Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
Problems with Google Chrome extension GoSaveo 2.0
Message
<blockquote data-quote="diegojdk" data-source="post: 268818" data-attributes="member: 28415"><p>Zoek.exe v5.0.0.0 Updated 27-09-2014</p><p>Tool run by Tino on 27/09/2014 at 16:29:56.55.</p><p>Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64</p><p>Running in: Normal Mode Internet Access Detected</p><p>Launched: C:\Users\Tino\Desktop\zoek.exe [Scan all users] [Script inserted] </p><p></p><p>==== System Restore Info ======================</p><p></p><p>27/09/2014 04:32:56 p.m. Zoek.exe System Restore Point Created Succesfully.</p><p></p><p>==== Deleting CLSID Registry Keys ======================</p><p></p><p></p><p>==== Deleting CLSID Registry Values ======================</p><p></p><p></p><p>==== Deleting Services ======================</p><p></p><p></p><p>==== FireFox Fix ======================</p><p></p><p>ProfilePath: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions</p><p></p><p>prefs.js not found</p><p>user.js not found</p><p>---- FireFox user.js and prefs.js backups ---- </p><p></p><p></p><p>==== Batch Command(s) Run By Tool======================</p><p></p><p></p><p>==== Deleting Files \ Folders ======================</p><p></p><p>C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted</p><p>C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted</p><p>C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted</p><p>C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted</p><p>C:\PROGRA~2\YoutUbeAAdBlocke deleted</p><p>C:\user.js deleted</p><p>C:\install.exe deleted</p><p>C:\PROGRA~3\YoutUbeAAdBlocke deleted</p><p>C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted</p><p>C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted</p><p>C:\Windows\SysNative\config\systemprofile\Searches deleted</p><p>C:\Windows\Syswow64\InstallUtil.InstallLog deleted</p><p>C:\Windows\SysWow64\searchplugins deleted</p><p>C:\Windows\SysWow64\Extensions deleted</p><p>C:\Users\Tino\Desktop\Youtube Downloader HD.lnk deleted</p><p>C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\<a href="mailto:OneClickDownload@OneClickDownload.com">OneClickDownload@OneClickDownload.com</a> deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140923153029" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140923153048" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923152858" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923152945" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923171315" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140924222933" deleted</p><p>"C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140924222935" deleted</p><p>"C:\PROGRA~3\136958d31978e1d" deleted</p><p></p><p>==== Firefox Extensions ======================</p><p></p><p>ProfilePath: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions</p><p>- Internet Download Accelerator Toolbar - %ProfilePath%\extensions\<a href="mailto:idabarff@westbyte.com">idabarff@westbyte.com</a></p><p>- Undetermined - %ProfilePath%\extensions\<a href="mailto:idapluginff@westbyte.com">idapluginff@westbyte.com</a></p><p>- Undetermined - %ProfilePath%\extensions\<a href="mailto:idaremote@westbyte.com">idaremote@westbyte.com</a></p><p></p><p>ExtDir: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions</p><p>- GoPhotoIt - %ExtDir%\<a href="mailto:gophoto@gophoto.it.xpi">gophoto@gophoto.it.xpi</a></p><p></p><p>==== Firefox Plugins ======================</p><p></p><p></p><p>==== Deleted Firefox Extensions ======================</p><p></p><p>C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\<a href="mailto:gophoto@gophoto.it.xpi">gophoto@gophoto.it.xpi</a> deleted</p><p></p><p>==== Chromium Look ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions</p><p>apdfllckaahabafndbhieahigkjlhalf - C:\Users\Tino\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[13/09/2014 02:58 a.m.]</p><p></p><p>Chrome Currency Converter - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk</p><p>GoSaveo - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>GoSaVe - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd</p><p>Chrome Currency Converter - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk</p><p>Google Docs - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake</p><p>Google Drive - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf</p><p>Google Voice Search Hotword (Beta) - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn</p><p>YouTube - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo</p><p>GoSaveo - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>Google Search - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf</p><p>GoSaVe - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd</p><p>Google Wallet - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p>Gmail - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia</p><p>Chrome Currency Converter - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk</p><p>GoSaveo - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>GoSaVe - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd</p><p>GoSaveo - Tino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>Google Drive - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf</p><p>GoSaveo - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>GoSaVe - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd</p><p>Google Wallet - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda</p><p>Chrome Currency Converter - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk</p><p>GoSaveo - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae</p><p>GoSaVe - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd</p><p></p><p>==== Chromium Startpages ======================</p><p></p><p>C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Preferences</p><p>"homepage": "<a href="http://www.google.com/" target="_blank">http://www.google.com/</a>",</p><p></p><p></p><p>==== Chromium Fix ======================</p><p></p><p>C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Tino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully</p><p>C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully</p><p></p><p>==== Set