
Zoek.exe v5.0.0.0 Updated 02-April-2015
Tool run by Doma on ne 05.04.2015 at 11:43:54.89.
Systm Microsoft Windows XP Professional 5.1.2600 Service Pack 3 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Documents and Settings\Doma\Plocha\zoek.exe [Scan all users] [Script inserted] 

==== System Restore Info ======================

5.4.2015 11:46:17 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Suspicious Entries Found ======================

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"3389:TCP"="3389:TCP:*:Enabled:@xpsp2res.dll,-22009"

==== Empty Folders Check ======================

C:\Program Files\Gabest deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\Program Files\Common Files\SWF Studio deleted successfully
C:\DOCUME~1\Doma\NABDKA~1\Programy\Imperia Online deleted successfully
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{774790e9-f9e1-49b5-bd7b-f9f80106bdd6} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{774790e9-f9e1-49b5-bd7b-f9f80106bdd6} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{338A754C-B46E-4BF2-8AC8-23DE36862AD3} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{774790e9-f9e1-49b5-bd7b-f9f80106bdd6} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Approved Extensions\{59a72499-0190-417e-b720-f5a505c0bb5d} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30CEEEA2-3742-40E4-85DD-812BF1CBB83D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{A057A204-BACC-4D26-9990-79A187E2698E} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\ext@VideoPlayerV3beta3071.net deleted successfully

==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Gabest not found
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} not found
C:\Program Files\ComPlus Applications deleted
C:\Program Files\WindowsUpdate deleted
C:\Program Files\Push to BlackBerry deleted
C:\Program Files\TransferBigFilescom Gmail Extension deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{034da674-a0d8-b53b-034d-da674a0d99d2} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\{dfc539a9-f529-6651-dfc5-539a9f52e6a7} deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\5422762606948833779 deleted
C:\Documents and Settings\Doma\.android deleted
C:\Program Files\Family Toolbar deleted
C:\Program Files\Browser Configuration Utility deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_0215tb deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_0414c deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_0814tb deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_1114tb deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Avg_Update_1214tb deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\Browser AdBlocker deleted
C:\DOCUME~1\ALLUSE~1\DATAAP~1\ICQ deleted
C:\Documents and Settings\Doma\AppData\LocalLow\DataMngr deleted
C:\WINDOWS\system32\GroupPolicy\ADM deleted
C:\WINDOWS\system32\GroupPolicy\Machine deleted
C:\WINDOWS\system32\GroupPolicy\User deleted
C:\WINDOWS\system32\GroupPolicy\gpt.ini deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [11.12.2009 19:54]

==== Chromium Look ======================

Google Chrome Version: 40.0.2214.91 (Possible outdated, latest Stable version: 41.0.2272.118)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
jhodhgjnadanaeegedlchibmgpankkkb - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta3071\ch\VideoPlayerV3beta3071.crx[]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://mysearch.avg.com?cid={7FFB462D-BA90-4DE3-89C8-D93B2B8C2CA9}&mid=0d4864af7171456186708d0c4f098bf9-d3f5169404cc9dc32862080b6340c5b0c2ed2114&lang=en&ds=AVG&coid=avgtbavg&cmpid=0215tb&pr=fr&d=2014-04-20 18:15:17&v=18.3.0.885&pid=safeguard&sg=&sap=hp"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
"Original Tabs"="C:\\Documents and Settings\\All Users\\Data aplikac\\ICQ\\ICQNewTab\\newTab.html"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{81B69B28-4182-4DC2-886E-F97FCE515EC2} Google  Url="https://www.google.com/search?q={searchTerms}"
{BE28C22E-F666-424d-B5FD-125C4AFEE34E} Hledat  Url="http://search.myheritage.com?orig=ds&q={searchTerms}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0C37B053-FD68-456a-82E1-D788EE342E6F} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0C37B053-FD68-456a-82E1-D788EE342E6F} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E} deleted successfully
HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{0C37B053-FD68-456a-82E1-D788EE342E6F} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0C37B053-FD68-456a-82E1-D788EE342E6F} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D62EC836-BF1E-4CAC-81BE-FB9179835D8E} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1482476501-573735546-1606980848-1004\Software\Microsoft\Internet Explorer\URLSearchHooks\{1C4AB6A5-595F-4e86-B15F-F93CCE2BBD48} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jhodhgjnadanaeegedlchibmgpankkkb deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{51417852-174C-88D4-34A0-D0FE7858BE47} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E8AEA11B-E60A-455E-B008-E4E763604612} deleted successfully

==== Empty IE Cache ======================

C:\Documents and Settings\Default User\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5 emptied successfully
C:\Documents and Settings\Doma\Local Settings\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=243 folders=23 20588094 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\DOCUME~1\Doma\LOCALS~1\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\RECYCLER successfully emptied

==== Deleting Files / Folders ======================

"C:\Documents and Settings\Doma\Local Settings\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on ne 05.04.2015 at 11:58:41.73 ======================
