Zoek.exe v5.0.0.0 Updated 02-November-2014 Tool run by Jeanet Lebert on zo 02-11-2014 at 19:50:39,88. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jeanet Lebert\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 2-11-2014 19:52:29 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-453541400-2006010633-3923492044-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\S-1-5-21-453541400-2006010633-3923492044-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_USERS\S-1-5-21-453541400-2006010633-3923492044-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_USERS\S-1-5-21-453541400-2006010633-3923492044-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{9421DD08-935F-4701-A9CA-22DF90AC4EA6} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\333bdba2cac2063915f0a414 deleted C:\Users\Jeanet Lebert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\BearShare.lnk deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\OberonGameConsole deleted C:\Users\Jeanet Lebert\AppData\Local\BearShare deleted C:\Users\Public\sdelev.tmp deleted C:\Users\Public\sdelevURL.tmp deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\Windows\SysWow64\searchplugins deleted C:\Windows\SysWow64\Extensions deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\JEANET~1\AppData\Local\Temp ==== 2014-11-02 18:48:47 EA4670FF1B919C94C7CED8008E1D2A9D 343737 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\~nsu.tmp\Au_.exe 2014-11-02 18:48:47 CF95932C00190451115C782E139DE582 264488 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes.dll 2014-11-02 18:48:47 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-11-02 18:48:47 87AA773F15D90973090D4DF76F8E60EF 565808 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\mcbrwsr2.dll 2014-11-02 18:48:47 2AA753368BF68871962D2E99B8692985 153760 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\McInstallerRes_LD.dll 2014-11-02 18:48:47 14E9947D26B0A418AA02F87741E4B40B 769736 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\McInstallerStartup.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2014-11-02 18:45:25 AF055C8537B32EA3A8FA5EA8AEB76621 146432 ----a-w- C:\Windows\SysWOW64\javacpl.cpl 2014-11-02 18:44:48 A042349B7208BF8BED858B1E9B48B06D 98216 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-11-02 16:35:25 0DC5AF80D059DEC792B665ED598C6567 536576 ----a-w- C:\Windows\SysWOW64\sqlite3.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2014-11-02 17:06:51 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2014-11-02 17:06:41 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2014-11-02 17:06:41 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2014-11-02 17:06:41 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2014-10-16 08:51:37 FE571E088C2D83619D2D48D4E961BF41 212480 ----a-w- C:\Windows\Sysnative\drivers\rdpwd.sys 2014-10-16 08:51:34 E232A3B43A894BB327FC161529BD9ED1 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== 2014-11-02 18:43:22 CCDCF658D05899E9CD01910741250D6A 3210 ----a-w- C:\Windows\Sysnative\Tasks\{A2C3720E-E813-4A42-B5A4-BB1AF6DA9574} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-11-02 15:44:18 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-10-25 17:30:52 -------- d-----w- C:\PROGRA~2\TeamViewer 2014-10-07 13:41:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-10-07 13:41:21 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== 2014-11-02 17:56:12 188EEBAE50D888115E7936DE86271C92 5724 ----a-w- C:\MBAM.txt ====== C:\Users\Jeanet Lebert\AppData\Roaming ====== 2014-11-02 17:06:31 -------- d-----w- C:\Users\Jeanet Lebert\AppData\Local\Programs ====== C:\Users\Jeanet Lebert ====== 2014-11-02 18:44:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-11-02 18:36:00 -------- d-----w- C:\ProgramData\Sun 2014-11-02 18:35:13 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Jeanet Lebert\Downloads\chromeinstall-8u25 (1).exe 2014-11-02 18:34:43 -------- d-----w- C:\ProgramData\Oracle 2014-11-02 18:33:52 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Jeanet Lebert\Downloads\chromeinstall-8u25.exe 2014-11-02 18:06:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jeanet Lebert\Downloads\RSITx64 (1).exe 2014-11-02 17:06:03 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Jeanet Lebert\Downloads\mbam-setup-2.0.0.1000.exe 2014-11-02 16:52:39 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Jeanet Lebert\Downloads\adwcleaner_3.311 (1).exe 2014-11-02 16:33:58 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Jeanet Lebert\Downloads\adwcleaner_3.311.exe 2014-11-02 15:44:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jeanet Lebert\Downloads\RSITx64.exe 2014-10-25 17:10:25 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (6).exe 2014-10-25 17:09:00 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (5).exe 2014-10-25 17:08:09 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (4).exe 2014-10-25 17:06:57 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (3).exe 2014-10-24 20:41:16 