RogueKiller V10.0.3.0 [Oct 22 2014] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebová stránka :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperační systém : Windows Vista (6.0.6002 Service Pack 2) 32 bits version
Spuštěno : Normální režim
Uživatel : Nekut Karel [Práva správce]
Mód : Smazat -- Datum : 10/27/2014 22:16:20
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 17 ¤¤¤
[Hidden.From.SCM] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\AFD -> Smazáno
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme -> Smazáno
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme -> Smazáno
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\catchme -> Smazáno
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page :
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (
http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Internet Explorer\Main | Start Page :
http://www.seznam.cz/?clid=13415 -> Nahrazeno (
http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page :
http://www.microsoft.com/isapi/redir.dl ... ar=msnhome -> Nahrazeno (
http://go.microsoft.com/fwlink/p/?LinkId=255141)
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page :
http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (
http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Internet Explorer\Main | Search Page :
http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (
http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page :
http://www.microsoft.com/isapi/redir.dl ... r=iesearch -> Nahrazeno (
http://go.microsoft.com/fwlink/?LinkId=54896)
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{177098DD-A412-41BB-A923-2562315E4E56} | DhcpNameServer : 77.48.254.254 77.48.100.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{958290BB-B25D-4729-9B5B-E2767DFBF4A4} | DhcpNameServer : 7.254.254.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{177098DD-A412-41BB-A923-2562315E4E56} | DhcpNameServer : 77.48.254.254 77.48.100.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{958290BB-B25D-4729-9B5B-E2767DFBF4A4} | DhcpNameServer : 7.254.254.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{177098DD-A412-41BB-A923-2562315E4E56} | DhcpNameServer : 77.48.254.254 77.48.100.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{958290BB-B25D-4729-9B5B-E2767DFBF4A4} | DhcpNameServer : 7.254.254.254 -> Nahrazeno ()
[PUM.Dns] HKEY_LOCAL_MACHINE\System\ControlSet003\Services\Tcpip\Parameters\Interfaces\{958290BB-B25D-4729-9B5B-E2767DFBF4A4} | DhcpNameServer : 7.254.254.254 -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno
¤¤¤ Antirootkit : 8 (Driver: Nahrán) ¤¤¤
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CREATE[0] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_CLOSE[2] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_DEVICE_CONTROL[14] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_INTERNAL_DEVICE_CONTROL[15] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_POWER[22] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_SYSTEM_CONTROL[23] : Unknown @ 0xc2b2a1f8
[IRP:Addr(Hook.IRP)] \SystemRoot\System32\drivers\mountmgr.sys - IRP_MJ_PNP[27] : Unknown @ 0xc2b2a1f8
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\drivers\ks.sys)
¤¤¤ Webové prohlížeče : 2 ¤¤¤
[IE:Addon] System : @C:\Program Files\MSN Toolbar\Platform\6.3.2348.0\npwinext.dll,-100 [{8dcb7100-df86-4384-8842-8fa844297b3f}] -> Smazáno
[IE:Addon] System : avast! Online Security [{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}] -> Smazáno
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST3500320AS ATA Device +++++
--- User ---
[MBR] 12eb0d23bebc67f06c359bfbd4febcb4
[BSP] fff040ae739b45c3f139f0a85e35e386 : HP MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476938 MB
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_10272014_113004.log - RKreport_SCN_10272014_113852.log - RKreport_SCN_10272014_221405.log
Zoek.exe v5.0.0.0 Updated 26-10-2014
Tool run by Nekut Karel on po 27.10.2014 at 22:20:03,96.
Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nekut Karel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
27.10.2014 22:22:43 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
127.0.0.1 localhost
::1 localhost
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Internet Explorer\SearchScopes\{7F07EFF3-0CD1-4DE0-AFAA-2DA3D9BA4887} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8DCB7100-DF86-4384-8842-8FA844297B3F} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{3B81079D-2AC9-425f-A494-A1C7D93AFA3C} deleted successfully
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.search.defaultenginename", "Yahoo");
user_pref("browser.search.selectedEngine", "Yahoo");
user_pref("keyword.URL", "http://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=114576&p=");
Added to C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
Deleted from C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default\prefs.js:
user_pref("browser.search.useDBForOrder", true);
Added to C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default\prefs.js:
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.order.1", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.suggest.enabled", true);
user_pref("browser.search.useDBForOrder", true);
ProfilePath: C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions
user.js not found
---- FireFox user.js and prefs.js backups ----
prefs_27.10.2014_2237_.backup
ProfilePath: C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default
user.js not found
---- Lines Search modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines Torntv modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines ask.com modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines yontoo modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines GadgetBox modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines gophoto.it removed from prefs.js ----
user_pref("extensions.bootstrappedAddons", "{\"5065665210ac1@5065665210afe.com\":{\"version\":\"3.2\",\"type\":\"extension\",\"descriptor\":\"C:\\\\Us
---- Lines gophoto.it modified from prefs.js ----
user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{20a82645-c095-46ed-80e3-08825760534b}\":{\"descriptor\":\"C:\\\\
---- Lines extensions.5065665210b72 removed from prefs.js ----
user_pref("extensions.5065665210b72.epoch", "1366220776");
user_pref("extensions.5065665210b72.url", "http://jpigetjson.info/sync/?ext=stuner&pid=201&country=CZ®d=120928085650&lsd=130416172800&uid=506566521
---- Lines extensions.50795ba07d872 removed from prefs.js ----
user_pref("extensions.50795ba07d872.epoch", "1366220776");
user_pref("extensions.50795ba07d872.url", "http://getjpi1.info/sync/?ext=dnsave&pid=242&country=CZ®d=121013121632&lsd=130416172800&uid=50795ba07d72
---- FireFox user.js and prefs.js backups ----
prefs_27.10.2014_2237_.backup
==== Registry Fix Code ======================
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Torch.EXZ73Y6NLAHY3HD2RLKN5D2ZUY\shell\open\command]
@="C:\\Users\\Nekut Karel\\AppData\\Local\\Torch\\Application\\torch.exe"
==== Deleting Files \ Folders ======================
C:\PROGRA~2\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~2\{CED89F1A-945F-46EC-B23C-5EAF6D2DB12A} deleted
C:\PROGRA~2\{D1D4879F-2279-49C9-AEBF-3B95C84EAA8F} deleted
C:\Program Files\Java deleted
C:\Users\Nekut Karel\AppData\LocalLow\{2A77B9CB-D3B0-55CE-1155-5426313BD473} deleted
C:\Users\Nekut Karel\AppData\LocalLow\{4AC4840B-F791-108A-0B06-DBE341B7CE85} deleted
C:\PROGRA~2\CloudSoft deleted
C:\Program Files\Mozilla Firefox\defaults\preferences\pref.js deleted
C:\Program Files\Paradox Interactive deleted
C:\user.js deleted
C:\Users\Nekut Karel\AppData\Roaming\varicad-work.ini deleted
C:\PROGRA~2\hash.dat deleted
C:\PROGRA~2\ICQ deleted
C:\PROGRA~2\InstallMate deleted
C:\PROGRA~2\GreatSoft deleted
C:\PROGRA~2\Package Cache deleted
C:\Users\Nekut Karel\AppData\LocalLow\{40BEF2DE-4992-D348-0192-09D9203201DB} deleted
C:\Users\Nekut Karel\AppData\LocalLow\{D606ABCA-F13C-1090-3273-ADFA2F314FDC} deleted
C:\Users\Nekut Karel\AppData\LocalLow\{FA6C928E-20DF-1D23-92E6-7E5C18483CAD} deleted
C:\Users\Nekut Karel\AppData\LocalLow\boost_interprocess deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\system32\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\Windows\system32\config\systemprofile\Searches deleted
C:\Windows\system32\GroupPolicy\Machine deleted
C:\Windows\system32\GroupPolicy\User deleted
C:\Windows\system32\GroupPolicy\gpt.ini deleted
C:\Windows\System32\AniGIF.ocx deleted
C:\Windows\System32\searchplugins deleted
C:\Windows\System32\Extensions deleted
C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default\jetpack deleted
C:\Users\Nekut Karel\AppData\Roaming\AssassinsCreedRevelations.exe deleted
C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com deleted
C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default\extensions\gadget@gadgetbox deleted
"C:\Users\Nekut Karel\AppData\Local\LumaEmu" deleted
"C:\Users\Nekut Karel\AppData\Local\{1121A380-8D67-4E18-8F05-97F8DF9C8B82}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{476D78C4-1DB0-2D88-7FCC-AA6559F59A8D}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{4820778D-AB0D-6D18-C316-52A6A0E1D507}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{A35CA8FF-CB7D-8361-1CB9-83219CD11C78}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{C670DCAE-E392-AA32-6F42-143C7FC4BDFD}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{CF830981-8F31-C561-C7A0-FE2CE1878B40}" deleted
"C:\PROGRA~2\ff31c41ee2c823d9\{E32743D3-5789-6E4F-3998-06FB87C9214B}" deleted
"C:\Users\Nekut Karel\AppData\Roaming\Godlike\wtpro.dll" deleted
"C:\PROGRA~2\ff31c41ee2c823d9" deleted
"C:\Users\Nekut Karel\AppData\Roaming\Godlike" deleted
"C:\Program Files\Windows Portable Devices" deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{DF153AFF-6948-45d7-AC98-4FC4AF8A08E2}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [27.09.2013 23:25]
==== Firefox Extensions ======================
ProfilePath: C:\Users\NEKUTK~1\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default
- Seznam litika - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Undetermined - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
==== Firefox Plugins ======================
Profilepath: C:\Users\Nekut Karel\AppData\Roaming\Mozilla\Firefox\Profiles\wsp66ecb.default
3A9E1940B4459CC97FDCBB24FCB69004 - c:\program files\real\realplayer\Netscape6\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
0FCEAA7D12B7B0BA825E5C770B1DCA48 - c:\program files\real\realplayer\Netscape6\nprpplugin.dll - RealPlayer Download Plugin
D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.250.17
