Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Aart on wo 08-04-2015 at 14:31:06,92. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Aart\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2015-04-08-115455.log 23515 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\SearchScopes\{A0711DA9-4D63-4ED7-A1E8-CC834F777A02} deleted successfully HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ApnUpdater"=- "mobilegeni daemon"=- [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "bProtector Start Page"=- [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "bProtectorDefaultScope"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\Ask.com not found C:\Program Files (x86)\Mobogenie not found C:\\PROGRA~2\\SearchProtect not found C:\Users\Aart\AppData\Roaming\weDownload Ltd deleted C:\Windows\Sysnative\Tasks\avaavxvyex deleted C:\Windows\Sysnative\Tasks\{22357040-C4DD-4FFA-AFC7-765FFE9C428E} deleted C:\Users\Aart\AppData\Local\avaavxvyex deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted C:\ProgramData\2E3AE deleted C:\Windows\SysNative\tasks\avayvxvaxc deleted C:\Users\Aart\AppData\Local\avayvxvaxc deleted C:\Windows\SysNative\tasks\Scheduled Update for Ask Toolbar deleted C:\Users\Aart\AppData\Local\genienext deleted C:\Users\Aart\daemonprocess.txt deleted C:\Users\Aart\.android deleted C:\PROGRA~2\Wajam deleted C:\Users\Aart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PC-Mechanic.lnk deleted C:\Users\Aart\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk deleted C:\Users\Aart\AppData\Roaming\Babylon deleted C:\Users\Aart\AppData\Roaming\Delta deleted C:\PROGRA~3\Ask deleted C:\PROGRA~3\IBUpdaterService deleted C:\PROGRA~3\Tarma Installer deleted C:\Users\Aart\AppData\Local\Ilivid Player deleted C:\Users\Aart\AppData\Local\onlysearch deleted C:\Users\Aart\AppData\Local\SearchProtect deleted C:\Users\Aart\AppData\Local\Savings Sidekick deleted C:\Users\Aart\AppData\Local\avgchrome deleted C:\Users\Aart\AppData\Local\iMesh deleted C:\Users\Aart\AppData\Local\Mobogenie deleted C:\Users\Aart\AppData\Local\cache deleted C:\Users\Aart\AppData\Local\Google\Chrome\User Data\Default\bProtector Web Data deleted C:\Users\Aart\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences deleted C:\Windows\sysWoW64\config\systemprofile\AppData\Local\SearchProtect deleted C:\Users\Aart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\Aart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard deleted C:\Users\Aart\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iMesh.lnk deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Aart\AppData\LocalLow\AskToolbar deleted C:\Users\Aart\AppData\LocalLow\weDownload Ltd deleted C:\Windows\AppPatch\Custom\Custom64\{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb deleted C:\Windows\wininit.ini deleted C:\end deleted C:\Windows\AppPatch\Custom\{8a4d5a43-c64a-45ab-bdf4-804fe18ceafd}.sdb deleted C:\Windows\AppPatch\nbin\VC32Loader.dll deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted C:\Users\Aart\Documents\Mobogenie deleted C:\Users\Public\Desktop\PC Mechanic.lnk deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Aart\Desktop\Mobogenie.lnk deleted "C:\Users\Aart\Downloads\Setup_WinThruster_2015.exe" deleted "C:\Windows\Installer\bd31a.msi" deleted "C:\PROGRA~2\iLivid" deleted "C:\PROGRA~3\Package Cache" deleted ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22-09-2011 22:20] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [22-09-2011 22:20] ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dhdepfaagokllfmhfbcfmocaeigmoebo - C:\Users\Aart\AppData\Local\Savings Sidekick\Chrome\Savings Sidekick.crx[] fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\WebCakeLayers.crx[] ==== Chromium Startpages ====================== C:\Users\Aart\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.nl/", "startup_urls": [ "http://www.google.nl/" ] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSSE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=06df7b13000000000000f2df9ac0e048" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.ominent.com/ws/?source=9f1d0980&tbp=homepage&toolbarid=base&u=06df7b13000000000000f2df9ac0e048" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/?pc=MSSE" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{80c554b9-c7f8-4a21-9471-06d606da78a2}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Unknown Url="Not_Found" {80c554b9-c7f8-4a21-9471-06d606da78a2} Bing Url="http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE" {9AE5DDCF-2119-4075-A050-392C6FFD6802} Search The Web(ominent) Url="http://search.ominent.com/ws/?source=9f1d0980&tbp=rbox&toolbarid=base&u=06df7b13000000000000f2df9ac0e048&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2110397448-1678517468-774889301-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{8D15E1B2-D2B7-4A17-B44B-D2DDE5981406} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{1F88FC5D-4D46-448A-AF59-7061FFC6ABBF}_is1 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2B1E51D87B2D71A44BB42DDD5E894160 deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Aart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Aart\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Aart\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Aart\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Aart\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=4847 folders=612 596154756 bytes) ==== Empty Temp Folders ====================== C:\Users\Aart\AppData\Local\Temp will be emptied at reboot C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Aart\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Aart\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3TLBS7QK\assets.videostrip.com" not found "C:\Users\Aart\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\3TLBS7QK\core.insightexpressai.com" not found ==== EOF on wo 08-04-2015 at 14:59:47,53 ======================