IE to Default ======================</p><p></p><p>Old Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://g.msn.com/CQALL/33" target="_blank">http://g.msn.com/CQALL/33</a>"</p><p>"Search Page"="<a href="http://www.bing.com/search?q={searchTerms}" target="_blank">http://www.bing.com/search?q={searchTerms}</a>"</p><p>"Search Bar"="<a href="http://www.bing.com/search?q={searchTerms}" target="_blank">http://www.bing.com/search?q={searchTerms}</a>"</p><p>"Use Search Asst"="yes"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://www.google.com" target="_blank">http://www.google.com</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"Default"="<a href="http://www.bing.com/search?q={searchTerms}" target="_blank">http://www.bing.com/search?q={searchTerms}</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"Default_Search_URL"="<a href="http://www.bing.com/search?q={searchTerms}" target="_blank">http://www.bing.com/search?q={searchTerms}</a>"</p><p>"SearchAssistant"="<a href="http://www.bing.com/search?q={searchTerms}" target="_blank">http://www.bing.com/search?q={searchTerms}</a>"</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]</p><p>No DefaultScope Set For HKCU</p><p></p><p>New Values:</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]</p><p>"Search Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>"</p><p>"Search Bar"="<a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>"</p><p>"Start Page"="<a href="http://g.msn.com/CQALL/33" target="_blank">http://g.msn.com/CQALL/33</a>"</p><p>"Use Search Asst"="no"</p><p>[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"</p><p>[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]</p><p>"Start Page"="<a href="http://go.microsoft.com/fwlink/?LinkId=69157" target="_blank">http://go.microsoft.com/fwlink/?LinkId=69157</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]</p><p>"(Default)"="<a href="http://search.msn.com/results.asp?q=%s" target="_blank">http://search.msn.com/results.asp?q=%s</a>"</p><p>[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]</p><p>"Default_Search_URL"="<a href="http://go.microsoft.com/fwlink/?LinkId=54896" target="_blank">http://go.microsoft.com/fwlink/?LinkId=54896</a>"</p><p>"SearchAssistant"="<a href="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" target="_blank">http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm</a>"</p><p>[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]</p><p>"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"</p><p></p><p>==== All HKCU SearchScopes ======================</p><p></p><p>HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes</p><p>{012E1000-F331-11DB-8314-0800200C9A66} Google Url="<a href="http://www.google.com/search?q={searchTerms}" target="_blank">http://www.google.com/search?q={searchTerms}</a>"</p><p>{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" target="_blank">http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC</a>"</p><p>{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="<a href="http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox" target="_blank">http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox</a>"</p><p></p><p>==== Empty IE Cache ======================</p><p></p><p>C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Invitado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Invitado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully</p><p>C:\Users\Tino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Users\Tino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully</p><p>C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p>C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully</p><p></p><p>==== Empty FireFox Cache ======================</p><p></p><p>No FireFox Cache found</p><p></p><p>==== Empty Chrome Cache ======================</p><p></p><p>C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p>C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully</p><p></p><p>==== Empty All Flash Cache ======================</p><p></p><p>Flash Cache Emptied Successfully</p><p></p><p>==== Empty All Java Cache ======================</p><p></p><p>Java Cache cleared successfully</p><p></p><p>==== C:\zoek_backup content ======================</p><p></p><p>C:\zoek_backup (files=230 folders=67 2370089 bytes)</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Users\Invitado\AppData\Local\Temp emptied successfully</p><p>C:\Users\Tino\AppData\Local\Temp will be emptied at reboot</p><p>C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully</p><p>C:\Windows\Temp will be emptied at reboot</p><p></p><p>==== After Reboot ======================</p><p></p><p>==== Empty Temp Folders ======================</p><p></p><p>C:\Windows\Temp successfully emptied</p><p>C:\Users\Tino\AppData\Local\Temp successfully emptied</p><p></p><p>==== Empty Recycle Bin ======================</p><p></p><p>C:\$RECYCLE.BIN successfully emptied</p><p></p><p>==== EOF on 27/09/2014 at 17:49:07.54 ======================</p></blockquote><p></p>
[QUOTE="diegojdk, post: 268818, member: 28415"] Zoek.exe v5.0.0.0 Updated 27-09-2014 Tool run by Tino on 27/09/2014 at 16:29:56.55. Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tino\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 27/09/2014 04:32:56 p.m. Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions prefs.js not found user.js not found ---- FireFox user.js and prefs.js backups ---- ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\{18165758-115C-4DC0-9EC2-FF89F725767F} deleted C:\PROGRA~3\{24036256-BFDB-4CD3-BE8A-A3D6160F2E16} deleted C:\PROGRA~3\{32364CEA-7855-4A3C-B674-53D8E9B97936} deleted C:\PROGRA~3\{93E26451-CD9A-43A5-A2FA-C42392EA4001} deleted C:\PROGRA~2\YoutUbeAAdBlocke deleted C:\user.js deleted C:\install.exe deleted C:\PROGRA~3\YoutUbeAAdBlocke deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Toolbar4 deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\Syswow64\InstallUtil.InstallLog deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Tino\Desktop\Youtube Downloader HD.lnk deleted C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email]OneClickDownload@OneClickDownload.com[/email] deleted "C:\PROGRA~3\136958d31978e1d\{4820778D-AB0D-6D18-C316-52A6A0E1D507}.20140923153029" deleted "C:\PROGRA~3\136958d31978e1d\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}.20140923153048" deleted "C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923152858" deleted "C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923152945" deleted "C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140923171315" deleted "C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140924222933" deleted "C:\PROGRA~3\136958d31978e1d\{C87834EB-A2A0-B9D4-AA9A-C263D1191051}.20140924222935" deleted "C:\PROGRA~3\136958d31978e1d" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - Internet Download Accelerator Toolbar - %ProfilePath%\extensions\[email]idabarff@westbyte.com[/email] - Undetermined - %ProfilePath%\extensions\[email]idapluginff@westbyte.com[/email] - Undetermined - %ProfilePath%\extensions\[email]idaremote@westbyte.com[/email] ExtDir: C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions - GoPhotoIt - %ExtDir%\[email]gophoto@gophoto.it.xpi[/email] ==== Firefox Plugins ====================== ==== Deleted Firefox Extensions ====================== C:\Users\Tino\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\[email]gophoto@gophoto.it.xpi[/email] deleted ==== Chromium Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Tino\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[13/09/2014 02:58 a.m.] Chrome Currency Converter - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk GoSaveo - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae GoSaVe - Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd Chrome Currency Converter - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk Google Docs - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Google Voice Search Hotword (Beta) - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn YouTube - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo GoSaveo - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae Google Search - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf GoSaVe - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd Google Wallet - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Currency Converter - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk GoSaveo - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae GoSaVe - Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd GoSaveo - Tino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae Google Drive - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GoSaveo - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae GoSaVe - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd Google Wallet - Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Chrome Currency Converter - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk GoSaveo - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae GoSaVe - Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd ==== Chromium Startpages ====================== C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "[url]http://www.google.com/[/url]", ==== Chromium Fix ====================== C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmlolclfdnakgjoglogmmdmchnjgpdd deleted successfully C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Tino\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\caelagiodfoiimgpepddkjibdpdbikae deleted successfully C:\Users\Invitado\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully C:\Users\Invitado\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully C:\Users\Tino\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\anbfhidldjknonaihbalghlebaijealk deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://g.msn.com/CQALL/33[/url]" "Search Page"="[url]http://www.bing.com/search?q={searchTerms}[/url]" "Search Bar"="[url]http://www.bing.com/search?q={searchTerms}[/url]" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com[/url]" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://www.google.com[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="[url]http://www.bing.com/search?q={searchTerms}[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="[url]http://www.bing.com/search?q={searchTerms}[/url]" "SearchAssistant"="[url]http://www.bing.com/search?q={searchTerms}[/url]" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="[url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" "Search Bar"="[url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" "Start Page"="[url]http://g.msn.com/CQALL/33[/url]" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="[url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="[url]http://search.msn.com/results.asp?q=%s[/url]" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="[url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]" "SearchAssistant"="[url]http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm[/url]" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {012E1000-F331-11DB-8314-0800200C9A66} Google Url="[url]http://www.google.com/search?q={searchTerms}[/url]" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC[/url]" {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} Bing Url="[url]http://www.bing.com/search?q={searchTerms}&form=CPDTDF&pc=CPDTDF&src=IE-SearchBox[/url]" ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Invitado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Invitado\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Tino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Tino\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Invitado\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Tino\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=230 folders=67 2370089 bytes) ==== Empty Temp Folders ====================== C:\Users\Invitado\AppData\Local\Temp emptied successfully C:\Users\Tino\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Tino\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 27/09/2014 at 17:49:07.54 ====================== [/QUOTE]
Insert quotes…
Verification
Post reply
Top