Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by wendy_000 on do 01/09/2016 at 13:41:26,87. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\CYVVIG2R\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2016-06-30-095904.log 6551 bytes C:\zoek-results2016-07-01-121753.log 43964 bytes C:\zoek-results2016-08-30-124904.log 153107 bytes C:\zoek-results2016-08-31-132616.log 13077 bytes ==== Empty Folders Check ====================== C:\Users\UpdatusUser\AppData\LocalLow deleted successfully C:\Users\wendy_000\AppData\Local\ActiveSync deleted successfully C:\Users\wendy_000\AppData\Local\NetworkTiles deleted successfully C:\Users\wendy_000\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Program Files\FreeFixer deleted C:\Users\wendy_000\AppData\Roaming\FreeFixer deleted "C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.freefixer.com_0.localstorage" deleted "C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.freefixer.com_0.localstorage-journal" deleted "C:\Users\wendy_000\Downloads\freefixersetup.exe" deleted "C:\Windows\Prefetch\FREEFIXER.EXE-9310FCB0.pf" deleted "C:\Windows\Prefetch\FREEFIXERSETUP.EXE-C6EE06F9.pf" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cookies" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\lockfile" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\main-process.log" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\QuotaManager" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\QuotaManager-journal" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache\data_0" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache\data_1" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache\data_2" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache\data_3" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache\index" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\databases\Databases.db" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache\data_0" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache\data_1" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache\data_2" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache\data_3" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache\index" deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Local Storage\file__0.localstorage" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Local Storage\file__0.localstorage-journal" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\000003.log" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\LOCK" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\LOG" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\MANIFEST-000001" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\000003.log" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\LOCK" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\LOG" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000001" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cache" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\databases" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\GPUCache" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Local Storage" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins" not deleted "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb" not deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [28/08/2016 13:06] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [28/08/2016 13:06] ==== Chromium Look ====================== Google Chrome Version: 46.0.2490.86 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - No path found[] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[25/05/2016 10:31] Google Slides - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Adblock for Youtube - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk Google Search - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap News Feed Eradicator for Facebook - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjcldmjmjhkklehbacihaiopjklihlgg Security Extensions - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdgjmpjhdjbcbbpfkbdjkjcjgkpjgdjm Google Docs Offline - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Avast Online Security - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Unseen - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\iicapmagmhahddefgokbabbgieiogjop Skype - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Pocket - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk Save to Pocket - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj Chrome Web Store Payments - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm Skype Calling - wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk ==== Chromium Fix ====================== C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.coupontime00.coupontime.co_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.cmptch.com_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.pricepeep00.pricepeep.net_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.re-markit00.re-markit.co_0.localstorage-journal deleted successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{17FDD98E-3C09-4F2D-993A-1916B805D8F1}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{17FDD98E-3C09-4F2D-993A-1916B805D8F1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{17FDD98E-3C09-4F2D-993A-1916B805D8F1}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{17FDD98E-3C09-4F2D-993A-1916B805D8F1} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\CYVVIG2R will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\wendy_000\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\wendy_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9900 folders=482 1184104473 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\WENDY_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Cookies" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\lockfile" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\main-process.log" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\QuotaManager" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\QuotaManager-journal" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\databases\Databases.db" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Local Storage\file__0.localstorage" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\Local Storage\file__0.localstorage-journal" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\000003.log" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\LOCK" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\LOG" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\File System\Origins\MANIFEST-000001" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\000003.log" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\LOCK" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\LOG" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp\IndexedDB\file__0.indexeddb.leveldb\MANIFEST-000001" not found "C:\Users\wendy_000\AppData\Roaming\WhatsApp" not found "C:\Users\wendy_000\AppData\Local\Microsoft\Windows\INetCache\IE\CYVVIG2R" not found ==== EOF on do 01/09/2016 at 14:01:23,43 ======================