Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by lucky on do 12/06/2014 at 7:22:33,98. Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lucky\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-07-074417.log 24226 bytes C:\zoek-results2014-06-09-154419.log 29115 bytes C:\zoek-results2014-06-09-192714.log 28725 bytes C:\zoek-results2014-06-10-155210.log 32255 bytes C:\zoek-results2014-06-11-054617.log 27888 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\lucky\Desktop\zoek.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ApnTBMon"=- ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 1 (Build 6001) Memory (RAM): 1014 MB CPU Info: Genuine Intel(R) CPU T2300 @ 1.66GHz CPU Speed: 1660,2 MHz Sound Card: Hoofdtelefoon (High Definition | Apparaat voor digitale uitvoer | Display Adapters: Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Atheros AR5007UG Wireless Network Adapter | Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T10N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 93,2GB | D: 18,6GB Hard Disks - Free: C: 38,4GB | D: 13,5GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 01/15/07 | MEDION - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDION WIM2120 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer version: 7.0.6001.18000 Google Chrome version: 35.0.1916.114 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-06-09 08:41:13 3D3F905B613121C24D6E58B9AE89C45B 117914063 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\lucky\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\system32 ===== 2014-06-08 14:57:57 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-06-08 14:56:10 B1799EE2C6B8435E7227844C5FC08BCC 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-06-08 14:56:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-06-08 14:56:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe ====== C:\Windows\system32\drivers ===== 2014-06-02 20:51:16 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2014-05-15 10:12:32 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-08 14:58:44 -------- d-----w- C:\Program Files\Common Files\Java 2014-06-08 14:54:30 -------- d-----w- C:\Program Files\Java 2014-06-01 17:11:52 -------- d-----w- C:\Program Files\OpenOffice 4 2014-06-01 16:57:29 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C: ===== ====== C:\Users\lucky\AppData\Roaming ====== 2014-06-11 05:39:03 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-11 05:39:03 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-11 05:39:03 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-11 05:39:03 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-11 05:39:02 -------- d-----w- C:\Users\lucky\AppData\Local\Temp 2014-06-08 15:39:19 -------- d-----w- C:\Users\lucky\AppData\Local\VNT 2014-06-07 13:40:24 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-06-03 04:52:32 -------- d-----w- C:\Users\lucky\AppData\Local\Comodo 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-06-03 04:52:32 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-06-03 04:52:31 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-06-01 17:17:53 -------- d-----w- C:\Users\lucky\AppData\Roaming\OpenOffice 2014-06-01 17:05:20 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2014-06-01 17:05:20 -------- d-----w- C:\Users\lucky\AppData\Roaming\QuickScan 2014-06-01 16:58:05 -------- d-----w- C:\Users\lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér ====== C:\Users\lucky ====== 2014-06-08 15:12:23 D2CC0BE32A64E29738B70236D6C893D8 829872 ----a-w- C:\Users\lucky\Downloads\Setup (3).exe 2014-06-08 15:12:23 8EA7333A549F5A427D4C895A97330750 829872 ----a-w- C:\Users\lucky\Downloads\Setup (4).exe 2014-06-08 15:11:31 6A167C4528C8170FD5446878B44A82BE 829872 ----a-w- C:\Users\lucky\Downloads\Setup (2).exe 2014-06-08 14:56:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-08 14:47:10 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (5).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (4).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (3).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (2).exe 2014-06-08 14:45:20 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (1).exe 2014-06-08 14:45:07 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60.exe 2014-06-08 05:56:23 FE674353FEE75F31DC1E0D38E37B4855 829872 ----a-w- C:\Users\lucky\Downloads\Setup (1).exe 2014-06-06 07:51:59 2BB12CE0DDEBB9A29CB60E9D382F696F 831320 ----a-w- C:\Users\lucky\Downloads\Setup.exe 2014-06-05 12:36:30 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (3).exe 2014-06-05 12:32:42 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\Users\lucky\Downloads\ccsetup414.exe 2014-06-05 10:03:54 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (2).exe 2014-06-05 09:45:09 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (1).exe 2014-06-05 06:33:19 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211.exe 2014-06-03 04:52:38 -------- d-----w- C:\ProgramData\e1643679903728 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData 2014-06-03 04:52:31 -------- d-----w- C:\Users\Administrator\AppData 2014-06-01 17:16:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-01 16:59:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-06-01 16:59:31 C44738F944948C6440CEA5FC65CA2869 143485940 ----a-w- C:\Users\lucky\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_enUS{1}.exe 2014-06-01 16:55:47 F2C16656B928D83BE7E95974D4C5C211 628872 ----a-w- C:\Users\lucky\Downloads\openoffice setup (1).exe 2014-06-01 16:55:28 C44738F944948C6440CEA5FC65CA2869 143485940 ----a-w- C:\Users\lucky\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_enUS.exe 2014-06-01 16:54:12 6DC34ADA17566F19668323C1937125EB 628872 ----a-w- C:\Users\lucky\Downloads\openoffice setup.exe ====== C: exe-files == 2014-06-08 15:12:23 D2CC0BE32A64E29738B70236D6C893D8 829872 ----a-w- C:\Users\lucky\Downloads\Setup (3).exe 2014-06-08 15:12:23 8EA7333A549F5A427D4C895A97330750 829872 ----a-w- C:\Users\lucky\Downloads\Setup (4).exe 2014-06-08 15:11:31 6A167C4528C8170FD5446878B44A82BE 829872 ----a-w- C:\Users\lucky\Downloads\Setup (2).exe 2014-06-08 14:57:57 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-06-08 14:56:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-06-08 14:56:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe 2014-06-08 14:54:48 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-06-08 14:54:48 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-06-08 14:54:48 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-06-08 14:54:47 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-06-08 14:54:47 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-06-08 14:54:47 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-06-08 14:54:47 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-06-08 14:54:47 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-06-08 14:54:47 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-06-08 14:54:46 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-06-08 14:54:46 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-06-08 14:54:46 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-06-08 14:54:46 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-06-08 14:54:46 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-06-08 14:54:46 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-06-08 14:54:42 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-06-08 14:54:42 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-06-08 14:54:42 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-06-08 14:54:42 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-06-08 14:54:42 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-06-08 14:54:42 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-06-08 14:50:52 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\lucky\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-06-08 14:47:10 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (5).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (4).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (3).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (2).exe 2014-06-08 14:45:20 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (1).exe 2014-06-08 14:45:07 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60.exe 2014-06-08 05:56:23 FE674353FEE75F31DC1E0D38E37B4855 829872 ----a-w- C:\Users\lucky\Downloads\Setup (1).exe 2014-06-08 05:54:33 E953D69576A1BF077E709A0231E4714C 289792 ----a-w- C:\ce39c28843466bc70f27ec762d041e\spclite.exe 2014-06-06 07:51:59 2BB12CE0DDEBB9A29CB60E9D382F696F 831320 ----a-w- C:\Users\lucky\Downloads\Setup.exe 2014-06-05 12:36:30 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (3).exe 2014-06-05 12:32:42 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\Users\lucky\Downloads\ccsetup414.exe 2014-06-05 10:03:54 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (2).exe 2014-06-05 09:45:09 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (1).exe 2014-06-05 06:33:19 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211.exe === C: other files == 2014-06-08 14:54:48 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 07:48] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000Core.job --a------ C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe [30/10/2012 11:19] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000Core" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [30/12/2011 09:25] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 11:30] Google Wallet - lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=010613&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M8GOL8ZT will be deleted at reboot C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\lucky\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=51 folders=42 10927963 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lucky\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lucky\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\M8GOL8ZT" not found ==== EOF on do 12/06/2014 at 7:44:06,39 ======================