36FBE76F4F51396B0F70FC95CD7481D2 - C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll - Pando Web Plugin
BE126CB7049E89ED6F3038016668B502 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
EAC427FEF96A13058C1ACD17C38966CF - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
96B3689320E9B16EDF38B7A5001C35F0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
F8CB60A5ACA5D73807ECBD9942A8BCB7 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin
3F9F8E0F93D6FA7B7552077A3DF171DE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
4676A8E1EE37E71486717ECD1E61C17B - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director
87A356753B2208461DA361B13E7E909C - C:\Users\Nekut Karel\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player
79039398587F475ADA606D1A3B740A63 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll - DivX VOD Helper Plug-in
0BD343C45B4ECCF8D6AF94D6C3ADC310 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
AC421A44DE902F2627F1E63793ED89CD - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery
AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
6F120933F87E7DEC972476170288A267 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
fgnippahjheicjenccifemomfgjofdhp - No path found[]
gglnjgnjggmhfpkpnpokpehfliinbked - No path found[]
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[14.08.2013 14:24]
mbdhghebimmhhklklcllaaeeddccckne - No path found[]
mhfdcmehmjcclgopdodkjdicohagipid - No path found[]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mhfdcmehmjcclgopdodkjdicohagipid - No path found[]
YTTBookMark - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
Replies and more for Google - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YTTBookMark - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
YTTBookMark - ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
Replies and more for Google - ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YTTBookMark - ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
YTTBookMark - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
Replies and more for Google - Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YTTBookMark - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
YTTBookMark - Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
RealDownloader - Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji
YTTBookMark - Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
YTTBookMark - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
Replies and more for Google - UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YTTBookMark - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc
Replies and more for Google - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea
YoutubeAdblocker - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco
wEbSaave - UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh
==== Chromium Fix ======================
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.babylon.com_0.localstorage deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.babylon.com_0.localstorage-journal deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.teentubesearch.com_0.localstorage deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.teentubesearch.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hkbaaeecbegaojagnaelpnphpfgaedco_0.localstorage deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\hkbaaeecbegaojagnaelpnphpfgaedco deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\cgpampeffbnfjeeiincbjiaifoacaobc deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\fgmhgfecnmeljhchgcjlfldjiepcfpea deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fgmhgfecnmeljhchgcjlfldjiepcfpea_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\ASPNET\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\ASPNET\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Guest\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Nekut Karel\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\UpdatusUser\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\UpdatusUser\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ofppcmfkokphakdifohgbcedaijhoneh_0.localstorage deleted successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ofppcmfkokphakdifohgbcedaijhoneh deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
No DefaultScope Set For HKCU
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{06438E61-96B0-469D-B02C-66A9F0CD445D} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_13415"
{127AF1D4-B427-490A-B473-A5DB21B989F2} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_13415"
{87658861-BBF5-4000-BC1C-086AC2C01B4F} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{89477CA7-DD6D-4315-8637-EA8B3470ADF1} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_13415"
{9C8C6A44-FA42-404D-A37D-850537F48036} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415"
{B715DBDD-57F4-4929-B9A6-A9A62FE037DB} WebHledani Url="http://www.webhledani.cz/results.aspx?i=39&tp=ie&q={searchTerms}"
{D0942AF2-A0E6-4950-90D8-F66ABE50533A} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_13415"
{E88E0043-C9D4-4e33-8555-FEE4F5B63060} mail.ru: ????? ? ????????? Url="http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb"
{F924169D-65E0-4A8A-9175-882FEC15076A} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_13415"
{FFCA075F-94E4-4732-A9D8-4B8C644FF276} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_13415"
==== Reset Google Chrome ======================
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_USERS\S-1-5-21-3175436897-955967646-652882917-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\fgnippahjheicjenccifemomfgjofdhp deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gglnjgnjggmhfpkpnpokpehfliinbked deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mbdhghebimmhhklklcllaaeeddccckne deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\mhfdcmehmjcclgopdodkjdicohagipid deleted successfully
==== Empty IE Cache ======================
C:\Users\Nekut Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Nekut Karel\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Nekut Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\Nekut Karel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=2103 folders=279 317899543 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Nekut\AppData\Local\temp emptied successfully
C:\Users\Nekut Karel\AppData\Local\temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\temp emptied successfully
C:\Users\KJA~1\AppData\Local\temp emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\NEKUTK~1\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Nekut Karel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted
==== EOF on po 27.10.2014 at 23:01:35,82 ======================