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (2).exe 2014-10-24 20:34:13 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl (1).exe 2014-10-24 20:32:12 1EFC153B9F11F92CAA859523FAA7EB56 6626856 ----a-w- C:\Users\Jeanet Lebert\Downloads\TeamViewer_Setup_nl.exe 2014-10-07 13:41:22 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == 2014-11-02 18:48:47 EA4670FF1B919C94C7CED8008E1D2A9D 343737 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\~nsu.tmp\Au_.exe 2014-11-02 18:48:47 C4CF03B998D4D758B89CD07F22D7A7F9 645168 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Temp\MSS\3.8.150.1\McUICnt.exe 2014-11-02 18:44:28 AA3520FB0133A56BEE1DB34D74DBEF64 0 ----a-we C:\ProgramData\Oracle\Java\javapath\java.exe 2014-11-02 18:44:28 75D477E868CA51EC1B09D730570F322B 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaw.exe 2014-11-02 18:44:28 691D49FB44EDE9788288CABE4F7E0DAF 0 ----a-we C:\ProgramData\Oracle\Java\javapath\javaws.exe 2014-11-02 18:44:18 DC197DCE6325CBAC905DE0D0E3BA3E8E 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmid.exe 2014-11-02 18:44:18 67F763B09F4BC8689E6FA9761E068D74 159656 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\unpack200.exe 2014-11-02 18:44:18 57E1F756FAA787623DFCD2C1B2AACC68 51112 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssvagent.exe 2014-11-02 18:44:18 33D2AF53E209DA3E2BA939EB89801DC0 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\rmiregistry.exe 2014-11-02 18:44:18 29E65AC6AFD8A0A9CAA361FF6F7B4886 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\servertool.exe 2014-11-02 18:44:18 28FC00F89631B0F6E1E9CA386FADD566 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\tnameserv.exe 2014-11-02 18:44:17 E3E6B18458FFB07CB24D7A0BA77C9FDF 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\pack200.exe 2014-11-02 18:44:17 BB8C890E3E6372F2720709262BD42BF4 30632 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jabswitch.exe 2014-11-02 18:44:17 B719E0F43166037DF46B5CFBE60A5118 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jjs.exe 2014-11-02 18:44:17 AA3520FB0133A56BEE1DB34D74DBEF64 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java.exe 2014-11-02 18:44:17 A458E2535E46151690E53E2A03FAA711 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\keytool.exe 2014-11-02 18:44:17 9BFAEF308D50779F6B255CB7BA7DCA5A 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\kinit.exe 2014-11-02 18:44:17 7AB1F1B3FB6C3DACA34EA2F988CDF5AC 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\orbd.exe 2014-11-02 18:44:17 75EE99C7F0038C746D82C76221ECA4EF 16296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\policytool.exe 2014-11-02 18:44:17 75D477E868CA51EC1B09D730570F322B 176552 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaw.exe 2014-11-02 18:44:17 74713E9C1B01B152DDD3A1A3519A3647 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\java-rmi.exe 2014-11-02 18:44:17 70E67429D2C011FD0419AF899A8D0D70 68520 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javacpl.exe 2014-11-02 18:44:17 691D49FB44EDE9788288CABE4F7E0DAF 272296 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\javaws.exe 2014-11-02 18:44:17 4367C05B0CF5553E71B34F51003D0615 76200 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2launcher.exe 2014-11-02 18:44:17 4109C4DB4BD48F5BF8115C7523A6B6F8 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\klist.exe 2014-11-02 18:44:17 26C7F32186B1F0364CD06EA69227A79D 15784 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\bin\ktab.exe 2014-11-02 18:35:13 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Jeanet Lebert\Downloads\chromeinstall-8u25 (1).exe 2014-11-02 18:33:52 3A582BF6FD39DC6A52AAF316126B40BA 638888 ----a-w- C:\Users\Jeanet Lebert\Downloads\chromeinstall-8u25.exe 2014-11-02 18:06:07 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jeanet Lebert\Downloads\RSITx64 (1).exe 2014-11-02 17:06:03 32A7154F9934CF3AA5D945D02D069D1F 17523384 ----a-w- C:\Users\Jeanet Lebert\Downloads\mbam-setup-2.0.0.1000.exe 2014-11-02 16:52:39 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Jeanet Lebert\Downloads\adwcleaner_3.311 (1).exe 2014-11-02 16:33:58 12EFD5FA51597F188E5DB50BE20EE597 1375089 ----a-w- C:\Users\Jeanet Lebert\Downloads\adwcleaner_3.311.exe 2014-11-02 15:44:18 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jeanet Lebert.exe 2014-11-02 15:44:06 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jeanet Lebert\Downloads\RSITx64.exe 2014-10-30 09:11:02 DCC534F22A5A4B43E5123A772D3ECF5A 895568 ----a-w- C:\Users\Jeanet Lebert\AppData\Local\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\38.0.2125.111\38.0.2125.111_38.0.2125.104_chrome_updater.exe === C: other files == 2014-11-02 18:44:18 CE44A9D4918DCDC7CCCF5503BF4D7A3D 14130 ----a-w- C:\Program Files (x86)\Java\jre1.8.0_25\lib\deploy\ffjcext.zip 2014-11-02 17:06:51 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2014-11-02 17:06:41 D3311B31C470E7681B14D9B014CBF9ED 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2014-11-02 17:06:41 95EF63A7827D4E3A229CBBCB42619E93 