exe" deleted "C:\PROGRA~2\Antsy Pair" not deleted "C:\PROGRA~3\{20aee3d6-0fd7-ea77-20ae-ee3d60fd8f58}" deleted ==== Chromium Look ====================== Google Chrome Version: 38.0.2125.111 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions fpmeembnagmagppkgghhfjfdfajdfcah - C:\Users\Maarten\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx[] Linkey - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah UGamesFree - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjfmnkdhofinoneeildlkomahhbpleae Infusionsoft Sync for Gmail - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbeelghpamdhlofdajkleehokdodedeb Chime - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkdfkbkkfdhhfnhgbphecddnpfnoedke Bigger Notes ANTP - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\lohbonfeioofpgpcmebnncnmiobojbgk PotatoSmile - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbpfagfhfkcmklpdanadjpbfdedndn NiceDeeal - Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfbmiogogmfecjjfhojbeljdakaieko ==== Chromium Startpages ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Preferences "startup_urls": [ "https://www.google.nl/" ], ==== Chromium Fix ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.azlyrics.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.shoppinglifestyle.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.shoppinglifestyle.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markable00.re-markable.net_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.selectgo00.selectgo.net_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_xbmc.nl.softonic.com_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_xbmc.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalbpfagfhfkcmklpdanadjpbfdedndn deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oalbpfagfhfkcmklpdanadjpbfdedndn_0.localstorage deleted successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oalbpfagfhfkcmklpdanadjpbfdedndn_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSE1" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSE1" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1" ==== Reset Google Chrome ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2161966197-2464353838-3110198405-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_USERS\S-1-5-21-2161966197-2464353838-3110198405-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_CLASSES_ROOT\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fpmeembnagmagppkgghhfjfdfajdfcah deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B696F285-F54E-2524-58B1-E06A70ABE6BE} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fa6789c5} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{851FFBBE-65A6-03DF-0222-8B58ABEC0C48} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{5e9aae86} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\PCSU-SL_is1 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Maarten\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Maarten\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Maarten\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Maarten\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Maarten\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=233 folders=47 43453461 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Maarten\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Maarten\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not found "C:\PROGRA~2\Antsy Pair" not found ==== EOF on ma 20-07-2015 at 20:42:59,74 ======================