Zoek.exe v5.0.0.1 Updated 05-November-2015 Tool run by Stephanie on za 07/11/2015 at 17:43:36,56. Microsoft Windows 10 Pro N 10.0.10240 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Stephanie\Downloads\zoek(1).exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-11-05-202203.log 36397 bytes ==== Empty Folders Check ====================== C:\Users\Jenthe\AppData\Local\Google deleted successfully C:\Users\Stephanie\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6C85A1C9-0F93-4B46-BE67-D409D64C7E67} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Jenthe\AppData\Roaming\Mozilla\Firefox\Profiles\v0x1dtva.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150711_1759_.backup ProfilePath: C:\Users\STEPHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\pa1ph89c.default user.js not found ---- Lines belgiumeid@eid.belgium.be removed from prefs.js ---- user_pref("extensions.belgiumeid@eid.belgium.be.install-event-fired", true); user_pref("extensions.xpiState", "{\"app-profile\":{\"belgiumeid@eid.belgium.be\":{\"d\":\"C:\\\\Users\\\\Stephanie\\\\AppData\\\\Roaming\\\\Mozilla\\ ---- FireFox user.js and prefs.js backups ---- prefs_20150711_1759_.backup ProfilePath: C:\Users\STEPHA~1\AppData\Roaming\TomTom\HOME\Profiles\8qfq9f4u.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150711_1759_.backup ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Surf Safely deleted C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\pa1ph89c.default\extensions\belgiumeid@eid.belgium.be.xpi deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Jenthe\AppData\Roaming\Mozilla\Firefox\Profiles\v0x1dtva.default user_pref("browser.startup.homepage", "https://www.google.be/?gws_rd=ssl"); ProfilePath: C:\Users\STEPHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\pa1ph89c.default user_pref("browser.startup.homepage", "about:home"); user_pref("searchreset.backup.browser.startup.homepage", "https://www.google.be/?gws_rd=ssl"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "jid1-r1tDuNiNb4SEww@jetpack"="C:\Program Files\AVAST Software\Avast\pam\FF" [04/11/2015 22:32] ==== Firefox Extensions ====================== ProfilePath: C:\Users\STEPHA~1\AppData\Roaming\Mozilla\Firefox\Profiles\pa1ph89c.default - Stylish - %ProfilePath%\extensions\{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}.xpi - Modify Headers - %ProfilePath%\extensions\{b749fc7c-e949-447f-926c-3f4eed6accfe}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi ProfilePath: C:\Users\STEPHA~1\AppData\Roaming\TomTom\HOME\Profiles\8qfq9f4u.default - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - Undetermined - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Stephanie\AppData\Roaming\Mozilla\Firefox\Profiles\pa1ph89c.default 863AF0003392FEBC2667A8A790DED955 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.80 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/11/2015 22:30] Avast Online Security - Stephanie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {272A191E-E359-4E56-AA6E-36D5904EA6CE} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jenthe\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jenthe\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Users\Stephanie\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Stephanie\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jenthe\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Jenthe\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Users\Stephanie\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Stephanie\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Jenthe\AppData\Local\Mozilla\Firefox\Profiles\v0x1dtva.default\cache2 emptied successfully C:\Users\Stephanie\AppData\Local\Mozilla\Firefox\Profiles\pa1ph89c.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Stephanie\AppData\Local\BrowserAir\User Data\Default\Cache emptied successfully C:\Users\Stephanie\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=592 folders=236 169064891 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\STEPHA~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 07/11/2015 at 18:03:44,53 ======================