PowerOpa | 18.04.2013 10:33 | Schritt 1: Erledigt. Hier das Log: Code:
Zoek.exe Version 4.0.0.2 Updated 17-April-2013
Tool run by Moni on 18.04.2013 at 11:07:53,70.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
==== System Restore Info ======================
18.04.2013 11:08:58 Zoek.exe System Restore Point Created Succesfully.
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Internet Explorer\SearchScopes\{F8802592-0820-4C8E-8F14-5A9A73230B83} deleted successfully
==== Deleting CLSID Registry Values ======================
==== FireFox Fix ======================
ProfilePath: C:\Users\Moni\AppData\Roaming\Mozilla\Firefox\Profiles\g2kn9ezw.default
---- Lines funmoods removed from prefs.js ----
user_pref("extensions.funmoods.aflt", "nv1");
user_pref("extensions.funmoods.appId", "{EA28B360-05E0-4F93-8150-02891F1D8D3C}");
user_pref("extensions.funmoods.brwsrsrc", "ietlbr");
user_pref("extensions.funmoods.cntry", "DE");
user_pref("extensions.funmoods.cv", "cv5");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.dfltSrch", true);
user_pref("extensions.funmoods.dfltlng", "en");
user_pref("extensions.funmoods.dfltsrch", true);
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods.envrmnt", "production");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods.hdrMd5", "B55864D99EBC61E40E68592AACA77361");
user_pref("extensions.funmoods.hmpg", true);
user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=");
user_pref("extensions.funmoods.hrdid", "7A79000000007948");
user_pref("extensions.funmoods.id", "7A79000000007948");
user_pref("extensions.funmoods.instlDay", "15759");
user_pref("extensions.funmoods.instlRef", "");
user_pref("extensions.funmoods.instlday", "15759");
user_pref("extensions.funmoods.instlref", "");
user_pref("extensions.funmoods.isdcmntcmplt", false);
user_pref("extensions.funmoods.keywordurl", "");
user_pref("extensions.funmoods.mntrvrsn", "1.3.0");
user_pref("extensions.funmoods.monitorreport", true);
user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=");
user_pref("extensions.funmoods.newtab", "false");
user_pref("extensions.funmoods.newtaburl", "hxxp://searchfunmoods.com/?f=2&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=");
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.prtnrid", "funmoods");
user_pref("extensions.funmoods.savedVrsnTs", "1");
user_pref("extensions.funmoods.sg", "none");
user_pref("extensions.funmoods.smplgrp", "free");
user_pref("extensions.funmoods.srch", "");
user_pref("extensions.funmoods.srchPrvdr", "Funmoods");
user_pref("extensions.funmoods.srchprvdr", "Funmoods");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=&q=");
user_pref("extensions.funmoods.tlbrid", "base");
user_pref("extensions.funmoods.tlbrsrchurl", "hxxp://searchfunmoods.com/?f=3&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=&q=");
user_pref("extensions.funmoods.vrsn", "1.8.11.0");
user_pref("extensions.funmoods.vrsni", "1.8.11.0");
user_pref("extensions.funmoods.vrsnts", "");
user_pref("extensions.funmoods_i.hmpg", true);
user_pref("extensions.funmoods_i.newTab", false);
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods_i.vrsnTs", "1.8.11.019:5:48");
---- Lines funmoods modified from prefs.js ----
---- Lines funmoods removed from user.js ----
user_pref("extensions.funmoods.hmpg", true);
user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=");
user_pref("extensions.funmoods.dfltSrch", true);
user_pref("extensions.funmoods.srchPrvdr", "Funmoods");
user_pref("extensions.funmoods.dnsErr", true);
user_pref("extensions.funmoods_i.newTab", false);
user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=");
user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=nv1&cd=2XzuyEtN2Y1L1QzuyB0AyBzytDtDtDtDtDtDtDtDyBzyyEzztN0D0Tzu0CyEtBtDtN1L2XzutBtFtBtFtCtFyDtDtAtN1L1Czu1G2XtC&cr=515290491&ir=&q=");
