Zoek.exe v5.0.0.0 Updated 02-June-2014 Tool run by lucky on di 10/06/2014 at 16:38:43,60. Microsoft® Windows Vista™ Home Premium 6.0.6001 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\lucky\Desktop\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2014-06-07-074417.log 24226 bytes C:\zoek-results2014-06-09-154419.log 29115 bytes C:\zoek-results2014-06-09-192714.log 28725 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Flash Player 13 ActiveX Ask Toolbar CCleaner Facebook Video Calling 2.0.0.447 Google Chrome Google Toolbar for Internet Explorer Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) iTunes Java 7 Update 60 Java Auto Updater Junk Mail filter update Malwarebytes Anti-Malware versie 2.0.2.1012 Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Client Profile NLD Language Pack Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 MSVCRT OpenOffice 4.0.1 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2478663) Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870) Skype Click to Call SkypeT 6.3 Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD TuneUp Utilities 2013 TuneUp Utilities Language Pack (nl-NL) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live Mail Windows Live Messenger ==== Running Processes ====================== C:\Windows\System32\smss.exe C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\SLsvc.exe C:\Windows\System32\spoolsv.exe C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\System32\mobsync.exe C:\Windows\system32\wuauclt.exe C:\Users\lucky\Desktop\zoek.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully ==== Deleting Files \ Folders ====================== c:\users\lucky\appdata\local\network_me_06030452 deleted C:\PROGRA~2\AskPartnerNetwork deleted C:\PROGRA~2\APN deleted C:\Users\lucky\AppData\Local\SearchProtect deleted C:\END deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files\AskPartnerNetwork\Toolbar" deleted "C:\Program Files\AskPartnerNetwork\Toolbar\Updater" deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 1 (Build 6001) Memory (RAM): 1014 MB CPU Info: Genuine Intel(R) CPU T2300 @ 1.66GHz CPU Speed: 1703,9 MHz Sound Card: Hoofdtelefoon (High Definition | Apparaat voor digitale uitvoer | Display Adapters: Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | Mobile Intel(R) 945GM Express Chipset Controller 0 (Microsoft Corporation - WDDM) | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Atheros AR5007UG Wireless Network Adapter | Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (E: | ) E: HL-DT-STDVDRAM GSA-T10N Ports: COM3 LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 93,2GB | D: 18,6GB Hard Disks - Free: C: 39,2GB | D: 13,5GB Manufacturer *: Phoenix Technologies LTD BIOS Info: AT/AT COMPATIBLE | 01/15/07 | MEDION - 6040000 Time Zone: West-Europa (standaardtijd) Motherboard *: MEDION WIM2120 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Spyware: Windows Defender disabled (Outdated) Default Browser: Google Chrome 35.0.1916.114 Internet Explorer version: 7.0.6001.18000 Google Chrome version: 35.0.1916.114 Sun Java version: 1.7.0_60 (32-bit) ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2014-06-09 08:41:13 3D3F905B613121C24D6E58B9AE89C45B 117914063 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\lucky\AppData\Local\Temp ==== 2014-06-08 14:58:53 15552EBB3C332FE5B0AEEABEA989A882 531408 ----a-w- C:\Users\lucky\AppData\Local\Temp\APNSetup.exe ====== Java Cache ===== 2014-06-09 08:03:56 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\lucky\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-189addeb ====== C:\Windows\system32 ===== 2014-06-08 14:57:57 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-06-08 14:56:10 B1799EE2C6B8435E7227844C5FC08BCC 96680 ----a-w- C:\Windows\System32\WindowsAccessBridge.dll 2014-06-08 14:56:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-06-08 14:56:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe ====== C:\Windows\system32\drivers ===== 2014-06-02 20:51:16 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2014-05-15 10:12:32 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_00_00.Wdf ====== C:\Windows\Tasks ====== 2014-06-01 16:55:33 2F4CF735EE361EEEE65AA75EC425C92A 2962 ----a-w- C:\Windows\system32\Tasks\BetterMarkIt_wd 2014-06-01 16:55:28 F3AD4EAD9421B9EF39BDB4E5BEF7391C 374 ----a-w- C:\Windows\Tasks\BetterMarkIt_wd.