Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Gamegear on 18/04/2016 at 18:31:44.09. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gamegear\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 18/04/2016 18:32:14 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Origin Games deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\Gamegear\AppData\Local\ActiveSync deleted successfully C:\Users\Gamegear\AppData\Local\eSupport.com deleted successfully C:\Users\Gamegear\AppData\Local\FluxSoftware deleted successfully C:\Users\Gamegear\AppData\Local\Skype deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1576354919-2841432403-4279176456-1001\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCFCC2EC-3F33-45A8-8ADF-A6C81F11232F} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_042016_1841_.backup ProfilePath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\hjrk6k3s.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_042016_1841_.backup ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Origin Games not found C:\Users\Gamegear\AppData\Roaming\.pixelmon deleted C:\Users\Gamegear\AppData\Roaming\TSv deleted C:\Users\Gamegear\AppData\Local\updater.log deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Public\Documents\dmp deleted C:\windows\SysNative\tasks\update-S-1-5-21-1576354919-2841432403-4279176456-1001 deleted C:\windows\SysNative\tasks\update-sys deleted C:\WINDOWS\tasks\update-S-1-5-21-1576354919-2841432403-4279176456-1001.job deleted C:\WINDOWS\tasks\update-sys.job deleted C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1\Yahoo Inc deleted C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\hjrk6k3s.default\Yahoo Inc deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.AddOns.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Bindings.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.ClientService.Models.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.CloudServices.Client.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.CloudServices.Models.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Common.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Companion.Friends.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Companion.Games.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.CurseClient.Localization.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.exe" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Friends.Enums.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Hashing.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Logging.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Minecraft.Models.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.pdb" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Presto.Interface.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Radium.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Radium.Html.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Radium.Html.pdb" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Radium.Minecraft.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Radium.Overlay.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.ServiceAuthentication.Models.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.SocketInterface.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.SocketMessages.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Tools.BufferedIPC.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Tools.ClientAPI.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Tools.ProtoMQ.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Tools.SimpleIPC.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.UpdaterCore.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Voice.Client.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Voice.Contracts.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Wpf.Controls.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Curse.Wpf.Themes.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\CurseAudioManager.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\CurseClient.Plugins.CurseVoice.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\ICSharpCode.SharpZipLib.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\LzmaLib.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Newtonsoft.Json.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\opus.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\protobuf-net.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\websocket-sharp.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cookies" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cookies-journal" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Assets\Client.dat" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\content_resources_200_percent.pak" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\content_shell.pak" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\CurseUI.exe" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\d3dcompiler_47.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\icudtl.dat" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\libEGL.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\libGLESv2.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\msvcp120.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\msvcr120.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\natives_blob.bin" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\node.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\snapshot_blob.bin" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\ui_resources_200_percent.pak" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\locales\en-GB.pak" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\resources\app.asar" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\resources\atom.asar" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache\data_0" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache\data_1" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache\data_2" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache\data_3" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache\index" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache\data_0" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache\data_1" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache\data_2" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache\data_3" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache\index" deleted "C:\PROGRA~2\Skillbrains\lightshot\5.3.0.0\Lightshot.dll" deleted "C:\PROGRA~2\Skillbrains\lightshot\5.3.0.0\Lightshot.exe" deleted "C:\PROGRA~2\Skillbrains\lightshot\5.3.0.0\uploader.dll" deleted "C:\Users\Gamegear\AppData\Roaming\Corsair" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client" deleted "C:\PROGRA~2\Skillbrains" deleted "C:\PROGRA~3\Package Cache" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Assets" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\locales" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Bin\Electron\resources" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\Cache" deleted "C:\Users\Gamegear\AppData\Roaming\Curse Client\Electron\GPUCache" deleted "C:\PROGRA~2\Skillbrains\lightshot" deleted "C:\PROGRA~2\Skillbrains\lightshot\5.3.0.0" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 - VLC Youtube - %ProfilePath%\extensions\vlc_shortcut@kosan.kosan.xpi ProfilePath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\hjrk6k3s.default - VLC Youtube - %ProfilePath%\extensions\vlc_shortcut@kosan.kosan.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 41BB839E8E187C518441334506229ED5 - C:\Users\Gamegear\AppData\Roaming\RCTW\plugins\nprcplugin.dll - Raidcall plugin 6FE651F6E3025AD51CC1D54913AEEADC - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll - Shockwave Flash Profilepath: C:\Users\Gamegear\AppData\Roaming\Mozilla\Firefox\Profiles\hjrk6k3s.default 41BB839E8E187C518441334506229ED5 - C:\Users\Gamegear\AppData\Roaming\RCTW\plugins\nprcplugin.dll - Raidcall plugin 6FE651F6E3025AD51CC1D54913AEEADC - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_306.dll - Shockwave Flash ==== Chromium Look ====================== AdBlock - Gamegear\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Chrome Web Store Payments - Gamegear\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 HKCU\SearchScopes\{67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} - http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?} ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gamegear\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gamegear\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Gamegear\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Gamegear\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Gamegear\AppData\Local\Mozilla\Firefox\Profiles\41A66E7E5EE1\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Gamegear\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully C:\Users\Gamegear\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1432 folders=565 1451358314 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Gamegear\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 18/04/2016 at 18:51:46.52 ======================