Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Idan on Thu 04/28/2016 at 10:49:50.42. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Idan\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 28/04/2016 10:52:13 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Electronic Arts deleted successfully C:\Program Files\Google deleted successfully C:\Users\Idan\AppData\Roaming\BitTorrent deleted successfully C:\Users\Guest\AppData\Local\VirtualStore deleted successfully C:\Users\Idan\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Idan\AppData\Local\EmieSiteList deleted successfully C:\Users\Idan\AppData\Local\EmieUserList deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-85820212-1267379632-1251349074-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1C16DDF7-DD43-46EE-AE51-74297FB3C6AC} deleted successfully HKEY_USERS\S-1-5-21-85820212-1267379632-1251349074-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0A900DF-9611-4446-86BD-4B1D47E7DB2A} deleted successfully HKEY_USERS\S-1-5-21-85820212-1267379632-1251349074-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F4E39681-15F8-4fda-B8A3-B5C98378F2F3} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Guest\AppData\Roaming\Mozilla\Firefox\Profiles\ps9s7vq3.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20160428_1112_.backup ProfilePath: C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\1bg2zy70.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20160428_1112_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Electronic Arts not found C:\found.000 deleted C:\Users\Idan\AppData\Roaming\ARCompanion.log deleted C:\windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted C:\windows\SysNative\tasks\Google Update deleted C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\1bg2zy70.default\Yahoo Inc deleted ==== Orphaned Tasks deleted from Registry ====================== Google Update deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\1bg2zy70.default user_pref("browser.startup.homepage", "http://www.walla.co.il/"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\1bg2zy70.default - Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\18.9.0.230 AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Idan\AppData\Roaming\Mozilla\Firefox\Profiles\1bg2zy70.default 52CE0DBFD9738AE528CF525A0367EBEB - d:\media\VideoLAN\VLC\npvlc.dll - VLC Web Plugin AC47B55B38D626B678897F195793ECAB - C:\windows\SysWoW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 20FF20FBC1F20ADEC0AD6AF98ABE9545 - C:\Users\Idan\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 57D28190C994AD5E9B1007FB2259393A - C:\Users\Idan\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer ==== Chromium Look ====================== AdBlock - Idan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.walla.co.il/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.walla.co.il/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADFA_en ==== Empty IE Cache ====================== C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Idan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Idan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7TM986N will be deleted at reboot C:\Users\Idan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6MWV5ZI will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Guest\AppData\Local\Mozilla\Firefox\Profiles\ps9s7vq3.default\Cache emptied successfully C:\Users\Idan\AppData\Local\Mozilla\Firefox\Profiles\1bg2zy70.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Idan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=66 folders=5 442162 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Guest\AppData\Local\Temp emptied successfully C:\Users\Idan\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Idan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Idan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\G7TM986N" not found "C:\Users\Idan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\J6MWV5ZI" not found ==== EOF on Thu 04/28/2016 at 11:27:26.31 ======================