API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 11th, 2017
170
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 10.84 KB | None | 0 0
raw download clone embed print report
  1.  
  2. Zoek.exe v5.0.0.1 Updated 27-09-2015
  3. Tool run by Jean-Michel Crapaud on 11/03/2017 at 16:38:21.96.
  4. Microsoft Windows 10 Home 10.0.14393 x64
  5. Running in: Normal Mode No Internet Access Detected
  6. Launched: C:\Users\Bernard\Desktop\zoek\zoek.exe [Scan all users] [Script inserted]
  7.  
  8. ==== System Restore Info ======================
  9.  
  10. 11/03/2017 16:39:02 Zoek.exe System Restore Point Created Successfully.
  11.  
  12. ==== Empty Folders Check ======================
  13.  
  14. C:\PROGRA~2\MK deleted successfully
  15. C:\PROGRA~3\ALM deleted successfully
  16. C:\PROGRA~3\Comms deleted successfully
  17. C:\PROGRA~3\SoftwareDistribution deleted successfully
  18. C:\Users\Administrateur\AppData\LocalLow deleted successfully
  19. C:\Users\Administrateur\AppData\Local\ActiveSync deleted successfully
  20. C:\Users\Bernard\AppData\Local\ActiveSync deleted successfully
  21. C:\Users\Bernard\AppData\Local\Ahghtshonge deleted successfully
  22. C:\Users\Bernard\AppData\Local\Black_Tree_Gaming deleted successfully
  23. C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps deleted successfully
  24. C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully
  25.  
  26. ==== Deleting CLSID Registry Keys ======================
  27.  
  28.  
  29. ==== Deleting CLSID Registry Values ======================
  30.  
  31.  
  32. ==== Deleting Services ======================
  33.  
  34.  
  35. ==== Batch Command(s) Run By Tool======================
  36.  
  37.  
  38. ==== Deleting Files \ Folders ======================
  39.  
  40. C:\PROGRA~2\MK not found
  41. C:\Users\Bernard\AppData\Roaming\Amanote deleted
  42. C:\Users\Bernard\AppData\Roaming\discord deleted
  43. C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
  44. C:\PROGRA~3\ProductData deleted
  45. C:\PROGRA~3\Package Cache deleted
  46. C:\Users\Bernard\AppData\Local\BitLord deleted
  47. C:\Users\Bernard\AppData\Local\Wondershare deleted
  48. C:\windows\SysNative\GroupPolicy\Adm deleted
  49. C:\windows\SysNative\GroupPolicy\Machine deleted
  50. C:\windows\SysNative\GroupPolicy\User deleted
  51. C:\windows\SysNative\GroupPolicy\gpt.ini deleted
  52. C:\Users\Bernard\Documents\BitLord deleted
  53. "C:\WINDOWS\Installer\3e9c708.msi" deleted
  54. "C:\Users\Bernard\AppData\Local\{85ADDFBA-5926-4321-BEE0-E15D55160A9B}" deleted
  55. "C:\Users\Bernard\AppData\Roaming\WinSnare\WinSnare.dll" deleted
  56. "C:\Users\Bernard\AppData\Roaming\WinSnare" not deleted
  57.  
  58. ==== Firefox Start and Search pages ======================
  59.  
  60. ProfilePath: C:\Users\Bernard\AppData\Roaming\Mozilla\Firefox\Profiles\qarxcnrs.default-1489000847466
  61. user_pref("browser.startup.homepage", "about:home");
  62.  
  63. ==== Firefox Extensions ======================
  64.  
  65. ProfilePath: C:\Users\Bernard\AppData\Roaming\Mozilla\Firefox\Profiles\qarxcnrs.default-1489000847466
  66. - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi
  67. - iMacros for Firefox - %ProfilePath%\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}.xpi
  68.  
  69. AppDir: C:\Program Files (x86)\Mozilla Firefox
  70. - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi
  71.  
  72. ==== Firefox Plugins ======================
  73.  
  74. Profilepath: C:\Users\Bernard\AppData\Roaming\Mozilla\Firefox\Profiles\qarxcnrs.default-1489000847466
  75. 86BD236BE6DA240730EFD2C8026E5B16 - C:\WINDOWS\SysWoW64\Macromed\Flash\NPSWF32_24_0_0_221.dll - Shockwave Flash
  76. CAF78E18A9E1380A0A38065B3B1210E0 - C:\Users\Bernard\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin.dll - VASCO Card Reader Plugin
  77. 1CDD28B47D8198F868349BDFBCD1281B - C:\Users\Bernard\AppData\Roaming\VASCO\VascoCardReaderPlugin\3.2.3.4\npVascoCardReaderPlugin64.dll - VASCO Card Reader Plugin
  78.  
