
Zoek.exe v5.0.0.1 Updated 22-November-2015
Tool run by Natalia on wo 25/11/2015 at 13:30:26,94.
╠рщъЁюёюЇЄ Windows 10 Pro 10.0.10240  x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Natalia\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

25/11/2015 13:31:59 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\Program Files\Adobe deleted successfully
C:\Program Files\ca373d01-2b6e-4153-b669-af6ed8d41ee2 deleted successfully
C:\Program Files\R.G. Catalyst deleted successfully
C:\Program Files\Sony Mobile deleted successfully
C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~2\Comms deleted successfully
C:\PROGRA~2\SoftwareDistribution deleted successfully
C:\PROGRA~2\Sony Mobile deleted successfully
C:\Users\DefaultAppPool\AppData\LocalLow deleted successfully
C:\Users\Natalia\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Natalia\AppData\Local\EmieSiteList deleted successfully
C:\Users\Natalia\AppData\Local\EmieUserList deleted successfully
C:\Users\Natalia\AppData\Local\NetworkTiles deleted successfully
C:\Users\Natalia\AppData\Local\Opera Software deleted successfully
C:\Users\Natalia\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\SharedTaskScheduler\{E31004D1-A431-41B8-826F-E902F9D95C81} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Myfejozi deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\QQPCRTP deleted successfully

==== Batch Command(s) Run By Tool======================


Сброс каталога Winsock выполнен успешно.
Необходимо перезагрузить компьютер, чтобы завершить сброс.


==== Deleting Files \ Folders ======================

C:\Program Files\Adobe not found
C:\Program Files\ca373d01-2b6e-4153-b669-af6ed8d41ee2 not found
C:\Program Files\R.G. Catalyst not found
C:\Program Files\Sony Mobile not found
C:\Program Files\ca373d01-2b6e-4153-b669-af6ed8d41ee2 not found
C:\Program Files\Reg Organizer deleted
C:\PROGRA~2\Adobe deleted
C:\Program Files\Wise\Wise Registry Cleaner deleted
C:\PROGRA~2\fontcacheev1.dat deleted
C:\PROGRA~2\KingSoft deleted
C:\PROGRA~2\Package Cache deleted
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Lavasoft\WebCompanion.exe_Url_f5db2c2eotb405zbclgx4obr3tgwdj1t deleted
C:\WINDOWS\system32\config\systemprofile\AppData\Local\LavasoftTcpService deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\Users\Natalia\AppData\LocalLow\Unity deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted
C:\WINDOWS\System32\d3dx9_11.dll.tmp deleted
C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\ty9f2m6v.default\searchplugins\google-avast.xml deleted
C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\ty9f2m6v.default\.autoreg deleted
C:\Users\Natalia\AppData\Local\Nimline.exe.config deleted
"C:\Users\Natalia\AppData\Roaming\9moc87nWpX9UhpfY" deleted
"C:\Users\Natalia\AppData\Roaming\FAR5IYpdsBmpcBtfzB" deleted
"C:\Users\Natalia\AppData\Roaming\ibj7QMS" deleted
"C:\Users\Natalia\AppData\Roaming\liAfONK1SaRwmMfYptNVx3gezVQ" deleted
"C:\Users\Natalia\AppData\Roaming\p2YEhfmLP4WfUj8Ww3cSIwI6ceY" deleted
"C:\Users\Natalia\AppData\Roaming\rEBV6IDTaN2eY" deleted
"C:\Users\Natalia\AppData\Roaming\S5Sbw0kNzorauhwGCjOt" deleted
"C:\Users\Natalia\AppData\Roaming\UFJGaTK" deleted
"C:\Users\Natalia\AppData\Roaming\zDRIY7CAuVJMU" deleted
"C:\Users\Natalia\AppData\Roaming\ZkRhvzmurNS7AtzKGhyNi1S" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2015-11-20 11:03:14	08CFBE8D43EE0451FCC31EC50319A0BE	43112	----a-w-	C:\WINDOWS\avastSS.scr
====== C:\Users\Natalia\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\system32 =====
2015-11-25 12:24:18	CAE832FBE92EAD7966A72009489DCE73	16148	----a-w-	C:\WINDOWS\System32\PC_Natalia_HistoryPrediction.bin
2015-11-20 11:04:35	829CE05F4A730F315D73DF63A62158B3	322760	----a-w-	C:\WINDOWS\System32\aswBoot.exe
====== C:\WINDOWS\system32\drivers =====
2015-11-20 11:03:30	A3A34642B0C91373012D3559BCB8F3BD	117200	----a-w-	C:\WINDOWS\System32\drivers\aswStm.sys
2015-11-20 11:03:30	824C79CEB9E07D09038F1CA23D192E24	794952	----a-w-	C:\WINDOWS\System32\drivers\aswSnx.sys
2015-11-20 11:03:30	43430E3A5E8247D6358B193E0B194754	209432	----a-w-	C:\WINDOWS\System32\drivers\aswVmm.sys
2015-11-20 11:03:30	3B7B2B5A8460A56843B570A4627CAE1D	49776	----a-w-	C:\WINDOWS\System32\drivers\aswRvrt.sys
2015-11-20 11:03:30	2F4E2BB595534EDF3577FFBBDC345A9B	81728	----a-w-	C:\WINDOWS\System32\drivers\aswRdr2.sys
2015-11-20 11:03:30	2E4613ABDFAC02310E81FF7CC43DC98F	81168	----a-w-	C:\WINDOWS\System32\drivers\aswMonFlt.sys
2015-11-20 11:03:30	0ADE64EDF43FF90925668C0F46707AF4	24016	----a-w-	C:\WINDOWS\System32\drivers\aswHwid.sys
2015-11-20 11:03:30	0751A25CB431D4916594FC494B961EAD	435464	----a-w-	C:\WINDOWS\System32\drivers\aswSP.sys
2015-11-09 17:57:00	E227DC78179B86D386270CFA3CB9B65D	51928	----a-w-	C:\WINDOWS\System32\drivers\mwac.sys
2015-11-09 17:57:00	40C7F4B63337414F967AC53E0520B06B	23256	----a-w-	C:\WINDOWS\System32\drivers\mbam.sys
2015-11-09 17:57:00	3E2734AA7760B06E91F2F30CFD67DB0B	94936	----a-w-	C:\WINDOWS\System32\drivers\mbamchameleon.sys
2015-11-09 17:49:53	12E71DA845D76665B56753AD149E32B3	110296	----a-w-	C:\WINDOWS\System32\drivers\48230029.sys
2015-11-09 17:47:00	5023F594D5448E16F920157174C61358	170200	----a-w-	C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
====== C:\WINDOWS\Tasks ======
2015-11-19 21:32:40	B33EB9DF5E313F8C47ECC6ADC7E043F9	3686	----a-w-	C:\WINDOWS\system32\Tasks\{FC59D4C8-4AA0-4709-B617-B79024DA0613}
2015-11-09 18:49:42	--------	d-----w-	C:\WINDOWS\system32\Tasks\WiseCleaner
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-11-20 10:52:54	--------	d-----w-	C:\Program Files\trend micro
2015-11-20 10:50:50	--------	d-----w-	C:\Program Files\Common Files\Java
2015-11-19 21:27:09	--------	d-----w-	C:\Program Files\Common Files\Tech-Dax
2015-11-19 21:17:30	--------	d-----w-	C:\Program Files\Opera
2015-11-09 18:49:39	--------	d-----w-	C:\Program Files\Wise
======= C: =====
2015-11-03 10:03:03	A6799D0F42122C0D1E28655C10DB2707	30	----a-w-	C:\AVScanner.ini
====== C:\Users\Natalia\AppData\Roaming ======
2015-11-25 12:49:20	--------	d-----w-	C:\Users\Natalia\AppData\Local\PeerDistRepub
====== C:\Users\Natalia ======
2015-11-20 11:03:45	--------	d-----w-	C:\WINDOWS\system32\config\systemprofile\.oracle_jre_usage
2015-11-20 11:02:32	66B0B6644EACF13A55110AC1ED012FE5	5082360	----a-w-	C:\Users\Natalia\Downloads\avast_free_antivirus_setup_online.exe
2015-11-20 10:52:32	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Natalia\Downloads\RSIT.exe
2015-11-20 10:50:42	--------	d-----w-	C:\Users\Natalia\.oracle_jre_usage
2015-11-20 10:49:52	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Natalia\Downloads\JavaSetup8u66.exe
2015-11-19 21:31:43	3BC8A1F156BCB1EBB190418FCDA4739D	1732096	----a-w-	C:\Users\Natalia\Downloads\adwcleaner_5.021.exe
2015-11-09 18:55:05	E27DF35861B594F53718007A2DD26690	163840	----a-w-	C:\WINDOWS\serviceprofiles\networkservice\NTUSER.rhk
2015-11-09 18:55:05	CDD909B75FDF2706D9655B2E6D07C8BE	167936	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\NTUSER.rhk
2015-11-09 18:49:41	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wise Registry Cleaner

====== C: exe-files ==
2015-11-20 11:04:35	829CE05F4A730F315D73DF63A62158B3	322760	----a-w-	C:\WINDOWS\System32\aswBoot.exe
2015-11-20 11:02:32	66B0B6644EACF13A55110AC1ED012FE5	5082360	----a-w-	C:\Users\Natalia\Downloads\avast_free_antivirus_setup_online.exe
2015-11-20 10:52:54	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Natalia.exe
2015-11-20 10:52:32	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\Natalia\Downloads\RSIT.exe
2015-11-20 10:50:22	FDF059C05249FAEA0221ED65CD59A9C8	68192	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\javacpl.exe
2015-11-20 10:50:22	F003BBCB09CACF8A9F4CE0C67A2D6E63	278624	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\javaws.exe
2015-11-20 10:50:22	EFC80BC662BCC20B0B09700636FDC732	30816	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\jabswitch.exe
2015-11-20 10:50:22	D8EEED21B06866E85DA30485F5059FF6	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\servertool.exe
2015-11-20 10:50:22	CA51FB3FE5012E21D9A14AC071527866	76896	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\jp2launcher.exe
2015-11-20 10:50:22	ADAF1151B29D2D1691FA027B6C55B3D7	50784	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\ssvagent.exe
2015-11-20 10:50:22	A9E84AD3536425BC68263B723C2442E4	191072	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\java.exe
2015-11-20 10:50:22	8977B87AB10AB1DA8769CA0053B401B0	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\jjs.exe
2015-11-20 10:50:22	7BE9BE6E15653824A28F5CED6B273588	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\klist.exe
2015-11-20 10:50:22	7BDD7F1BC2A20971DEE17B6920D61BBC	191584	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
2015-11-20 10:50:22	73368169BFD965EC6257E77C23CED879	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\rmiregistry.exe
2015-11-20 10:50:22	525027DF51378DDA25F0F52C20BCB132	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\kinit.exe
2015-11-20 10:50:22	46AB480B01CD30801B3AE89B5AAE75A8	16480	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\orbd.exe
2015-11-20 10:50:22	3B306D41F07396975ECE34A860BD9036	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\pack200.exe
2015-11-20 10:50:22	36A44033C6B970F95E2A1448F4481CEA	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\keytool.exe
2015-11-20 10:50:22	28FB06FC63D5817153B5502A49DF3F00	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\ktab.exe
2015-11-20 10:50:22	17A8DD2484DC26E38DFE3209C8B36980	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\policytool.exe
2015-11-20 10:50:22	0B82777B13B81417E5520DF7B1E8C319	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\rmid.exe
2015-11-20 10:50:22	0A3936FE18FC04350159A1E647201501	16480	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\tnameserv.exe
2015-11-20 10:50:22	092F4D3C25F3086D4C7FDEC79DD71302	159328	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\unpack200.exe
2015-11-20 10:50:22	04D67FF5044A605F1E7D923A1D6F1751	15968	----a-w-	C:\Program Files\Java\jre1.8.0_66\bin\java-rmi.exe
2015-11-20 10:49:52	54760F6D9991A94FE0B6CD83AE8377B4	584288	----a-w-	C:\Users\Natalia\Downloads\JavaSetup8u66.exe
2015-11-19 21:31:43	3BC8A1F156BCB1EBB190418FCDA4739D	1732096	----a-w-	C:\Users\Natalia\Downloads\adwcleaner_5.021.exe
2015-11-19 21:27:09	31796F4BF5019C4E08BCA72A177EE935	792576	----a-w-	C:\Program Files\Common Files\Tech-Dax\uninstall.exe
2015-11-18 18:47:19	E56EA3AB74D3848B40F74454931B0C0C	59392	----a-w-	C:\Users\Natalia\AppData\Roaming\WindowsUpdater\Updater.exe
=== C: other files ==
2015-11-20 11:03:30	A3A34642B0C91373012D3559BCB8F3BD	117200	----a-w-	C:\WINDOWS\System32\drivers\aswStm.sys
2015-11-20 11:03:30	824C79CEB9E07D09038F1CA23D192E24	794952	----a-w-	C:\WINDOWS\System32\drivers\aswSnx.sys
2015-11-20 11:03:30	43430E3A5E8247D6358B193E0B194754	209432	----a-w-	C:\WINDOWS\System32\drivers\aswVmm.sys
2015-11-20 11:03:30	3B7B2B5A8460A56843B570A4627CAE1D	49776	----a-w-	C:\WINDOWS\System32\drivers\aswRvrt.sys
2015-11-20 11:03:30	2F4E2BB595534EDF3577FFBBDC345A9B	81728	----a-w-	C:\WINDOWS\System32\drivers\aswRdr2.sys
2015-11-20 11:03:30	2E4613ABDFAC02310E81FF7CC43DC98F	81168	----a-w-	C:\WINDOWS\System32\drivers\aswMonFlt.sys
2015-11-20 11:03:30	0ADE64EDF43FF90925668C0F46707AF4	24016	----a-w-	C:\WINDOWS\System32\drivers\aswHwid.sys
2015-11-20 11:03:30	0751A25CB431D4916594FC494B961EAD	435464	----a-w-	C:\WINDOWS\System32\drivers\aswSP.sys
2015-11-20 10:50:22	4DB4B1F67E583B41F841F48254BE38E3	14130	----a-w-	C:\Program Files\Java\jre1.8.0_66\lib\deploy\ffjcext.zip
2015-11-19 21:19:40	F336FA65E2D1664580E96318DAB22736	8983	----a-w-	C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\p33u20l9.default\extensions\{6b17b608-68bd-431e-8aab-95763f7a4e9c}.xpi
2015-11-18 19:50:24	0244F98F309F4DD48713ABF16D080881	8987	----a-w-	C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\p33u20l9.default\extensions\{41762469-d88f-478c-9684-72ed23ef7b22}.xpi

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"="C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\System32\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-2145543469-1690660646-1235608541-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"sidebar.exe"="C:\Program Files\Windows Sidebar\sidebar.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Web Companion"="C:\Program Files\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\x86\CLIStart.exe MSRun"
"SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"sidebar.exe"="C:\Program Files\Windows Sidebar\sidebar.exe"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\GoogleChromeAutoLaunch_C5E79778299007E859DD55DA6DAA4CC2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="GoogleChromeAutoLaunch_C5E79778299007E859DD55DA6DAA4CC2"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe\" --no-startup-window"


==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [01/08/2015 07:35]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\system32\tasks\User_Feed_Synchronization-{29C96B9B-E08B-49C2-B257-8B72DCF5EEE6}" [C:\Windows\system32\msfeedssync.exe]
"C:\WINDOWS\system32\tasks\WiseCleaner\WRCSkipUAC" [C:\Program Files\Wise\Wise Registry Cleaner\WiseRegCleaner.exe]

==== Firefox Proxy Settings ======================

ProfilePath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\p33u20l9.default
user_pref("network.proxy.type", 5);

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [20/11/2015 12:04]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\p33u20l9.default
- site_navigation - %ProfilePath%\extensions\jid1-ACEVYbPA2OS89A@jetpack.xpi
- Wooden Seal 1.0.1 - %ProfilePath%\extensions\{41762469-d88f-478c-9684-72ed23ef7b22}.xpi
- Wooden Seal 1.0.1 - %ProfilePath%\extensions\{6b17b608-68bd-431e-8aab-95763f7a4e9c}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\ty9f2m6v.default
- FireFox - %ProfilePath%\extensions\translator@zoli.bod
- @Mail.Ru - %ProfilePath%\extensions\search@mail.ru.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Natalia\AppData\Roaming\Mozilla\Firefox\Profiles\ty9f2m6v.default
7D127425BBE91DF37448A7F44C1DDA52	- C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll -	Google Update
F0E80E561C3F715DB01ACCC97B72463A	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Photo Gallery
87BE0BCC7163A304283C5C740B6346B2	- C:\Program Files\Garmin GPS Plugin\npGarmin.dll -	Garmin Communicator Plug-In
F114FBA6246530B89DD1E04351E0EAC5	- C:\WINDOWS\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll -	Shockwave Flash
772D5D235D3120FFB792FB604DC05A8C	- C:\Users\Natalia\AppData\Local\SkypePlugin\7.6.0.291\npGatewayNpapi.dll -	Skype Web Plugin


==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[20/11/2015 12:03]
ilamgbdaebkbpkkmfmmfbnaamkhijdek - No path found[]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[12/10/2015 09:31]
ofdgafmdegfkhfdfkmllfefmcmcjllec - No path found[]
pnooffjhclkocplopffdbcdghmiffhji - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
dbaonaocldpohelilahfhnkmjankmbcc - No path found[]

Google Drive - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
╨Т╨Ъ╨╛╨╜╤В╨░╨║╤В╨╡ - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cffjjlhdhdcmaailglcedackabgpjbfa
selector is not a valid CSS selector - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Adblock for Youtube - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
AdBlock - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Avast Online Security - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
╨Т╨Ъ╨╛╨╜╤В╨░╨║╤В╨╡ https - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgohclaempehkldbfcmbiombldcdbijh
Chrome Web Store Payments - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Last updated at time on date - Natalia\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch
Google Docs - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
CinemaPlus-4.2vV11.08 - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh
Avast Online Security - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki
Chrome Hotword Shared Module - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lccekmodgklaepjeofjdjpbminllajkg
Google Wallet - Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
╨г╨╜╨╕╨▓╨╡╤А╤Б╨░╨╗╤М╨╜╤Л╨╣ ╨┐╨╡╤А╨╡╨▓╨╛╨┤ ╨┤╨╗╤П Chrome - Natalia\AppData\Local\Xpom\User Data\Default\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp

==== Chromium Startpages ======================

C:\Users\Natalia\AppData\Local\Nichrome\User Data\Default\Preferences
"homepage": "http://www.yandex.ru/?win=115&clid=47355",

C:\Users\Natalia\AppData\Local\Xpom\User Data\Default\Preferences
"homepage": "http://mail.ru/cnt/9824",
"urls_to_restore_on_startup": [ "http://mail.ru/cnt/9824" ]


==== Chromium Fix ======================

C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://www.google.com"
"Use Search Asst"="yes"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com"
"Default_Page_URL"="http://www.google.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Use Search Asst"="no"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{59E9C8B1-74FD-4CB6-A815-9E96102F97BD} - http://www.google.ru/search?hl=ru&q={searchTerms}
HKLM\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
HKCU\SearchScopes\{59E9C8B1-74FD-4CB6-A815-9E96102F97BD} - http://www.google.ru/search?hl=ru&q={searchTerms}
HKCU\SearchScopes\{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} - https://www.google.com/search?trackid=sp-006&q={searchTerms}
HKCU\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} - http://go.mail.ru/search?q={SearchTerms}&fr=ntg&gp=blackbear16

==== Empty IE Cache ======================

C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\F8TXM51B will be deleted at reboot
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\G96UCWCU will be deleted at reboot
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\OGPNDX77 will be deleted at reboot
C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\T8YEJLS1 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Natalia\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=309 folders=57 37414265 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Natalia\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\F8TXM51B" not found
"C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\G96UCWCU" not found
"C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\OGPNDX77" not found
"C:\Users\Natalia\AppData\Local\Microsoft\Windows\INetCache\IE\T8YEJLS1" not found

==== EOF on wo 25/11/2015 at 14:01:23,78 ======================