user_pref("extensions.funmoods.id", "7A79000000007948");
user_pref("extensions.funmoods.instlDay", "15759");
user_pref("extensions.funmoods.vrsn", "1.8.11.0");
user_pref("extensions.funmoods.vrsni", "1.8.11.0");
user_pref("extensions.funmoods_i.vrsnTs", "1.8.11.019:5:48");
user_pref("extensions.funmoods.prtnrId", "funmoods");
user_pref("extensions.funmoods.prdct", "funmoods");
user_pref("extensions.funmoods.aflt", "nv1");
user_pref("extensions.funmoods_i.smplGrp", "none");
user_pref("extensions.funmoods.tlbrId", "base");
user_pref("extensions.funmoods.instlRef", "");
user_pref("extensions.funmoods.dfltLng", "");
user_pref("extensions.funmoods.appId", "{EA28B360-05E0-4F93-8150-02891F1D8D3C}");
user_pref("extensions.funmoods.excTlbr", false);
user_pref("extensions.funmoods_i.hmpg", true);
---- Lines delta removed from prefs.js ----
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.id", "28487948000000000000002682ab97e1");
user_pref("extensions.delta.instlDay", "15699");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.4.1");
user_pref("extensions.delta.vrsni", "1.8.4.1");
user_pref("extensions.delta_i.excTlbr", false);
user_pref("extensions.delta_i.smplGrp", "none");
user_pref("extensions.delta_i.vrsnTs", "1.8.4.116:37:15");
---- Lines delta modified from prefs.js ----
---- Lines delta removed from user.js ----
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "28487948000000000000002682ab97e1");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15699");
user_pref("extensions.delta.vrsn", "1.8.4.1");
user_pref("extensions.delta.vrsni", "1.8.4.1");
user_pref("extensions.delta_i.vrsnTs", "1.8.4.116:37:15");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta_i.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta_i.excTlbr", false);
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.admin", false);
---- FireFox user.js and prefs.js backups ----
user__1118_.backup
prefs__1118_.backup
==== Deleting Files \ Folders ======================
"C:\Users\Moni\AppData\Roaming\Mozilla\Firefox\Profiles\g2kn9ezw.default\searchplugins\Funmoods.xml" deleted
"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted
"C:\Users\Moni\AppData\Roaming\Mozilla\Firefox\Profiles\g2kn9ezw.default\searchplugins\askcom.xml" deleted
"C:\Users\Moni\AppData\Roaming\Mozilla\Firefox\Profiles\g2kn9ezw.default\searchplugins\Search_Results.xml" deleted
"C:\Program Files (x86)\Optimizer Pro" deleted
"C:\Program Files (x86)\Conduit" deleted
"C:\ProgramData\Browser Manager" deleted
"C:\ProgramData\APN" deleted
"C:\ProgramData\InstallMate" deleted
"C:\ProgramData\Tarma Installer" deleted
"C:\ProgramData\Premium" deleted
"C:\ProgramData\Babylon" deleted
"C:\Users\Moni\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Movie2KDownloader.com" deleted
"C:\Users\Moni\AppData\Local\CRE" deleted
"C:\Users\Moni\AppData\Local\PutLockerDownloader" deleted
"C:\Users\Moni\AppData\Local\PackageAware" deleted
"C:\Users\Moni\AppData\Local\Conduit" deleted
"C:\Users\Moni\AppData\LocalLow\Conduit" deleted
"C:\Users\Moni\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc" deleted
==== Files Recently Created / Modified ======================
====== C:\Windows ====
2013-04-18 08:56:23 8C0E100191448D5C997C1D39F98EF4E9 41664 ----a-w- C:\Windows\avastSS.scr
====== C:\Users\Moni\AppData\Local\Temp ====
2013-04-17 12:19:54 1B80378EA920FCD0EA146B28C3DBA2AE 6 ----a-w- C:\Users\Moni\AppData\Local\Temp\propsys.dll
2013-04-17 12:19:53 5BB7F9160A555D16C1C4C8914C976043 9 ----a-w- C:\Users\Moni\AppData\Local\Temp\BundleSweetIMSetup.exe
2013-04-17 12:19:52 D2B48C62D4E77881DF37119BBADB8A0F 11 ----a-w- C:\Users\Moni\AppData\Local\Temp\MybabylonTB.exe
2013-04-15 14:20:40 D460DB95ACF9C61C647B2E3439B52529 41472 ----a-w- C:\Users\Moni\AppData\Local\Temp\FINALISE.exe
====== C:\Windows\SysWOW64 =====