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-06-08 14:58:44 -------- d-----w- C:\Program Files\Common Files\Java 2014-06-08 14:54:30 -------- d-----w- C:\Program Files\Java 2014-06-01 17:11:52 -------- d-----w- C:\Program Files\OpenOffice 4 2014-06-01 16:57:29 -------- d-----w- C:\Program Files\Microsoft Silverlight ======= C: ===== ====== C:\Users\lucky\AppData\Roaming ====== 2014-06-08 15:39:19 -------- d-----w- C:\Users\lucky\AppData\Local\VNT 2014-06-07 13:40:24 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-06-07 07:35:31 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-06-07 07:35:31 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-06-07 07:35:31 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-06-07 07:35:31 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-06-07 07:35:30 -------- d-----w- C:\Users\lucky\AppData\Local\Temp 2014-06-03 04:52:32 -------- d-----w- C:\Users\lucky\AppData\Local\Comodo 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData\Local\Google 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData\Local\Comodo 2014-06-03 04:52:32 -------- d-----w- C:\Users\Administrator\AppData\Local\Comodo 2014-06-03 04:52:31 -------- d-----w- C:\Users\Administrator\AppData\Local\Google 2014-06-01 17:17:53 -------- d-----w- C:\Users\lucky\AppData\Roaming\OpenOffice 2014-06-01 17:05:20 -------- d-----w- C:\Windows\system32\config\systemprofile\AppData\Roaming\QuickScan 2014-06-01 17:05:20 -------- d-----w- C:\Users\lucky\AppData\Roaming\QuickScan 2014-06-01 16:58:05 -------- d-----w- C:\Users\lucky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PriceMetér ====== C:\Users\lucky ====== 2014-06-08 15:12:23 D2CC0BE32A64E29738B70236D6C893D8 829872 ----a-w- C:\Users\lucky\Downloads\Setup (3).exe 2014-06-08 15:12:23 8EA7333A549F5A427D4C895A97330750 829872 ----a-w- C:\Users\lucky\Downloads\Setup (4).exe 2014-06-08 15:11:31 6A167C4528C8170FD5446878B44A82BE 829872 ----a-w- C:\Users\lucky\Downloads\Setup (2).exe 2014-06-08 14:56:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-06-08 14:47:10 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (5).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (4).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (3).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (2).exe 2014-06-08 14:45:20 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (1).exe 2014-06-08 14:45:07 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60.exe 2014-06-08 05:56:23 FE674353FEE75F31DC1E0D38E37B4855 829872 ----a-w- C:\Users\lucky\Downloads\Setup (1).exe 2014-06-06 07:51:59 2BB12CE0DDEBB9A29CB60E9D382F696F 831320 ----a-w- C:\Users\lucky\Downloads\Setup.exe 2014-06-05 12:36:30 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (3).exe 2014-06-05 12:32:42 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\Users\lucky\Downloads\ccsetup414.exe 2014-06-05 10:03:54 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (2).exe 2014-06-05 09:45:09 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (1).exe 2014-06-05 06:33:19 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211.exe 2014-06-03 04:52:38 -------- d-----w- C:\ProgramData\e1643679903728 2014-06-03 04:52:32 -------- d-----w- C:\Users\Gast\AppData 2014-06-03 04:52:31 -------- d-----w- C:\Users\Administrator\AppData 2014-06-01 17:16:12 -------- d-s---w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.0.1 2014-06-01 16:59:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2014-06-01 16:59:31 C44738F944948C6440CEA5FC65CA2869 143485940 ----a-w- C:\Users\lucky\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_enUS{1}.exe 2014-06-01 16:55:47 F2C16656B928D83BE7E95974D4C5C211 628872 ----a-w- C:\Users\lucky\Downloads\openoffice setup (1).exe 2014-06-01 16:55:28 C44738F944948C6440CEA5FC65CA2869 143485940 ----a-w- C:\Users\lucky\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_enUS.exe 2014-06-01 16:54:12 6DC34ADA17566F19668323C1937125EB 628872 ----a-w- C:\Users\lucky\Downloads\openoffice setup.exe ====== C: exe-files == 2014-06-08 15:12:23 D2CC0BE32A64E29738B70236D6C893D8 