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2014-11-02 17:06:41 5C3669B71657F22E67A1D4BD49D2CBE7 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-453541400-2006010633-3923492044-1001\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Google Update"="C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON SX130 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU C:\Users\JEANET~1\AppData\Local\Temp\E_SDC69.tmp /EF HKCU" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000001 /M Epson Stylus SX235" "EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus SX235" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k" "SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" "EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" "EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Java\jre1.8.0_25\bin\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "Google Update"="C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe /c" "EPSON SX130 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHJE.EXE /FU C:\Users\JEANET~1\AppData\Local\Temp\E_SDC69.tmp /EF HKCU" "EPLTarget\P0000000000000001"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000001 /M Epson Stylus SX235" "EPLTarget\P0000000000000002"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIHLE.EXE /EPT EPLTarget\P0000000000000002 /M Epson Stylus SX235" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Acer Registration - Reminder Recall task.job --a------ C:\Program Files (x86)\Acer\Registration\GREG.exe [25-01-2011 03:59] C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [25-09-2014 13:14] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [23-10-2014 13:21] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-453541400-2006010633-3923492044-1001Core.job --a------ C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe [25-10-2014 18:04] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-453541400-2006010633-3923492044-1001UA.job --a------ C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe [25-10-2014 18:04] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Acer Registration - Reminder Recall task" [C:\Program Files (x86)\Acer\Registration\GREG.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\FGRun" [C:\Users\Jeanet] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-453541400-2006010633-3923492044-1001Core" [C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-453541400-2006010633-3923492044-1001UA" [C:\Users\Jeanet Lebert\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\{1DEBAA31-E376-462F-81FD-F39785647B52}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar] "C:\Windows\SysNative\tasks\{C551E2CA-6A15-4D8B-9E94-5F3A0B125B0C}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar] "C:\Windows\SysNative\tasks\{C6D8B5E9-D476-4DCA-973F-FB53D5EC405E}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.1.0.129.272/nl/abandoninstall?page=tsProgressBar] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30-10-2012 23:48] avast WebRep - Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda ==== Chromium Fix ====================== C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vacatures.trovit.nl_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.snapdo.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.snapdo.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supersaver.nl_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.supersaver.nl_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastdailyfind.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_fastdailyfind.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.ask.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.search.ask.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_isearch.babylon.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_click.dealshark.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-audio-converter.nl.softonic.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-audio-converter.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_teamviewer.nl.softonic.com_0.localstorage deleted successfully C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_teamviewer.nl.softonic.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Search Page"="http://www.google.com" "Search Bar"="http://www.google.com" "Use Search Asst"="yes" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.google.com" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.google.com" "SearchAssistant"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.com" "Use Search Asst"="no" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\bearsharetoolbargaw deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Jeanet Lebert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1069 folders=110 130901077 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jeanet Lebert\AppData\Local\Temp will be emptied at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\JEANET~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on zo 02-11-2014 at 20:34:23,46 ======================