
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Ekospol on t 10.01.2017 at  7:34:11,72.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x64
Running in: Safe Mode NETWORK Internet Access Detected
Launched: C:\Users\Ekospol\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2017-01-06-101857.log	4520 bytes
C:\zoek-results2017-01-06-110638.log	3473 bytes

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Ekospol\AppData\Roaming\Google\AdWords-Editor\Profiles\zesb1yw8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Ekospol\AppData\Roaming\Google\AdWords-Editor\Profiles\zesb1yw8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Added to C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\windows\SysNative\Tasks\2349r938o1m109 deleted
C:\windows\tasks\2349r938o1m109.job deleted
C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\jetpack deleted

==== Orphaned Tasks deleted from Registry ======================

2349r938o1m109 deleted
avast Emergency Update deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Ekospol\AppData\Roaming\Google\AdWords-Editor\Profiles\zesb1yw8.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03.01.2017 08:17]
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [03.01.2017 08:17]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default
- ZenMate Security Privacy amp; Unblock VPN - %ProfilePath%\extensions\firefox@zenmate.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
F9D90EEC96E97411869E120E52B1AE0A	- C:\Users\Ekospol\AppData\Local\Google\Update\1.3.32.7\npGoogleUpdate3.dll -	Google Update


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Guest\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[]
ncffjdbbodifgldkcbhmiiljfcnbgjab - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\BrowserExt\dpchrome.crx[11.02.2014 01:35]

Avast SafePrice - Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck
Chrome Media Router - Ekospol\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Media Router - Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Fix ======================

C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE09&ocid=UE09DHP"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=CMDTDFJS
HKLM\Wow6432Node\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE10

==== Reset Google Chrome ======================

C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences.bad was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Web Datagoobackup was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Web Datagoobackup was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ekospol\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Ekospol\AppData\Local\Mozilla\Firefox\Profiles\kcee1srb.default\cache2 emptied successfully
C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\storage\default\https+++plus.google.com\cache emptied successfully
C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\storage\default\https+++www.airbank.cz\cache emptied successfully
C:\Users\Ekospol\AppData\Roaming\Mozilla\Firefox\Profiles\kcee1srb.default\storage\default\https+++www.youtube.com\cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Ekospol\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=677 folders=217 58264691 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Ekospol\AppData\Local\Temp will be emptied at reboot
C:\Users\Guest\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\Ekospol\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on t 10.01.2017 at  7:48:41,06 ======================