2013-04-10 19:09:29 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb
2013-04-10 19:09:27 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll
2013-04-10 19:09:27 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll
2013-04-10 19:09:22 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll
2013-04-10 19:09:21 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe
2013-04-10 19:09:21 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\SysWOW64\url.dll
2013-04-10 19:09:18 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\SysWOW64\urlmon.dll
2013-04-10 19:09:17 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl
2013-04-10 19:09:14 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll
2013-04-10 19:09:12 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll
2013-04-10 19:09:09 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll
2013-04-10 19:09:09 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll
2013-04-10 19:09:05 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll
2013-04-10 19:09:05 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll
2013-04-10 19:08:58 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\SysWOW64\mshtml.dll
2013-04-10 19:08:48 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\SysWOW64\ieframe.dll
2013-04-10 05:48:33 52D33A22DE04BD9F40E1B1A28B46A95C 3217408 ----a-w- C:\Windows\SysWOW64\mstscax.dll
2013-04-10 05:48:30 F5562EFA9E4867D30EC2330B80FCB25C 131584 ----a-w- C:\Windows\SysWOW64\aaclient.dll
2013-04-10 05:48:29 2A6BFDEDF2C57923E78F970BB15D7E7D 36864 ----a-w- C:\Windows\SysWOW64\tsgqec.dll
2013-04-10 05:47:30 2DFAB8C3C394E95D262E1325BDA5DFE4 3913560 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe
2013-04-10 05:47:29 88355CFE81D381F93C74716DAA803587 3968856 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe
2013-04-10 05:47:21 7F21DA4760CE9B4B1B12CBC58C2A642A 6656 ----a-w- C:\Windows\SysWOW64\apisetschema.dll
2013-04-08 08:55:14 91B4AAD4412BB223B466F3DFB43E86DA 452440 ----a-w- C:\Windows\SysWOW64\d3dx10_40.dll
2013-04-08 08:55:14 3384134EEB8F223178C2EB8323003EC0 2036576 ----a-w- C:\Windows\SysWOW64\D3DCompiler_40.dll
2013-04-08 08:55:10 EEA5E428CE63804F9B12D21C97B5968F 4379984 ----a-w- C:\Windows\SysWOW64\D3DX9_40.dll
2013-04-08 08:54:28 499210C45AFEAADEE8CF4DCF7D5E570B 266088 ----a-w- C:\Windows\SysWOW64\xactengine2_8.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2013-04-10 19:09:30 5281583B59E5FDB6D55E33B0906D0BFC 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb
2013-04-10 19:09:28 AC3FF334360EC9E25C9B794DC37399DC 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll
2013-04-10 19:09:21 737DF2559F880FEC73AA831C8AC8FC4A 248320 ----a-w- C:\Windows\Sysnative\ieui.dll
2013-04-10 19:09:21 15F628A67C9C88502107320E3206982F 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe
2013-04-10 19:09:20 566BDBDF479261EA6555B422573BCB95 237056 ----a-w- C:\Windows\Sysnative\url.dll
2013-04-10 19:09:18 D3A6792AED4841B4D055C7C80C815BB7 1346560 ----a-w- C:\Windows\Sysnative\urlmon.dll
2013-04-10 19:09:17 2A0AD3BE38087708D03F4A1A80A1C655 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl
2013-04-10 19:09:15 B54C6B8CBF6F556C9930110164EB63E4 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll
2013-04-10 19:09:14 12F5FB993723BF607370C9B74EC32BF6 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll
2013-04-10 19:09:12 A4F6142CABA82FB7293ECE5FF864B440 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll
2013-04-10 19:09:11 A13792C4E26F54181B9E9B5B0C958B22 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll
2013-04-10 19:09:08 A072A3C7FD6247F1446D26A6929BDFD7 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll
2013-04-10 19:09:08 76D2D5929F5901392703C5F709AC277A 816640 ----a-w- C:\Windows\Sysnative\jscript.dll
2013-04-10 19:09:06 8D4DEA45FCDF9FCFD9E31232A07E6EF9 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll
2013-04-10 19:08:56 1154FEFC73880A2EF44295EF0DBDC59F 17817088 ----a-w- C:\Windows\Sysnative\mshtml.dll
2013-04-10 19:08:50 652B60C9C4D5391FF0970B9086702E8F 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll
2013-04-10 05:48:35 F4C640E85DB6450CB221E5224AA2AB51 3717632 ----a-w- C:\Windows\Sysnative\mstscax.dll
2013-04-10 05:48:30 9F5C2F0CFEF95B4653E21443CDC0D587 158720 ----a-w- C:\Windows\Sysnative\aaclient.dll
2013-04-10 05:48:29 CE4157E4B1E5041D252EF38EB61E9F0C 44032 ----a-w- C:\Windows\Sysnative\tsgqec.dll
2013-04-10 05:48:11 86F96630D28523F1C402C783F046DEF1 3153408 ----a-w- C:\Windows\Sysnative\win32k.sys
2013-04-10 05:47:40 AC3232ED772403D38D64C18CD5A66FBD 5550424 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe
2013-04-10 05:47:24 F0371DE302FFFF8F086661611BE60848 112640 ----a-w- C:\Windows\Sysnative\smss.exe
2013-04-10 05:47:22 CEC1EDF4022DC4DCA40384DCEC672B0E 43520 ----a-w- C:\Windows\Sysnative\csrsrv.dll
2013-04-08 08:55:14 862586AD4B1355F7DCDE111EE0AAF350 519000 ----a-w- C:\Windows\Sysnative\d3dx10_40.dll
2013-04-08 08:55:14 37309B833480DC69FDE7DB68F9B8BC20 2605920 ----a-w- C:\Windows\Sysnative\D3DCompiler_40.dll
2013-04-08 08:55:10 29A79F0B607FAF5722D7BAF2485F632A 5631312 ----a-w- C:\Windows\Sysnative\D3DX9_40.dll
2013-04-08 08:54:28 FA485E76F94B7457767E372F47757733 409960 ----a-w- C:\Windows\Sysnative\xactengine2_8.dll
====== C:\Windows\Sysnative\drivers =====
2013-04-18 08:57:23 B217378ED9A964E15346A67FEF609A17 33400 ----a-w- C:\Windows\Sysnative\drivers\aswFsBlk.sys
2013-04-18 08:57:22 97D4D725BD32C965119E6C8E252F8C64 377920 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys
2013-04-18 08:57:17 8F90459AFB7FD4557D935CE639EF6110 70992 ----a-w- C:\Windows\Sysnative\drivers\aswRdr2.sys
2013-04-18 08:57:15 D62C10D1829C65115111C160EA956260 68920 ----a-w- C:\Windows\Sysnative\drivers\aswTdi.sys
2013-04-18 08:57:12 AB8B4D3136D18A20777036E0F0CFC5E1 1025808 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys
2013-04-18 08:57:10 E92635BB235B03ED03B17CBB59F77FA4 80816 ----a-w- C:\Windows\Sysnative\drivers\aswMonFlt.sys
2013-04-18 07:12:10 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys
2013-04-10 05:48:03 B8965FB53551B5455630A4B804D0791F 1655656 ----a-w- C:\Windows\Sysnative\drivers\ntfs.sys
2013-04-05 16:42:40 92B3172E8C14C1444682F510843A9988 19968 ----a-w- C:\Windows\Sysnative\drivers\usb8023.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\Program Files (x86) =====
2013-04-07 16:57:44 -------- d-----w- C:\Program Files (x86)\Common Files\Skype
2013-04-04 12:14:47 -------- d-----r- C:\Program Files (x86)\Skype
2013-03-25 22:32:23 -------- d-----w- C:\Program Files (x86)\Metin2
2013-03-25 15:23:20 -------- d-----w- C:\Program Files (x86)\Pando Networks
2013-03-22 15:24:38 -------- d-----w- C:\Program Files (x86)\WildTangent Games
======= C: =====
====== C:\Users\Moni\AppData\Roaming ======
2013-04-15 14:19:07 -------- d-----w- C:\users\Moni\AppData\Roaming\WinRAR
2013-04-13 06:31:29 -------- d-----w- C:\users\Moni\AppData\Roaming\FamilyVacationCalifornia
2013-04-12 09:54:44 -------- d-----w- C:\users\Moni\AppData\Roaming\SpinTop Games
2013-04-07 08:03:34 -------- d-----w- C:\users\Moni\AppData\Roaming\The Curse of the Werewolves
2013-04-04 12:15:05 -------- d-----w- C:\users\Moni\AppData\Roaming\Skype
2013-04-04 08:41:15 -------- d-----w- C:\users\Moni\AppData\Roaming\AlawarEntertainment
2013-04-04 07:52:13 -------- d-----w- C:\users\Moni\AppData\Roaming\EntwinedSoD
2013-03-25 15:23:39 -------- d-----w- C:\users\Moni\AppData\Local\PMB Files
2013-03-23 19:11:23 -------- d-----w- C:\users\Moni\AppData\Roaming\ATI
2013-03-23 12:58:25 -------- d-----w- C:\users\Moni\AppData\Roaming\InstallShield
2013-03-23 12:51:49 -------- d-----w- C:\users\Moni\AppData\Roaming\Windows Live Writer
