Zoek.exe v5.0.0.

0 Updated 04-May-2015
Tool run by Paola on Fri 05/15/2015 at 21:53:28.31.
Microsoft Windows 7 Home Basic 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Paola\Downloads\zoek.exe
[Scan all users] [Script inserted
]
==== System Restore Info ======================
5/15/2015 9:58:28 PM Zoek.exe System Restore Point Created Successfully.
==== Empty Folders Check ======================
C:\PROGRA~2\eseeky deleted successfully
C:\PROGRA~2\Lavasoft deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Panda Security deleted successfully
C:\Program Files\Google deleted successfully
C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\Paola\AppData\Roaming\Lavasoft deleted successfully
C:\Users\Paola\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Paola\AppData\Roaming\New Version Available deleted successfully
C:\Users\Paola\AppData\Roaming\PopcornTime deleted successfully
C:\Users\Paola\AppData\Local\eseeky deleted successfully
C:\Users\Paola\AppData\Local\WMTools Downloaded Files deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3695377704-2230757012-2474658464-1000\Software\Microsoft\Int
ernet Explorer\Low Rights\ElevationPolicy\{79A132B1-BF1F-4DD7-B999-082C48D34A36}
deleted successfully
HKEY_USERS\S-1-5-21-3695377704-2230757012-2474658464-1000\Software\Microsoft\Int
ernet Explorer\Low Rights\ElevationPolicy\{844F31E2-8AE1-454A-80B2-D6D72CE96926}
deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== Batch Command(s) Run By Tool======================
==== Deleting Files \ Folders ======================
C:\PROGRA~2\eseeky not found
C:\PROGRA~2\Lavasoft not found
C:\PROGRA~2\Panda Security not found
C:\Users\Paola\AppData\LocalLow\{1177C250-7496-D50B-2CD8-0F67087916B1} deleted
C:\Users\Paola\AppData\LocalLow\{71CAB68A-931A-820F-D253-AFA5C3CB05EC} deleted
C:\Users\Paola\AppData\LocalLow\{7CC1D088-3029-6D9D-AB64-872C21A48AB3} deleted
C:\Users\Paola\AppData\LocalLow\{82C058F6-D9D7-3CE6-0E3A-B4D2FE299031} deleted
C:\Users\Paola\AppData\Local\Packages\windows_ie_ac_001\AC\{1177C250-7496-D50B-2
CD8-0F67087916B1} deleted
C:\Users\Paola\AppData\Local\Packages\windows_ie_ac_001\AC\{71CAB68A-931A-820F-D
253-AFA5C3CB05EC} deleted
C:\Users\Paola\AppData\Local\Packages\windows_ie_ac_001\AC\{7CC1D088-3029-6D9D-A

B64-872C21A48AB3} deleted
C:\Users\Paola\AppData\Local\Packages\windows_ie_ac_001\AC\{82C058F6-D9D7-3CE6-0
E3A-B4D2FE299031} deleted
C:\PROGRA~3\EZSoftware deleted
C:\PROGRA~2\SecureW2 deleted
C:\install.exe deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\Paola\AppData\Local\Wondershare deleted
C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SecureW2 de
leted
C:\Users\Paola\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Search.lnk
deleted
C:\Users\Paola\AppData\LocalLow\{E723B38F-E3DF-4959-6D97-F44BF7AE7B5C} deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\windows\Installer\1571e.msi" deleted
"C:\PROGRA~3\7659041FBE3B2179000076588DCC266F\7659041FBE3B2179000076588DCC266F"
deleted
"C:\PROGRA~3\7659041FBE3B2179000076588DCC266F\7659041FBE3B2179000076588DCC266F.i
co" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll" de
leted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\DAQExp.dll" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact\WSHelper.exe" delet
ed
"C:\PROGRA~3\7659041FBE3B2179000076588DCC266F" deleted
"C:\PROGRA~2\COMMON~1\Wondershare" deleted
"C:\PROGRA~2\COMMON~1\Wondershare\Wondershare Helper Compact" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4
F28-AAA2-85EF591126E7}\NIS_19.1.0.28\coFFPlgn" [04/27/2013 09:31 AM]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Paola\AppData\Roaming\Mozilla\Firefox\Profiles\0rqpg88b.de
fault
D4BD9F86123C87ECA570418B69326F99
- C:\windows\SysWOW64\npDeployJava1.dll
Java Deployment Toolkit 7.0.170.2
9AE02005247DA91AB1743F5208DBEF76
- C:\windows\SysWOW64\Macromed\Flash\NPS
WF32_17_0_0_169.dll - Shockwave Flash
15E298B5EC5B89C5994A59863969D9FF
- C:\windows\SysWOW64\npmproxy.dll Microsoft Windows Operating System
==== Fake Chromium Profiles Check ======================

Fake
Fake
Fake
Fake
Fake
Fake
Fake
Fake

profile
profile
profile
profile
profile
profile
profile
profile

C:\Users\Administrador\AppData\Local\Google\Chrome deleted
C:\Users\Administrador\AppData\Local\Google\Chrome SxS deleted
C:\Users\Administrador\AppData\Local\Comodo\Dragon deleted
C:\Users\Invitado\AppData\Local\Google\Chrome deleted
C:\Users\Invitado\AppData\Local\Google\Chrome SxS deleted
C:\Users\Invitado\AppData\Local\Comodo\Dragon deleted
C:\Users\Paola\AppData\Local\Google\Chrome SxS deleted
C:\Users\Paola\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

Google Chrome Version: 36.0.1985.125

==== Chromium Fix ======================

C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Local
_www.superfish.com_0.localstorage deleted successfully
C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Local
_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Local
www.superfish.com_0.localstorage deleted successfully
C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Local
www.superfish.com_0.localstorage-journal deleted successfully

Storage\https
Storage\https
Storage\http_
Storage\http_

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"Default"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://www.google.com"
"SearchAssistant"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]

"Tabs"="about:newtab"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search
?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={
searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\
S-1-5-18\Products\24BD3C721C9A44B41A463948D961D021 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninsta
ll\03307fff-b4a1-4f4f-bceb-cd13ced8e69b deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninsta
ll\06eb0128-40b1-4f6c-a5c8-9286b9fbbb18 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninsta
ll\9b168ffa-e84f-4b5e-aeff-717f64b62517 deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{27C3DB42
-A9C1-4B44-A164-93849D160D12} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\24BD3C721C9A44B41A463948D
961D021 deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Tempora
ry Internet Files\Content.IE5 emptied successfully
C:\Users\Paola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.
IE5 emptied successfully
C:\Users\Paola\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Cont
ent.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Tempor
ary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Tempora
ry Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Fi
les\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Tempora
ry Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
C:\Users\Paola\AppData\Local\Mozilla\Firefox\Profiles\0rqpg88b.default\cache2 em
ptied successfully
==== Empty Chrome Cache ======================
C:\Users\Paola\AppData\Local\Google\Chrome\User Data\Default\Cache emptied succe
ssfully
==== Empty All Flash Cache ======================
Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=89 folders=52 23102232 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Paola\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at
reboot
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Paola\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\MpCmdRun.log" not
found
"C:\Users\Paola\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\8BWJNBLK\
static.issuu.com" not found
==== EOF on Fri 05/15/2015 at 22:27:59.15 ======================