Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by graham on 05/12/2014 at 15:00:03.20.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\graham\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
05/12/2014 15:03:33 Zoek.exe System Restore Point Created Succesfully.
==== Empty Folders Check ======================
C:\PROGRA~2\Blender Foundation deleted successfully
C:\PROGRA~2\GoSave deleted successfully
C:\PROGRA~2\HDPlayer deleted successfully
C:\PROGRA~2\Nosibay deleted successfully
C:\Program Files\003 deleted successfully
C:\Program Files\office.tmp deleted successfully
C:\PROGRA~3\Performancer deleted successfully
C:\Users\graham\AppData\Roaming\Nosibay deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3994157241-130034325-3942045748-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-3994157241-130034325-3942045748-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_USERS\S-1-5-21-3994157241-130034325-3942045748-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5E69F37E-51A1-4830-B715-1498526EAE0F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\desksvc deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\desksvc deleted successfully
==== Batch Command(s) Run By Tool======================
==== Deleting Files \ Folders ======================
C:\PROGRA~3\elggbdghncecokebaolbkjjankcmhcac deleted
C:\Users\graham\AppData\Local\Packages\windows_ie_ac_001\AC\{49A407B0-AA89-C5D7-1F0B-FBAB3B5060BB} deleted
C:\Users\graham\AppData\Local\Packages\windows_ie_ac_001\AC\{5AA1C2B2-A695-AAD6-ED66-4236CB48B025} deleted
C:\PROGRA~3\15567400010184950365 deleted
C:\PROGRA~3\d80a83d4637c825d deleted
C:\PROGRA~3\WinterSoft deleted
C:\PROGRA~3\ddeallssteora deleted
C:\PROGRA~3\saaVinshop deleted
C:\PROGRA~2\Softonic deleted
C:\PROGRA~2\SearchNewTab deleted
C:\PROGRA~2\COMMON~1\337 deleted
C:\PROGRA~2\Tuguu SL deleted
C:\PROGRA~2\Vaudix deleted
C:\PROGRA~2\The Sea App (Internet Explorer) deleted
C:\Users\graham\AppData\Roaming\WB.CFG deleted
C:\Users\graham\AppData\Roaming\EZDownloader deleted
C:\Users\graham\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z deleted
C:\Users\graham\AppData\Roaming\Desk 365 deleted
C:\Users\graham\AppData\Roaming\DSite deleted
C:\Users\graham\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\SearchNewTab deleted
C:\PROGRA~3\eBay deleted
C:\PROGRA~3\Vaudix deleted
C:\PROGRA~3\InstallMate deleted
C:\Users\graham\AppData\Local\avgchrome deleted
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\bprotector web data deleted
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365 deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\graham\AppData\LocalLow\Softonic deleted
C:\Users\graham\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk deleted
C:\WINDOWS\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted
C:\windows\SysNative\tasks\Desk 365 RunAsStdUser deleted
C:\windows\SysNative\drivers\{dc19896d-a3e2-417d-be46-d18ebc99e240}Gw64.sys deleted
C:\WINDOWS\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\machine deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\graham\Documents\Add-in Express deleted
C:\Users\graham\Desktop\Continue installation .lnk deleted
C:\Users\graham\AppData\Local\dsisetup2637404842.exe deleted
"C:\PROGRA~2\Desk 365\desk365.exe" deleted
"C:\PROGRA~2\Desk 365\ebase.dll" deleted
"C:\PROGRA~2\Desk 365\edeskcmn.dll" deleted
"C:\PROGRA~2\Desk 365\edis64.dll" deleted
"C:\PROGRA~2\Desk 365\ElexDbg.dll" deleted
"C:\PROGRA~2\Desk 365\enotify.dll" deleted
"C:\PROGRA~2\Desk 365\libpng.dll" deleted
"C:\PROGRA~2\Desk 365\libpopdlg.dll" deleted
"C:\PROGRA~2\Desk 365\mbdet.dll" deleted
"C:\PROGRA~2\Desk 365\ouilibnl.dll" deleted
"C:\PROGRA~2\mbot_gb_242\mbot_gb_242.exe" deleted
"C:\Users\graham\AppData\Local\mbot_gb_242\upmbot_gb_242.exe" deleted
"C:\PROGRA~2\Desk 365" not deleted
"C:\PROGRA~2\mbot_gb_242" deleted
"C:\Users\graham\AppData\Local\mbot_gb_242" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"
http://www.google.com",
"startup_urls": [ "
http://www.google.com" ],
==== Chromium Fix ======================
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.livelyrics00.live-lyrics.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_
www.superfish.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_
www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.superfish.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.trovi.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.trovi.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.iminent.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.iminent.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.iminent.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fashionfinder.asos.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fashionfinder.asos.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.hairfinder.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.hairfinder.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_
www.surveysavers.co.uk_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_
www.surveysavers.co.uk_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.luiss.it_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.luiss.it_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.ask.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_
www.ask.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shopper.deals-way.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_shopper.deals-way.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shopper.deals-way.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.softonic.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.inspsearch.com_0.localstorage-journal deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage deleted successfully
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www2.delta-search.com_0.localstorage-journal deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
http://www.google.com"
"Default_Page_URL"="
http://www.google.com"
"Search Page"="
https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="
https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="
http://www.google.com"
"Default_Page_URL"="
http://www.google.com"
"Search Page"="
https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="
https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="
http://www.google.com"
"Default_Page_URL"="
http://www.google.com"
"Search Page"="
https://www.google.com/search?trackid=sp-006&q={searchTerms}"
"Search Bar"="
https://www.google.com/?trackid=sp-006"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="
http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="
http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="
http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="
http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="
http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="
http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="
http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0191A6B0-1154-4C22-9182-23A95BBE92D9}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="
http://www.google.com/search?q={searchTerms}"
{0191A6B0-1154-4C22-9182-23A95BBE92D9} Google Url="
http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="
http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="
http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{CAC67C12-2C61-40CC-9AA0-C35412E09390} Unknown Url="Not_Found"
{CC865B26-C31D-4D23-B17B-96548EEF03F6} Google Url="
https://www.google.com/search?trackid=sp-006&q={searchTerms}"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="
https://www.google.com/search?trackid=sp-006&q={searchTerms}"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3994157241-130034325-3942045748-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CAC67C12-2C61-40CC-9AA0-C35412E09390} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8A0DD53E-32C2-A006-548C-E039C76D383F} deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_CURRENT_USER\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\mbot_gb_242_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\The Sea App deleted successfully
==== Empty IE Cache ======================
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\graham\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\graham\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\graham\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\graham\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KKU4RX7I will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\graham\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=1216 folders=99 148577133 bytes)
==== Empty Temp Folders ======================
C:\Users\ADMINI~1\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\graham\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\WINDOWS\Temp successfully emptied
C:\Users\graham\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\PROGRA~2\Desk 365" not found
"C:\Users\graham\AppData\Local\Microsoft\Windows\INetCache\Low\IE\KKU4RX7I" not found
==== EOF on 05/12/2014 at 16:41:14.01 ======================