Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Kevin on Wed 06/03/2015 at 7:02:02.35.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Kevin\Downloads\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
6/3/2015 7:07:57 AM Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\Adobe deleted successfully
C:\PROGRA~2\JetBrains deleted successfully
C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully
C:\Program Files\ATI deleted successfully
C:\PROGRA~3\Ableton deleted successfully
C:\PROGRA~3\CLSK deleted successfully
C:\Users\Kevin\AppData\Roaming\Systweak deleted successfully
C:\Users\Kevin\AppData\Local\cache deleted successfully
C:\Users\Kevin\AppData\Local\calibre-cache deleted successfully
C:\Users\Kevin\AppData\Local\genienext deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3589499404-3616484222-2613342473-1002\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully
HKEY_CLASSES_ROOT\CLSID{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrsHelper deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbmntr deleted successfully
==== Batch Command(s) Run By Tool======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Adobe not found
C:\PROGRA~2\JetBrains not found
C:\Users\Kevin\AppData\Roaming\calibre deleted
C:\Users\Kevin\daemonprocess.txt deleted
C:\Users\Kevin.android deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Kevin\AppData\Local\Mobogenie deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader deleted
C:\WINDOWS\SysNative\roboot64.exe deleted
C:\windows\SysNative\tasks\YTDownloader deleted
C:\windows\SysNative\tasks\YTDownloaderUpd deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\WINDOWS\Syswow64\WNLT deleted
C:\Users\Kevin\Documents\Mobogenie deleted
C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jvycfju0.default\jetpack deleted
“C:\WINDOWS\Installer\37fb6b9e.msi” deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jvycfju0.default
user_pref(“browser.search.defaultenginename”, “Google”);
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
“wrc@avast.com”=“C:\Program Files\AVAST Software\Avast\WebRep\FF” [04/22/2015 12:04 PM]
==== Firefox Extensions ======================
ProfilePath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jvycfju0.default
- Reddit Enhancement Suite - %ProfilePath%\extensions\jid1-xUfzOsOFlzSOXg@jetpack.xpi
- Adblock Plus - %ProfilePath%\extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\jvycfju0.default
08ACECEB47FAF053C468D8AFE44709AD - C:\Users\Kevin\AppData\Local\Google\Update\1.3.27.5\npGoogleUpdate3.dll - Google Update
49D429EBF5305FC9ADD7545B7C914333 - C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin
6BEAD7859E8A087BE04556AB5A78855C - C:\Users\Kevin\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer
9291708CCD967887AF94BE708B43D64D - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll - Microsoft Office 2013
18CF51689186AEB9D1D149AEB0E92D03 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL - Microsoft Office 2013
4390CCD3790F8D9C427C0C29590C62D7 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.81
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[04/22/2015 12:03 PM]
Bob Marley - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\alpnhingmddeadgmgjbfefmaanaeifak
AdBlock - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik
Avast Online Security - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
Reddit Enhancement Suite - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb
Chrome Hotword Shared Module - Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
==== Chromium Fix ======================
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Use Search Asst”=“yes”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
“Default”=“www.google.com”
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=“{95871933-93C9-4552-B933-710D2A4F1A00}”
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{95871933-93C9-4552-B933-710D2A4F1A00}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Start Page”=“http://go.microsoft.com/fwlink/?LinkId=69157”
“Use Search Asst”=“no”
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
“(Default)”=“http://search.msn.com/results.asp?q=%s”
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”=“{012E1000-F331-11DB-8314-0800200C9A66}”
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url=“http://www.google.com/search?q={searchTerms}”
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url=“http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02”
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall{730E03E4-350E-48E5-9D3E-4329903D454D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\4E30E037E0535E84D9E3349209D354D4 deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Kevin\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Kevin\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1130 folders=132 97902602 bytes)
==== Empty Temp Folders ======================
C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Kevin\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\Kevin\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:$RECYCLE.BIN successfully emptied
==== EOF on Wed 06/03/2015 at 7:27:18.06 ======================