
Zoek.exe v5.0.0.1 Updated 31-December-2015
Tool run by Damian on p 24.06.2016 at 22:19:37,83.
Microsoft Windows 7 Ultimate  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Damian\Desktop\ZOEX\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

24.6.2016 22:20:15 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\00000000-1452978134-0000-0000-50E5495778AE deleted successfully
C:\PROGRA~2\eSupport.com deleted successfully
C:\PROGRA~2\Futuremark deleted successfully
C:\PROGRA~2\R.G. Mechanics deleted successfully
C:\PROGRA~2\smart pc soft deleted successfully
C:\PROGRA~2\Ubisoft deleted successfully
C:\Program Files\ATI Technologies deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Gazillion Entertainment deleted successfully
C:\PROGRA~3\Origin deleted successfully
C:\PROGRA~3\Splashtop deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} deleted successfully
C:\Users\Damian\AppData\Roaming\Mozilla deleted successfully
C:\Users\Damian\AppData\Roaming\Origin deleted successfully
C:\Users\Damian\AppData\Roaming\Splashtop deleted successfully
C:\Users\Damian\AppData\Roaming\VOPackage deleted successfully
C:\Users\Damian\AppData\Local\eSupport.com deleted successfully
C:\Users\Damian\AppData\Local\GHISLER deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BE4654E6-7BD5-4f96-98B5-138F1B36B08B} deleted successfully
HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3827235849-3457186460-974332170-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\00000000-1452978134-0000-0000-50E5495778AE not found
C:\PROGRA~2\eSupport.com not found
C:\Users\Damian\AppData\Local\eSupport.com not found
C:\PROGRA~2\Futuremark not found
C:\PROGRA~2\R.G. Mechanics not found
C:\PROGRA~2\smart pc soft not found
C:\PROGRA~2\Ubisoft not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\PROGRA~3\{FD6F83C0-EC70-4581-8361-C70CD1AA4B98} not found
C:\Users\Damian\AppData\Roaming\BitTorrent Sync deleted
C:\PROGRA~2\GUM2433.tmp deleted
C:\Users\Damian\AppData\Roaming\IHlpr deleted
C:\Users\Damian\AppData\Roaming\temp.ini deleted
C:\Users\Damian\AppData\Roaming\ProductData deleted
C:\Users\Damian\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\{01BD4FC9-2F86-4706-A62E-774BB7E9D308} deleted
C:\PROGRA~3\{8533ADFA-85F0-4dc1-946A-2A0BA58E78E3} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Damian\AppData\Local\SlimWare Utilities Inc deleted
C:\Users\Damian\AppData\Local\Unity deleted
C:\Users\Damian\AppData\Local\CrashRpt deleted
C:\Users\Damian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage deleted
C:\Users\Damian\AppData\LocalLow\Unity deleted
C:\windows\SysNative\tasks\ASC9_PerformanceMonitor deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\AI_RecycleBin deleted
"C:\Users\Damian\AppData\Roaming\PlaysTV\playstv.cfg" deleted
"C:\Users\Damian\AppData\Roaming\PlaysTV" deleted

==== Orphaned Tasks deleted from Registry ======================

amiupdaterExd deleted
amiupdaterExi deleted
ASC9_PerformanceMonitor deleted
ESET Windows 10 upgrade - Refresh settings deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[]


==== Chromium Fix ======================

C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pos.baidu.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_pos.baidu.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_toolbar.yahoo.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_toolbar.avg.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.doubleclick.net_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_adrddl.blogspot.cz_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads.bsplayer.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads1.tune.pk_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ads2.opensubtitles.org_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_ads.yahoo.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_adserwer.adtools.pl_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_advert.uloz.to_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.audienceinsights.net_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_static.olark.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\https_c.betrad.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Local Storage\http_c.betrad.com_0.localstorage deleted successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes "DefaultScope"="{00A4DD73-CC7D-413c-8CCF-49FC4179109A}"
HKCU\SearchScopes\{00A4DD73-CC7D-413c-8CCF-49FC4179109A} - http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.google.com/cse?cx=partner-pub-3794288947762788%3A7941509802&ie=UTF-8&sa=Search&siteurl=www.google.com%2Fcse%2Fhome%3Fcx%3Dpartner-pub-3794288947762788%3A7941509802&q={searchTerms}

==== Reset Google Chrome ======================

C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Web Data.ReadOnly was reset successfully
C:\Users\Damian\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\UnityWebPlayer deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.autoupdate deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cz.seznam.software.szndesktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\seznam-listicka-distribuce deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\STCAgent deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZyngaGamesAgent deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Damian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Damian\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\Damian\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=604 folders=508 408623951 bytes)

==== Empty Temp Folders ======================

C:\Users\Damian\AppData\Local\Temp will be emptied at reboot
C:\Users\damm\AppData\Local\Temp emptied successfully
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Damian\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Damian\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted

==== EOF on so 25.06.2016 at  0:02:04,11 ======================