2013-03-23 09:59:28 -------- d-----w- C:\users\Moni\AppData\Roaming\Adobe
2013-03-23 09:57:07 -------- d-----w- C:\users\Moni\AppData\Roaming\.minecraft
====== C:\Users\Moni ======
2013-04-18 08:57:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast! Free Antivirus
2013-04-18 07:26:10 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Moni\defogger_reenable
2013-04-07 16:57:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2013-03-28 06:00:20 -------- d-----w- C:\ProgramData\Meridian93
2013-03-25 15:23:35 -------- d-----w- C:\ProgramData\PMB Files
====== C: exe-files ==
2013-04-18 09:06:55 16F337CBA3B27E1ED44C30B6EB691AD0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-758481354-1503340722-1185920961-1000\$IHLU3B1.exe
2013-04-18 08:48:55 254742ABC564A1B1CAD492E761699CB0 2883416 ----a-w- C:\Users\Moni\AppData\Local\Temp\_av_sfx.tm~ac7b7460-5ecf-418b-bfba-ba7466df0190\aswOfferTool.exe
2013-04-18 08:45:34 2D58EDD287012EA9CDAEB98175B682A7 115054456 ----a-w- C:\$Recycle.Bin\S-1-5-21-758481354-1503340722-1185920961-1000\$RHLU3B1.exe
2013-04-18 07:56:40 60BF4AE8CC40B0E3E28613657ED2EED8 377856 ----a-w- C:\Users\Moni\Desktop\gmer_2.1.19163.exe
2013-04-18 07:26:28 4ADCFEE16EE9978F06157634669D36FB 602112 ----a-w- C:\Users\Moni\Desktop\OTL.exe
2013-04-18 07:25:23 9146F21288AB749C4C729343F5F285A1 50477 ----a-w- C:\Users\Moni\Desktop\Defogger.exe
2013-04-18 07:06:00 9A821D8D62F4C60232B856E98CBA7E4F 96768 ----a-w- C:\Users\Moni\AppData\Local\Temp\7BD11CAF-6E40-458A-8189-0F48E4238582\DismHost.exe
2013-04-18 06:59:25 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-06b6da99-63cd-4a21-b3a7-7d76b0d98201\Uninstaller.exe
2013-04-18 06:59:21 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-ea97f777-6e93-446c-acf4-7b991018b7d9\Uninstaller.exe
2013-04-18 06:59:17 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-557d05f3-4d0f-423c-8984-00d0ffd2d8a1\Uninstaller.exe
2013-04-18 06:59:06 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-67520983-4b51-4e82-ae10-2ec9b91636e2\Uninstaller.exe
2013-04-18 06:59:02 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-3721db4d-be0c-40be-bdb6-6d55305eb1f3\Uninstaller.exe
2013-04-18 06:58:54 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-6954084f-6284-4f24-97ed-e8d1599681ff\Uninstaller.exe
2013-04-18 06:58:35 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-deb83118-4f4e-43c1-8c2e-aa1fb5c01156\Uninstaller.exe
2013-04-18 06:58:06 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-b75a04d8-0b8c-42a0-84f6-1ecf250be603\Uninstaller.exe
2013-04-18 06:57:59 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-8f04c98d-854b-4b12-9e4d-0586a8e4dc00\Uninstaller.exe
2013-04-18 06:57:54 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-380717d6-5647-4a8f-a3ba-a1af6e56fe11\Uninstaller.exe
2013-04-18 06:57:46 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-3af5c14d-4a82-4c0f-80c3-a23435a047b2\Uninstaller.exe
2013-04-18 06:57:38 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-1f695821-2e3c-45a4-ae8c-ae4642996899\Uninstaller.exe
2013-04-18 06:57:27 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-c768b209-2efb-4c66-b1fc-55f336c24dbf\Uninstaller.exe
2013-04-18 06:57:20 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-6604be03-ec14-429b-abb8-af41a7990711\Uninstaller.exe
2013-04-18 06:57:12 3616AB4898E6880F3D1DD128A3FE858C 352496 ----a-w- C:\Users\Moni\AppData\Local\Temp\uninstaller-WTA-10a78756-604c-4dad-a2ea-cc74d8986bc2\Uninstaller.exe
2013-04-17 12:19:53 5BB7F9160A555D16C1C4C8914C976043 9 ----a-w- C:\Users\Moni\AppData\Local\Temp\BundleSweetIMSetup.exe
2013-04-17 12:19:52 D2B48C62D4E77881DF37119BBADB8A0F 11 ----a-w- C:\Users\Moni\AppData\Local\Temp\MybabylonTB.exe
2013-04-15 14:20:40 D460DB95ACF9C61C647B2E3439B52529 41472 ----a-w- C:\Users\Moni\AppData\Local\Temp\FINALISE.exe
=== C: other files ==