829872 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\Setup (3).exe 2014-06-08 15:12:23 D2CC0BE32A64E29738B70236D6C893D8 829872 ----a-w- C:\Users\lucky\Downloads\Setup (3).exe 2014-06-08 15:12:23 8EA7333A549F5A427D4C895A97330750 829872 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\Setup (4).exe 2014-06-08 15:12:23 8EA7333A549F5A427D4C895A97330750 829872 ----a-w- C:\Users\lucky\Downloads\Setup (4).exe 2014-06-08 15:11:31 6A167C4528C8170FD5446878B44A82BE 829872 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\Setup (2).exe 2014-06-08 15:11:31 6A167C4528C8170FD5446878B44A82BE 829872 ----a-w- C:\Users\lucky\Downloads\Setup (2).exe 2014-06-08 14:58:53 15552EBB3C332FE5B0AEEABEA989A882 531408 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\AppData\Local\Temp\APNSetup.exe 2014-06-08 14:58:53 15552EBB3C332FE5B0AEEABEA989A882 531408 ----a-w- C:\Users\lucky\AppData\Local\Temp\APNSetup.exe 2014-06-08 14:57:57 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Windows\System32\javaws.exe 2014-06-08 14:56:09 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Windows\System32\javaw.exe 2014-06-08 14:56:09 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Windows\System32\java.exe 2014-06-08 14:54:48 C7C5FF4B0E83702EFBC0C886D87E9743 145832 ----a-w- C:\Program Files\Java\jre7\bin\unpack200.exe 2014-06-08 14:54:48 3427C247AFEC295CD4A20B53EE445F23 16808 ----a-w- C:\Program Files\Java\jre7\bin\tnameserv.exe 2014-06-08 14:54:48 0595B07F96E4F48784A4B772B887AD68 49576 ----a-w- C:\Program Files\Java\jre7\bin\ssvagent.exe 2014-06-08 14:54:47 F9DE7324BDF83F5AFE174354F47C2AE0 16808 ----a-w- C:\Program Files\Java\jre7\bin\orbd.exe 2014-06-08 14:54:47 E0FE8B7BE802F8C4A71317AC35E44B00 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmid.exe 2014-06-08 14:54:47 B5C9699AA60F74F144DB5A566F6E58F8 16296 ----a-w- C:\Program Files\Java\jre7\bin\rmiregistry.exe 2014-06-08 14:54:47 84FB0EC0581C996F445433BD2379A5CC 16296 ----a-w- C:\Program Files\Java\jre7\bin\servertool.exe 2014-06-08 14:54:47 8140DCC3064BA8ADC407D956BE19D764 16296 ----a-w- C:\Program Files\Java\jre7\bin\pack200.exe 2014-06-08 14:54:47 3002E7E937FCB8985320AA807E762845 16296 ----a-w- C:\Program Files\Java\jre7\bin\policytool.exe 2014-06-08 14:54:46 E87885A59FDC241B6575943A75E495D9 182696 ----a-w- C:\Program Files\Java\jre7\bin\jqs.exe 2014-06-08 14:54:46 E2C8F178A57D011518785CF75044CD69 16296 ----a-w- C:\Program Files\Java\jre7\bin\keytool.exe 2014-06-08 14:54:46 AEA4E94FC2A2F88FA5EC7FB6BC349E1B 16296 ----a-w- C:\Program Files\Java\jre7\bin\klist.exe 2014-06-08 14:54:46 62CA7ABA57A4FCDB3844F73A156BAE26 16296 ----a-w- C:\Program Files\Java\jre7\bin\kinit.exe 2014-06-08 14:54:46 235A2E87C34995F1837283FE76CD2E46 16296 ----a-w- C:\Program Files\Java\jre7\bin\ktab.exe 2014-06-08 14:54:46 1EFC992CA271E6D40034FBE7BCEDB724 52648 ----a-w- C:\Program Files\Java\jre7\bin\jp2launcher.exe 2014-06-08 14:54:42 ECB3AB701D6E26F5E54C58957E34E719 175528 ----a-w- C:\Program Files\Java\jre7\bin\javaw.exe 2014-06-08 14:54:42 CEE4C9E092168CEBD187491AF6FDA8FB 264616 ----a-w- C:\Program Files\Java\jre7\bin\javaws.exe 2014-06-08 14:54:42 96777405AB93AF8FCF6C9B6F5C3F1E51 16296 ----a-w- C:\Program Files\Java\jre7\bin\java-rmi.exe 2014-06-08 14:54:42 82517DE5984F3EA3A49E0B5C8825DA63 68008 ----a-w- C:\Program Files\Java\jre7\bin\javacpl.exe 2014-06-08 14:54:42 2251971694E17BAC4E344DC2B7CD7ADD 175528 ----a-w- C:\Program Files\Java\jre7\bin\java.exe 2014-06-08 14:54:42 07643C3AF27179144C9800AF0819DE75 48040 ----a-w- C:\Program Files\Java\jre7\bin\jabswitch.exe 2014-06-08 14:50:52 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-06-08 14:50:52 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\lucky\AppData\LocalLow\Sun\Java\jre1.7.0_60\lzma.exe 2014-06-08 14:47:10 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60 (5).exe 2014-06-08 14:47:10 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (5).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60 (4).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60 (3).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60 (2).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (4).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (3).exe 2014-06-08 14:46:59 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (2).exe 2014-06-08 14:45:20 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60 (1).exe 2014-06-08 14:45:20 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60 (1).exe 2014-06-08 14:45:07 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\chromeinstall-7u60.exe 2014-06-08 14:45:07 1BCD116BCE8235A031949FE58AA489D0 918952 ----a-w- C:\Users\lucky\Downloads\chromeinstall-7u60.exe 2014-06-08 05:56:23 FE674353FEE75F31DC1E0D38E37B4855 829872 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\Setup (1).exe 2014-06-08 05:56:23 FE674353FEE75F31DC1E0D38E37B4855 829872 ----a-w- C:\Users\lucky\Downloads\Setup (1).exe 2014-06-08 05:54:33 E953D69576A1BF077E709A0231E4714C 289792 ----a-w- C:\ce39c28843466bc70f27ec762d041e\spclite.exe 2014-06-06 07:51:59 2BB12CE0DDEBB9A29CB60E9D382F696F 831320 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\Setup.exe 2014-06-06 07:51:59 2BB12CE0DDEBB9A29CB60E9D382F696F 831320 ----a-w- C:\Users\lucky\Downloads\Setup.exe 2014-06-05 12:36:30 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\adwcleaner_3.211 (3).exe 2014-06-05 12:36:30 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (3).exe 2014-06-05 12:32:42 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\ccsetup414.exe 2014-06-05 12:32:42 A61A24E28CE5E961941D61C1D342AC39 4748896 ----a-w- C:\Users\lucky\Downloads\ccsetup414.exe 2014-06-05 10:03:54 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\adwcleaner_3.211 (2).exe 2014-06-05 10:03:54 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (2).exe 2014-06-05 09:45:09 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\adwcleaner_3.211 (1).exe 2014-06-05 09:45:09 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211 (1).exe 2014-06-05 06:33:19 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Windows.old.000\Documents and Settings\lucky\Downloads\adwcleaner_3.211.exe 2014-06-05 06:33:19 9EC73884D7D7BFEC9EED7EAF3122A0BE 1327971 ----a-w- C:\Users\lucky\Downloads\adwcleaner_3.211.exe === C: other files == 2014-06-09 15:58:02 93836A8B07B4B1BB3EE786C6D5C36166 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-515218178-1156182028-4208866919-1000\$IH6FBXQ.com 2014-06-08 14:54:48 8E29BBCCC8D802D36701633A7842FE74 18636 ----a-w- C:\Program Files\Java\jre7\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-515218178-1156182028-4208866919-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "ApnTBMon"="C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Facebook Update"="C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [14/05/2014 07:48] C:\Windows\tasks\BetterMarkIt_wd.job --a------ C:\Program Files\Better_MarkIt\BetterMarkItdPZKZw.exe [] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000Core.job --a------ C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe [30/10/2012 11:19] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [22/10/2011 19:58] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\BetterMarkIt_wd" [C:\Program Files\Better_MarkIt\BetterMarkItdPZKZw.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000Core" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-515218178-1156182028-4208866919-1000UA" [C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [30/12/2011 09:25] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx[22/11/2012 11:30] pljcgbedjplidkdjahbaalanadmjfgop - C:\ProgramData\AskPartnerNetwork\Toolbar\ORJ-V7C\CRX\ToolbarCR.crx[] Google Wallet - lucky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=010613&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\pljcgbedjplidkdjahbaalanadmjfgop deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [Facebook Update] "C:\Users\lucky\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PD51G31K will be deleted at reboot C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\lucky\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=49 folders=42 10924443 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\lucky\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\lucky\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Users\lucky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PD51G31K" not found ==== EOF on di 10/06/2014 at 17:52:10,60 ======================