  79.  
  80. ==== Chromium Look ======================
  81.  
  82.  
  83. ==== Set IE to Default ======================
  84.  
  85. Old Values:
  86. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  87. [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
  88. "Default_Page_URL"="http://www.startpageing123.com/?type=hp&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX"
  89. "Default_Search_URL"="http://www.startpageing123.com/search/?type=ds&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX&q={searchTerms}"
  90. "Search Page"="http://www.startpageing123.com/search/?type=ds&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX&q={searchTerms}"
  91. "Start Page"="http://www.startpageing123.com/?type=hp&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX"
  92. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
  93. "Default_Page_URL"="http://www.startpageing123.com/?type=hp&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX"
  94. "Default_Search_URL"="http://www.startpageing123.com/search/?type=ds&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX&q={searchTerms}"
  95. "Search Page"="http://www.startpageing123.com/search/?type=ds&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX&q={searchTerms}"
  96. "Start Page"="http://www.startpageing123.com/?type=hp&ts=1489157213&z=537dcad076e37520938849fgczcbat6g3w0mdo7g0o&from=che0812&uid=HGSTXHTS721010A9E630_JS10006206LPAT06LPATX"
  97. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  98. No DefaultScope Set For HKCU
  99.  
  100. New Values:
  101. [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
  102. "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
  103. [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
  104. "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
  105. "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
  106. "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
  107. "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
  108. [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
  109. "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
  110. "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
  111. "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
  112. "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
  113. [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
  114. "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
  115.  
  116. ==== All HKCU SearchScopes ======================
  117.  
  118. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
  119. {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
  120. {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
  121. {33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found"
  122. {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}"
  123.  
  124. ==== Deleting CLSID Registry Keys ======================
  125.  
  126. HKEY_USERS\S-1-5-21-2792659385-62999317-2928674910-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{E3605470-291B-44EB-8648-745EE356599A} deleted successfully
  127. HKEY_USERS\S-1-5-21-2792659385-62999317-2928674910-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
  128. HKEY_CLASSES_ROOT\CLSID\{E3605470-291B-44EB-8648-745EE356599A} deleted successfully
  129. HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{E3605470-291B-44EB-8648-745EE356599A} deleted successfully
  130. HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
  131. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
  132.  
  133. ==== Deleting CLSID Registry Values ======================
  134.  
  135.  
  136. ==== Deleting Registry Keys ======================
  137.  
  138. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1F6D371FD48281B4F9E675DD0CE543AE deleted successfully
  139. HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F173D6F1-284D-4B18-9F6E-57DDC05E34EA} deleted successfully
  140. HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\1F6D371FD48281B4F9E675DD0CE543AE deleted successfully
  141.  
  142. ==== Empty IE Cache ======================
  143.  
  144. C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
  145. C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  146. C:\Users\Bernard\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  147. C:\Users\Bernard\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
  148. C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  149. C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  150. C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  151. C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
  152. C:\Users\Administrateur\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  153. C:\Users\Bernard\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  154. C:\Users\Bernard\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
  155. C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  156. C:\Users\Default User\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  157. C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  158. C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
  159.  
  160. ==== Empty FireFox Cache ======================
  161.  
  162. C:\Users\Bernard\AppData\Local\Mozilla\Firefox\Profiles\qarxcnrs.default-1489000847466\cache2 emptied successfully
  163.  
  164. ==== Empty Chrome Cache ======================
  165.  
  166. C:\Users\Bernard\AppData\Local\Blisk\User Data\Default\Cache emptied successfully
  167.  
  168. ==== Empty All Flash Cache ======================
  169.  
  170. No Flash Cache Found
  171.  
  172. ==== Empty All Java Cache ======================
  173.  
  174. Java Cache cleared successfully
  175.  
  176. ==== C:\zoek_backup content ======================
  177.  
  178. C:\zoek_backup (files=1259 folders=1703 3858404576 bytes)
  179.  
  180. ==== Empty Temp Folders ======================
  181.  
  182. C:\WINDOWS\Temp will be emptied at reboot
  183.  
  184. ==== After Reboot ======================
  185.  
  186. ==== Empty Temp Folders ======================
  187.  
  188. C:\WINDOWS\Temp successfully emptied
  189. C:\Users\Bernard\AppData\Local\Temp successfully emptied
  190.  
  191. ==== Empty Recycle Bin ======================
  192.  
  193. C:\$RECYCLE.BIN successfully emptied
  194.  
  195. ==== Deleting Files / Folders ======================
  196.  
  197. "C:\Users\Bernard\AppData\Roaming\WinSnare" not found
  198.  
  199. ==== EOF on 11/03/2017 at 17:09:35.19 ======================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!