2013-04-18 08:57:23 B217378ED9A964E15346A67FEF609A17 33400 ----a-w- C:\Windows\System32\drivers\aswFsBlk.sys
2013-04-18 08:57:22 97D4D725BD32C965119E6C8E252F8C64 377920 ----a-w- C:\Windows\System32\drivers\aswSP.sys
2013-04-18 08:57:17 8F90459AFB7FD4557D935CE639EF6110 70992 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2013-04-18 08:57:15 D62C10D1829C65115111C160EA956260 68920 ----a-w- C:\Windows\System32\drivers\aswTdi.sys
2013-04-18 08:57:12 AB8B4D3136D18A20777036E0F0CFC5E1 1025808 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2013-04-18 08:57:10 E92635BB235B03ED03B17CBB59F77FA4 80816 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2013-04-18 07:12:10 0BB97D43299910CBFBA59C461B99B910 25928 ----a-w- C:\Windows\System32\drivers\mbam.sys
2013-04-16 14:46:16 9C6EC530519226A95A7152763B74EE68 3643328 ----a-w- C:\Users\Moni\AppData\Roaming\.minecraft\texturepacks-mp-cache\Sphax.zip
==== Startup Registry Enabled ======================
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"
[HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Moni\AppData\Local\Akamai\netsession_win.exe"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Akamai NetSession Interface"="C:\Users\Moni\AppData\Local\Akamai\netsession_win.exe"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
==== Startup Registry Enabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
==== Startup Registry Disabled ======================
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
==== Startup Registry Disabled x64 ======================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users\Moni]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users\Moni\AppData]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users\Moni\AppData\Local]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users\Moni\AppData\Local\Temp]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\C:\Users\Moni\AppData\Local\Temp\tmpA518.tmp.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="C:\\Users\\Moni\\AppData\\Local\\Temp\\tmpA518.tmp.exe"
"hkey"="HKCU"
"command"="C:\\Users\\Moni\\AppData\\Local\\Temp\\tmpA518.tmp.exe /exenoupdates /exelang 1031 /prereqs \"0\" "
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Exetender_148]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Exetender_148"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\FreeRide Games\\GPlayer.exe\" /schedule 300000"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn Hamachi Ui]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LogMeIn Hamachi Ui"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\LogMeIn Hamachi\\hamachi-2-ui.exe\" --auto-start"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spiele Post]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spiele Post"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\OXXOGames\\GPlayer\\GameCenterNotifier.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk]
"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\AML Device Install.lnk"
"backup"="C:\\Windows\\pss\\AML Device Install.lnk.CommonStartup"
"backupExtension"=".CommonStartup"
"command"="C:\\PROGRA~2\\AMDAVT~1\\bin\\kdbsync.exe aml"
"item"="AML Device Install"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\Fax]
==== Task Scheduler Jobs ======================
C:\Windows\tasks\Adobe Flash Player Updater.job --a------ \C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27.10.2012 14:46]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27.10.2012 14:46]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
==== Firefox Plugins ======================
Profilepath: C:\Users\Moni\AppData\Roaming\Mozilla\Firefox\Profiles\g2kn9ezw.default
47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash
1C27D3E29218B6EADDB87A6B335637E3 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 6.0.320.5
