Zoek.exe v5.0.0.0 Updated 31-07-2014 Tool run by Gebruiker on do 31-07-2014 at 10:34:08,31. Running in: Normal Mode Internet Access Detected Launched: F:\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results06-12-2012-1928.log 18846 bytes C:\zoek-results2014-07-31-060840.log 1338 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Image Converter deleted successfully C:\PROGRA~2\iMesh Applications deleted successfully C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\Nend Software deleted successfully C:\PROGRA~2\OpenSource Flash Video Splitter deleted successfully C:\PROGRA~2\SmartSound Software deleted successfully C:\PROGRA~2\Xenocode deleted successfully C:\PROGRA~3\Babylon deleted successfully C:\PROGRA~3\Canon IJ Network Tool deleted successfully C:\PROGRA~3\DAEMON Tools Pro deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Gebruiker\AppData\Roaming\0D0S1L2Z1P1B0T1P1B2Z deleted successfully C:\Users\Gebruiker\AppData\Roaming\CDXReader deleted successfully C:\Users\Gebruiker\AppData\Roaming\Eriluv deleted successfully C:\Users\Gebruiker\AppData\Roaming\ExpressFiles deleted successfully C:\Users\Gebruiker\AppData\Roaming\Fipyg deleted successfully C:\Users\Gebruiker\AppData\Roaming\GrabIt deleted successfully C:\Users\Gebruiker\AppData\Roaming\KC Softwares deleted successfully C:\Users\Gebruiker\AppData\Roaming\Logitech deleted successfully C:\Users\Gebruiker\AppData\Roaming\msnmsg deleted successfully C:\Users\Gebruiker\AppData\Roaming\nl.fier.Verjaardagskalender deleted successfully C:\Users\Gebruiker\AppData\Roaming\Octik deleted successfully C:\Users\Gebruiker\AppData\Roaming\Pyal deleted successfully C:\Users\Gebruiker\AppData\Roaming\Spotnet deleted successfully C:\Users\Gebruiker\AppData\Roaming\Systweak deleted successfully C:\Users\Gebruiker\AppData\Local\Alt.Binz deleted successfully C:\Users\Gebruiker\AppData\Local\PackageAware deleted successfully C:\Users\Gebruiker\AppData\Local\Windows Live deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully HKEY_USERS\S-1-5-21-2424054589-872369084-1117613999-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Freemake Improver deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Freemake Improver deleted successfully ==== Deleting Files \ Folders ====================== "C:\ProgramData\hkcmde.exe" not found C:\ProgramData\Freemake deleted C:\uninstall.exe deleted C:\Users\Gebruiker\AppData\Roaming\ParetoLogic deleted C:\Users\Gebruiker\AppData\Roaming\DriverCure deleted C:\Users\Gebruiker\AppData\Roaming\DSite deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Package Cache deleted C:\Users\Gebruiker\AppData\Local\avgchrome deleted C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\Windows\SysNative\roboot64.exe deleted C:\Users\Public\sdelevURL.tmp deleted C:\Users\Gebruiker\Searches deleted C:\windows\SysNative\Tasks\Express FilesUpdate deleted C:\END deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\AI_RecycleBin deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-07-31 06:06:10 FF8500511A15083BAC971D77A6A05D67 25014674 ----a-w- C:\Windows\repository.backup ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== 2014-07-27 14:27:47 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\vlc-2.1.5-win32.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-07-22 06:11:26 7F26D694BC7E78958BE38D1D9AAFC2B9 272808 ----a-w- C:\Windows\SysWOW64\javaws.exe 2014-07-22 06:11:23 FFAECE8AEC1D9CCDCEC1C55C2CA450BA 175528 ----a-w- C:\Windows\SysWOW64\java.exe 2014-07-22 06:11:23 67BE34FBF29E783691C713517102E67E 175528 ----a-w- C:\Windows\SysWOW64\javaw.exe 2014-07-22 06:11:23 419094DF76A32252ECD70730382029ED 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-07-09 06:49:47 FA886682CFC5D36718D3E436AACF10B9 497152 ----a-w- C:\Windows\Sysnative\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Gebruiker\AppData\Roaming ====== ====== C:\Users\Gebruiker ====== 2014-07-29 18:50:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-07-28 12:55:28 -------- d-----w- C:\ProgramData\Office Genuine Advantage 2014-07-22 06:11:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-07-31 06:10:01 47A10823C3A5D0B46186A199AD519ED5 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2424054589-872369084-1117613999-1000\$IY4WJJS.exe 2014-07-31 06:02:19 B6F3EFF7F38D65A0C54B11A675173300 1287168 ----a-w- C:\$Recycle.Bin\S-1-5-21-2424054589-872369084-1117613999-1000\$RY4WJJS.exe 2014-07-30 08:55:14 1C037891679C0FFC1ED271F88D9A96CF 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2424054589-872369084-1117613999-1000\$ICPJRXH.exe 2014-07-30 08:22:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\$Recycle.Bin\S-1-5-21-2424054589-872369084-1117613999-1000\$RCPJRXH.exe 2014-07-29 18:50:56 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2014-07-27 14:27:47 F78940628EB76AB6E654C19EE33F2F89 24743106 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\vlc-2.1.5-win32.exe === C: other files == 2014-07-31 06:05:37 0BE568FD1E7D6C6D64D2272649F5C716 111 ----a-w- C:\Users\Gebruiker\AppData\Local\Temp\scripttest.vbs ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2424054589-872369084-1117613999-1000\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "RocketDock"="F:\Program Files (x86)\RocketDock\RocketDock.exe" "DAEMON Tools Lite"="F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "72FE543E55C56A623C5B190740454A8A8B79F232._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service" "9356272db73b5bbca1d96677b6f61d22"="C:\ProgramData\hkcmde.exe .." "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-21-2424054589-872369084-1117613999-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5" "MDS_Menu"="C:\Program Files (x86)\CyberLink\MediaShow4\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\MediaShow4 UpdateWithCreateOnce Software\CyberLink\MediaShow\4.1" "CLMLServer"="C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe" "UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0" "UpdatePPShortCut"="C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\PowerProducer UpdateWithCreateOnce Software\CyberLink\PowerProducer\5.0" "UCam_Menu"="C:\Program Files (x86)\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\YouCam UpdateWithCreateOnce Software\CyberLink\YouCam\2.0" "LGODDFU"="C:\Program Files (x86)\lg_fwupdate\lgfw.exe blrun" "UpdatePSTShortCut"="C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite UpdateWithCreateOnce Software\CyberLink\PowerStarter" "UnlockerAssistant"="F:\Program Files (x86)\Unlocker\UnlockerAssistant.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "CanonQuickMenu"="C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon" "IJNetworkScannerSelectorEX"="C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "TrayServer"="C:\Program Files (x86)\MAGIX\Video_deluxe_16_Plus_Download-versie\TrayServer.exe" "PowerDVD13Agent"="F:\Program Files (x86)\CyberLink\PowerDVD13\PowerDVD13\PowerDVD13Agent.exe" "Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "RocketDock"="F:\Program Files (x86)\RocketDock\RocketDock.exe" "DAEMON Tools Lite"="F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun" "72FE543E55C56A623C5B190740454A8A8B79F232._service_run"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --type=service" "9356272db73b5bbca1d96677b6f61d22"="C:\ProgramData\hkcmde.exe .." "Spotify Web Helper"="C:\Users\Gebruiker\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "GoogleChromeAutoLaunch_5FEA36A39174F28C3634662B2D565CAA"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Gebruiker\AppData\Local\Microsoft\SkyDrive\16.4.6010.0727\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "EPSON Stylus DX4800 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_FATIADE.EXE /F C:\Windows\TEMP\E_SBE24.tmp /EF HKLM" "NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" ==== Startup Folders ====================== 2014-02-12 12:56:22 849 ----a-w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FSL Launcher.lnk 2014-04-23 14:18:35 1974 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Configuration Utility.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [11-12-2013 15:02] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-11-2012 17:38] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-11-2012 17:38] C:\Windows\tasks\Scheduled scanning task.job --a------ C:\PROGRA2\INTERN2\apps\COMPUT1\ANTI-V1\fsav.exe [] C:\Windows\tasks\SmartDefragUpdate.job --a------ C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe [] C:\Windows\tasks\SmartDefrag_Startup.job --a------ C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe [] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Scheduled scanning task" [C:\PROGRA~2\INTERN~2\apps\COMPUT~1\ANTI-V~1\fsav.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe] "C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefragUpdate" [C:\Program Files (x86)\IObit\Smart Defrag 2\AutoUpdate.exe] "C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe] "C:\Windows\SysNative\tasks\{0192A40B-DCFD-4B23-A156-BFDE7738074C}" [F:\Program Files (x86)\NAVIGON\NAVIGON Fresh\bin\Fresh.exe] "C:\Windows\SysNative\tasks\{1477AB2F-4917-421D-8F91-9A7476F10EAA}" [F:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe] "C:\Windows\SysNative\tasks\{15F8E606-42B7-4915-BB08-556BBD3A80C5}" [F:\Program Files (x86)\Adobe\Elements 10 Organizer\ElementsOrganizerSyncAgent.exe] "C:\Windows\SysNative\tasks\{176FA081-4802-462C-81A2-BC7BF8825B95}" [F:\Program Files (x86)\Adobe\PhotoDeluxe Home Edition 4.0\PD4.exe] "C:\Windows\SysNative\tasks\{1811402B-980F-4902-B3EF-AD5936F4F9E4}" [C:\Program Files (x86)\epson\Creativity Suite\Scan Assistant\EScanAssist.exe] "C:\Windows\SysNative\tasks\{225D35D9-5D30-4DB9-A237-0A3E54193467}" [F:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe] "C:\Windows\SysNative\tasks\{2E6C789A-B004-4C41-8D2D-B6CB3DADBE02}" [F:\Program Files (x86)\Nend Software\Radio Online\Radio Online.exe] "C:\Windows\SysNative\tasks\{31D0C0AA-85B5-48DB-97F9-12AFB836C0E0}" [C:\Program Files\AVAST Software\Avast\AvastUI.exe] "C:\Windows\SysNative\tasks\{52AC44AD-CA9E-4373-A8A5-DE2BC90C23DF}" [F:\Program Files (x86)\Games\StarWars\Zuma.exe] "C:\Windows\SysNative\tasks\{5809FBDB-D0B3-40C8-95EC-F3056F08F5BA}" [C:\Windows\twain_32\escndv\escndv.exe] "C:\Windows\SysNative\tasks\{5CFAD7AA-0F10-4EED-9C1D-1558E2AB756F}" [H:\NAVIGON\navigon.exe] "C:\Windows\SysNative\tasks\{601CBB66-D81D-4C4D-BFBC-B51368EE2F72}" [F:\Program Files (x86)\Unlocker\UnlockerAssistant.exe] "C:\Windows\SysNative\tasks\{6B914766-9D93-4C07-9DFB-97F35BD2B7FE}" [F:\Program Files (x86)\DVDFab 8 Qt\DVDFab.exe] "C:\Windows\SysNative\tasks\{6E882FB6-62DE-4A4C-ADF2-8F0B9A9F8F86}" [F:\Program Files (x86)\Nend Software\Radio Online\Radio Online.exe] "C:\Windows\SysNative\tasks\{70CB8407-A6B3-4457-909E-E9657F96B1FF}" [F:\Program Files (x86)\RocketDock\RocketDock.exe] "C:\Windows\SysNative\tasks\{747332E3-B7DA-49BC-BEC6-A896AB69D182}" [F:\Program Files (x86)\Unlocker\UnlockerAssistant.exe] "C:\Windows\SysNative\tasks\{8311E54F-D3E3-4E0E-8B7B-12C858BDCB4B}" [F:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe] "C:\Windows\SysNative\tasks\{91D5866A-D094-4276-AC0D-E0E3F48068A1}" [H:\NAVIGON\navigon.exe] "C:\Windows\SysNative\tasks\{9E04C922-6079-4071-AA79-050F53FFF7B5}" [F:\Program Files (x86)\Adobe\Photoshop Elements 10\PhotoshopElementsEditor.exe] "C:\Windows\SysNative\tasks\{A63CDD97-35A7-450E-A7D1-2742AB17C2C1}" [C:\Program Files (x86)\epson\Creativity Suite\Scan Assistant\EScanAssist.exe] "C:\Windows\SysNative\tasks\{AB8D81A2-CF97-4CF8-9DF6-9D70DBD9279A}" [F:\Program Files (x86)\Nend Software\Radio Online\Radio Online.exe] "C:\Windows\SysNative\tasks\{ACCB1B61-42BD-496C-8654-B8A65C58F6D8}" [F:\Program Files (x86)\Unlocker\UnlockerAssistant.exe] "C:\Windows\SysNative\tasks\{B3859E2E-0FE1-4FD0-B08E-82F96C3BA5A7}" [F:\Beveiliging\Unlocker.exe] "C:\Windows\SysNative\tasks\{BE479100-BC9F-4405-AB7B-ECAE0721DC2E}" [C:\Program Files (x86)\epson\Creativity Suite\Scan Assistant\EScanAssist.exe] "C:\Windows\SysNative\tasks\{C022B63E-E2BE-4BC9-AA0E-EE373BC98D45}" [F:\Program Files (x86)\AVS4YOU\AVSVideoConverter\AVSVideoConverter.exe] "C:\Windows\SysNative\tasks\{C2824B3B-4136-4D68-8D29-15661C8582F3}" [F:\Program Files (x86)\Nend Software\Radio Online\Radio Online.exe] "C:\Windows\SysNative\tasks\{C63A69CA-9745-4942-A777-7BA2EA717A5E}" [F:\Software\Spotlite portable-1.0.8 + Nostalgie skin + RoyaleBlue skin\SpotLite.exe] "C:\Windows\SysNative\tasks\{D20BEAEB-E29D-4BB9-BD24-44BD6E972CBF}" [F:\Program Files (x86)\Adobe\Photoshop Elements 10\PhotoshopElementsEditor.exe] "C:\Windows\SysNative\tasks\{DA8D8E10-E139-45E4-86A6-64E3398FE90D}" [F:\Program Files (x86)\Nend Software\Radio Online\Radio Online.exe] "C:\Windows\SysNative\tasks\{EAFA2345-CDC9-46FB-9CA5-4174688AE734}" [F:\Software\MalwareByte\Malwarebytes - Anti-Malware v1.51.1.1800.exe] "C:\Windows\SysNative\tasks\{F3FC77E1-F631-442E-9CF1-C08A4B2E7026}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\Windows\SysNative\tasks\{FC171F82-7577-4BB2-AFC7-A5CBA0374433}" [F:\Beveiliging\Unlocker.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [10-06-2014 12:39] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28-11-2013 13:06] efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[05-09-2013 16:04] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28-11-2013 13:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28-11-2013 13:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28-11-2013 13:03] jbolfgndggfhhpbnkgnpjkfhinclbigj - F:\Program Files (x86)\Freemake\Freemake Video Converter\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[13-01-2014 11:04] lpoimibckejjdjcfbdnajaicnklhfplh - https://chrome.google.com/webstore/detail/lpoimibckejjdjcfbdnajaicnklhfplh[] obhnedkdjofgblpkmlbamogmcbhgdkdj - C:\Users\Gebruiker\AppData\Local\CRE\obhnedkdjofgblpkmlbamogmcbhgdkdj.crx[] omaonpoimgkmbllpdihbnmgphjoipdhf - C:\Program Files (x86)\Logitech\Harmony Remote Driver\harmony_chrome.crx[01-05-2012 22:45] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28-11-2013 13:06] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions obhnedkdjofgblpkmlbamogmcbhgdkdj - C:\Users\Gebruiker\AppData\Local\CRE\obhnedkdjofgblpkmlbamogmcbhgdkdj.crx[] Google Drive - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf Kaspersky URL Advisor - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj Weerplaza - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\djakjaebiehcbcjclfgifnhipfcobpaa Adobe Acrobat - Create PDF - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj Google Calendar - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn Safe Money - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Dropbox - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl Virtual Keyboard - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Freemake Video Converter - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj Google Maps - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh Kaspersky Protection - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh Google Mail Checker - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Azov Sea Theme #2 - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\oalokjhcnhmboncjbmhicgmiinlfacio MyHarmony Chrome Plugin - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\omaonpoimgkmbllpdihbnmgphjoipdhf Tetris 3D - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdkeccfoknbfheljdlnicdlbflmfkdpm 20-20 3D Viewer for IKEA - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp Gmail - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Chrome Fix ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown Url="Not_Found" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully HKEY_USERS\S-1-5-21-2424054589-872369084-1117613999-1000\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\lpoimibckejjdjcfbdnajaicnklhfplh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\obhnedkdjofgblpkmlbamogmcbhgdkdj deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\obhnedkdjofgblpkmlbamogmcbhgdkdj deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gebruiker\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gebruiker\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\GEBRUI~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on do 31-07-2014 at 10:57:05,57 ======================