9741513D6C9D76C8903BFA362AC8BF9D - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll - Nexon Game Controller
1FA3B42DA40D0F387A7899A9731A2E94 - C:\Users\Moni\AppData\Roaming\Mozilla\plugins\nppdf32.dll - Adobe Acrobat
FF030B5F429A1A8C18821E4595599C1F - C:\Users\Moni\AppData\Roaming\Mozilla\plugins\npdeployJava1.dll - Java Deployment Toolkit 6.0.300.12
15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System
==== Chrome Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
anpiogajjmckmlehhpjnojhebaidkeod - C:\Users\Moni\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx[]
engeblojhfeingnjnfpiceofljnjpldp - C:\Users\Moni\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx[]
icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[07.03.2013 00:29]
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
anpiogajjmckmlehhpjnojhebaidkeod - C:\Users\Moni\AppData\Local\CRE\anpiogajjmckmlehhpjnojhebaidkeod.crx[]
engeblojhfeingnjnfpiceofljnjpldp - C:\Users\Moni\AppData\Local\CRE\engeblojhfeingnjnfpiceofljnjpldp.crx[]
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\Moni\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[]
WiseConvert 1.3 - Moni - Default\Extensions\anpiogajjmckmlehhpjnojhebaidkeod
YouTube - Moni - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Moni - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
FileConverter 1.3 - Moni - Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp
Star Stable Online - Moni - Default\Extensions\fnlmdkpemkkigkgelegknllpmfclakkk
avast WebRep - Moni - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda
Gmail - Moni - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
==== Chrome Fix ======================
C:\Users\Moni\AppData\Local\Google\Chrome\User Data\Default\Extensions\anpiogajjmckmlehhpjnojhebaidkeod deleted successfully
C:\Users\Moni\AppData\Local\Google\Chrome\User Data\Default\Extensions\engeblojhfeingnjnfpiceofljnjpldp deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.searchnu.com/406"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="hxxp://www.google.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="hxxp://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{95B7759C-8C7F-4BF1-B163-73684A933233} AVG Secure Search Url="hxxp://isearch.avg.com/search?cid={260300C3-8786-44E3-81E2-D49DEFAC4076}&mid=494d3ec35b2247d1800ab1a22fad5a88-a02703f07077a19be9159f751d22ed12fb2a9109&lang=de&ds=ts024&pr=sa&d=2012-03-03"
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} deleted successfully
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully
HKEY_USERS\S-1-5-21-758481354-1503340722-1185920961-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{79A2B609-BBC0-4D16-9925-70CB98A6490D} deleted successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\anpiogajjmckmlehhpjnojhebaidkeod deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\anpiogajjmckmlehhpjnojhebaidkeod deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\engeblojhfeingnjnfpiceofljnjpldp deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Moni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Moni\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Moni\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Moni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
==== Empty FireFox Cache ======================
C:\users\Moni\AppData\Local\Mozilla\Firefox\Profiles\g2kn9ezw.default\Cache emptied successfully
==== Empty Chrome Cache ======================
C:\users\Moni\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
Java Cache cleared successfully
After Reboot
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\Moni\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== Deleting Files / Folders ======================
"C:\Users\Moni\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted |