Zoek.exe v5.0.0.0 Updated 08-April-2015 Tool run by Eigenaar on wo 15/04/2015 at 13:08:27,25. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Eigenaar\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 15/04/2015 13:10:21 Zoek.exe System Restore Point Created Successfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent 32 Bit HP CIO Components Installer Adobe Flash Player 17 ActiveX Adobe Flash Player 17 NPAPI B110 BufferChm CCleaner CheckDrive Content Transfer Definition Update for Microsoft Office 2010 (KB2956207) 32-Bit Edition ExtractNow Free YouTube to MP3 Converter version 3.12.29.304 Google Chrome Google Update Helper HD Tune 2.55 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) HP Photosmart Wireless B110 All-In-One Driver Software 14.0 Rel. 7 HPAppStudio HPPhotoGadget Kaspersky Internet Security luckysearches uninstall Malwarebytes Anti-Malware versie 2.0.4.1028 Mediapurge Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office Access MUI (Dutch) 2010 Microsoft Office Excel MUI (Dutch) 2010 Microsoft Office Groove MUI (Dutch) 2010 Microsoft Office InfoPath MUI (Dutch) 2010 Microsoft Office OneNote MUI (Dutch) 2010 Microsoft Office Outlook MUI (Dutch) 2010 Microsoft Office PowerPoint MUI (Dutch) 2010 Microsoft Office Professional Plus 2010 Microsoft Office Proof (Dutch) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (French) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proofing (Dutch) 2010 Microsoft Office Publisher MUI (Dutch) 2010 Microsoft Office Shared MUI (Dutch) 2010 Microsoft Office Word MUI (Dutch) 2010 Microsoft OneDrive Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Microsoft Visual Studio 2010 Tools for Office Runtime (x86) Language Pack - NLD Mozilla Firefox 37.0.1 (x86 nl) Mozilla Maintenance Service MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 8 neroxml Network NirSoft BlueScreenView NVIDIA-configuratiescherm 307.83 NVIDIA Drivers NVIDIA Grafisch stuurprogramma 307.83 NVIDIA Install Application NVIDIA Update 1.10.8 NVIDIA Update Components NWZ-E450 WALKMAN Guide PS_AIO_07_B110_SW_Min QuickTransfer Scan Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2861697) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2858302v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2861188) Security Update for Microsoft .NET Framework 4 Client Profile (KB2894842v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2901110v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2931365) Security Update for Microsoft .NET Framework 4 Client Profile (KB2972106) Security Update for Microsoft .NET Framework 4 Client Profile (KB2972215) Security Update for Microsoft .NET Framework 4 Client Profile (KB2978125) Security Update for Microsoft .NET Framework 4 Client Profile (KB2979575v2) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft .NET Framework 4 Extended (KB2858302v2) Security Update for Microsoft .NET Framework 4 Extended (KB2894842v2) Security Update for Microsoft .NET Framework 4 Extended (KB2901110v2) Security Update for Microsoft Excel 2010 (KB2956142) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2810073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2880971) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2881071) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2883100) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2889839) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2920748) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956073) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2956076) 32-Bit Edition Security Update for Microsoft PowerPoint 2010 (KB2920812) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2956139) 32-Bit Edition Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition Speccy Spotify SUPERAntiSpyware Free Edition Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x86) - NLD Toolbox Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2836939v3) Update for Microsoft Access 2010 (KB2837601) 32-Bit Edition Update for Microsoft Excel 2010 (KB2589348) 32-Bit Edition Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition Update for Microsoft Office 2010 (KB2553140) 32-Bit Edition Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition Update for Microsoft Office 2010 (KB2589386) 32-Bit Edition Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition Update for Microsoft Office 2010 (KB2687275) 32-Bit Edition Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition Update for Microsoft Office 2010 (KB2837602) 32-Bit Edition Update for Microsoft Office 2010 (KB2883019) 32-Bit Edition Update for Microsoft Office 2010 (KB2920813) 32-Bit Edition Update for Microsoft Office 2010 (KB2956141) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2956205) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2956203) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition Update for Microsoft Visio 2010 (KB2878283) 32-Bit Edition Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition VCRedistSetup VLC media player WD Link WebReg Wondershare AllMyTube(Build 4.2.2.0) ==== Running Processes ====================== C:\Windows\system32\wininit.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\lsass.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\SLsvc.exe C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe C:\Windows\system32\nvvsvc.exe C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskeng.exe C:\Program Files\CheckDrive\CheckDriveBackgroundGuard.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe C:\Program Files\XTab\ProtectService.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\Program Files\XTab\cmdshell.exe C:\Windows\system32\IoctlSvc.exe C:\Program Files\SUPERAntiSpyware\SASCore.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files\XTab\HPNotify.exe C:\Windows\System32\WUDFHost.exe C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\NVIDIA Corporation\Display\nvtray.exe C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avpui.exe C:\Windows\system32\conime.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\Program Files\Windows Mail\WinMail.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Users\Eigenaar\Downloads\zoek.exe C:\Windows\system32\WerFault.exe C:\Windows\system32\WerFault.exe C:\Windows\system32\WerFault.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\System32\svchost.exe -k HPZ12 C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k HPService ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IHProtect Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WindowsMangerProtect deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677 user.js not found ---- Lines searchengine@gmail.com removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-profile\":{\"istart_ffnt@gmail.com\":{\"d\":\"C:\\\\Users\\\\Eigenaar\\\\AppData\\\\Roaming\\\\Mozilla\\\\Fir ---- Lines quick_start removed from prefs.js ---- user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines searches removed from prefs.js ---- user_pref("browser.search.searchengine.alias", "luckysearches"); user_pref("browser.search.searchengine.iconURL", "http://www.luckysearches.com/favicon.ico"); user_pref("browser.search.searchengine.name", "luckysearches"); user_pref("browser.search.searchengine.url", "http://www.luckysearches.com/web/?type=ds&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE&q={searchTe user_pref("browser.startup.homepage", "http://www.luckysearches.com/?type=hp&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE"); ---- FireFox user.js and prefs.js backups ---- prefs_20151504_1324_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command] @="C:\\Program Files\\Google\\Chrome\\Application\\chrome.exe" ==== Deleting Files \ Folders ====================== C:\Users\Eigenaar\AppData\Roaming\luckysearches deleted C:\ProgramData\WindowsMangerProtect deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677\extensions\searchengine@gmail.com deleted C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677\extensions\istart_ffnt@gmail.com deleted C:\ProgramData\IHProtectUpDate deleted C:\Program Files\version21SpeeditUp deleted "C:\DelFix.txt" deleted "C:\Program Files\XTab\SupTab.dll" deleted "C:\Program Files\XTab\SupTab.dll" deleted "C:\Program Files\XTab" not deleted "C:\Program Files\XTab" not deleted ==== System Specs ====================== Windows: Windows Vista Home Premium Edition Service Pack 2 (Build 6002) Memory (RAM): 2047 MB CPU Info: Intel(R) Pentium(R) Dual CPU E2220 @ 2.40GHz CPU Speed: 2456,6 MHz Sound Card: Luidsprekers (High Definition A | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Apparaat voor digitale uitvoer | Display Adapters: NVIDIA GeForce 210 | NVIDIA GeForce 210 | RDPDD Chained DD | RDP Encoder Mirror Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1280 X 800 - 32 bit Network: Network Present Network Adapters: Realtek RTL8101 Family PCI-E Fast Ethernet NIC (NDIS 6.0) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GH40F Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 285,1GB | E: 114,5GB Hard Disks - Free: C: 131,6GB | E: 75,4GB Manufacturer *: American Megatrends Inc. BIOS Info: AT/AT COMPATIBLE | 09/10/08 | PacBel - 20080910 Time Zone: Romance (standaardtijd) Motherboard *: Packard Bell BV MCP73VT-PM Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Kaspersky Internet Security On-access scanning disabled (Outdated) Anti-Spyware: Kaspersky Internet Security disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Firewall: Kaspersky Internet Security disabled Default Browser: Firefox 37.0.1 Internet Explorer Version: 9.0.8112.16421 Mozilla Firefox version: 37.0.1 (x86 nl) Google Chrome version: 41.0.2272.118 Flash Player version: 17.0.0.134 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Eigenaar\AppData\Local\Temp ==== 2015-04-14 12:51:18 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\81429015868\T0pETExR10700.exe 2015-04-14 12:51:05 49BF476E5B5332387FD22994066E5EC3 782376 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\ebecabfbdfcag.exe 2015-04-14 12:50:55 7380D4A9865D7824AE25E23710EE71AE 569400 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\setup.exe 2015-04-14 12:46:46 BF99861E4E812825E97D13F39304ED27 89088 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\F4CF7B53-2CA8-AB73-592D-580BF8B4D7E2.dll 2015-04-14 12:46:46 77AC804915985BB9581ACD3536446CCB 463360 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\F4CF7B53-2CA8-AB73-592D-580BF8B4D7E2.exe 2015-04-14 12:43:06 4577524325B692BB5515BBC10D4989C7 738832 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\12.monkeys.2015.s01e012.1080p.x264.web.dl.nedsubs.tbs__10924_i1497782150_il454804.exe 2015-04-11 14:00:49 16802871196651A981415C7C5CAFF5BD 251904 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\SSUPDATE.EXE ====== Java Cache ===== ====== C:\Windows\system32 ===== 2015-04-15 11:11:29 AAECA6C42C7E5E4695605E0F2C0A06F4 17593008 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe ====== C:\Windows\system32\drivers ===== 2015-03-29 07:54:29 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2015-03-29 07:53:58 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\System32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2015-03-29 07:31:19 DE9D36F91A4DF3D911626643DEBF11EA 40448 ----a-w- C:\Windows\System32\drivers\WpdUsb.sys 2015-03-29 06:14:26 933222B19FF3E7EA5F65517EA1F7D57E 3 ----a-w- C:\Windows\System32\drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf 2015-03-29 06:14:11 867C301E8B790040AE9CF6486E8041DF 155136 ----a-w- C:\Windows\System32\drivers\WUDFRd.sys 2015-03-29 06:14:11 06E6F32C8D0A3F66D956F57B43A2E070 66560 ----a-w- C:\Windows\System32\drivers\WUDFPf.sys ====== C:\Windows\Tasks ====== 2015-03-29 08:03:45 -------- d-----w- C:\Windows\system32\Tasks\WPD ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-04-14 12:47:42 -------- d-----w- C:\Program Files\Microsoft Silverlight 2015-04-14 12:46:28 -------- d-----w- C:\Program Files\XTab 2015-04-14 11:31:57 -------- d-----w- C:\Program Files\Speccy 2015-04-04 15:28:49 -------- d-----w- C:\Program Files\Microsoft OneDrive 2015-03-30 11:18:31 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2015-03-29 07:56:33 -------- d-----w- C:\Program Files\Windows Portable Devices 2015-03-28 11:34:31 -------- d-----w- C:\Program Files\Secunia ======= C: ===== ====== C:\Users\Eigenaar\AppData\Roaming ====== 2015-04-11 13:51:58 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2015-04-11 13:51:58 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-04-11 13:51:58 -------- d-----w- C:\Users\UpdatusUser\AppData\Local\Temp 2015-04-11 13:51:57 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-04-11 13:51:57 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2015-04-11 13:51:56 -------- d-----w- C:\Users\Eigenaar\AppData\Local\Temp 2015-03-29 07:05:25 -------- d-----w- C:\Users\Default\AppData\Local\Microsoft Help 2015-03-29 07:05:25 -------- d-----w- C:\Users\Default User\AppData\Local\Microsoft Help 2015-03-28 11:41:29 -------- d-----w- C:\Users\Eigenaar\AppData\Local\WindowsUpdate ====== C:\Users\Eigenaar ====== 2015-04-14 15:57:52 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Eigenaar\Downloads\RSIT.exe 2015-04-14 12:48:54 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight 2015-04-14 12:42:43 6530660D285A7FF77D93C06EE570FEE2 1548304 ----a-w- C:\Users\Eigenaar\Downloads\12.monkeys.2015.s01e012.1080p.x264.web.dl.nedsubs.tbs_10924_i52379938_il345.exe 2015-04-14 11:31:59 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2015-04-05 08:28:41 9BD1204442C40389BC6D33D35718C712 461312 ----a-w- C:\Users\Eigenaar\Downloads\CHICAGO FiRE S03E16 x264 1080p Eng nl subs TBS.exe 2015-04-04 15:28:49 4E0EA5397212C64154CDCBD0F3710A8A 7210656 ----a-w- C:\Users\Eigenaar\Downloads\OneDriveSetup.exe 2015-04-04 15:28:42 -------- d-----r- C:\Users\Eigenaar\OneDrive 2015-04-04 15:27:53 -------- d-----w- C:\ProgramData\Microsoft OneDrive ====== C: exe-files == 2015-04-15 11:11:29 AAECA6C42C7E5E4695605E0F2C0A06F4 17593008 ----a-w- C:\Windows\System32\FlashPlayerInstaller.exe 2015-04-14 16:03:44 F7CA16D52E4A77DEACD6A3F8C76A2939 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$ICC2MLN.exe 2015-04-14 16:03:44 CED61DE1839D32065D9D90048AA89C60 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IK4MCLK.exe 2015-04-14 16:03:44 CA8570A3594B69581BDD0462F6E22C43 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$IPB7TH9.exe 2015-04-14 15:57:52 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Eigenaar\Downloads\RSIT.exe 2015-04-14 15:18:24 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$RCC2MLN.exe 2015-04-14 14:33:59 B7087D251D441311045381BEBBDD8F9E 243480 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\EQNK6H87\Firefox Setup Stub 37.0.1.exe 2015-04-14 12:51:18 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\81429015868\T0pETExR10700.exe 2015-04-14 12:51:18 10FFABC748D68C40B68F883058C9B932 50225 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\I3EYHCOT\OperaChecker25-6[1].exe 2015-04-14 12:51:05 49BF476E5B5332387FD22994066E5EC3 782376 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\ebecabfbdfcag.exe 2015-04-14 12:50:55 7380D4A9865D7824AE25E23710EE71AE 569400 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\setup.exe 2015-04-14 12:46:46 77AC804915985BB9581ACD3536446CCB 463360 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\F4CF7B53-2CA8-AB73-592D-580BF8B4D7E2.exe 2015-04-14 12:43:06 4577524325B692BB5515BBC10D4989C7 738832 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\12.monkeys.2015.s01e012.1080p.x264.web.dl.nedsubs.tbs__10924_i1497782150_il454804.exe 2015-04-14 12:42:43 6530660D285A7FF77D93C06EE570FEE2 1548304 ----a-w- C:\Users\Eigenaar\Downloads\12.monkeys.2015.s01e012.1080p.x264.web.dl.nedsubs.tbs_10924_i52379938_il345.exe 2015-04-14 11:31:02 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$RK4MCLK.exe 2015-04-14 11:30:26 678AB0E8665345E72D11149A36F965BE 5127432 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-99750587-4078008973-3465543785-1000\$RPB7TH9.exe 2015-04-11 14:00:49 16802871196651A981415C7C5CAFF5BD 251904 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\SSUPDATE.EXE === C: other files == 2015-04-14 12:51:05 28E7616D30020F045437DCFF649EF921 439436 ----a-w- C:\Users\Eigenaar\AppData\Local\Temp\ebecabfbdfcag.zip 2015-04-14 12:45:42 9B111784AA8EC1A400D0B14A62A792F5 2937235 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JJ8QKFW\2[1].zip 2015-04-14 12:43:39 A9B16CCFC066E373174B0C7A7C0E11A6 2511546 ----a-w- C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1JJ8QKFW\1[1].zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1000\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Spotify Web Helper"="C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [HKEY_USERS\S-1-5-21-99750587-4078008973-3465543785-1002\Software\Microsoft\Windows\CurrentVersion\Run] "WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter" "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NBKeyScan"="C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" "ContentTransferWMDetector.exe"="C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe" "Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020" "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Spotify Web Helper"="C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [15/04/2015 13:13] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [26/09/2014 14:29] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\UnHackMe Task Scheduler" [C:\Program Files\UnHackMe\hackmon.exe] "C:\Windows\system32\tasks\Abelssoft\CheckDriveBackgroundGuard" [C:\Program Files\CheckDrive\CheckDriveBackgroundGuard.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "istart_ffnt@gmail.com"="C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677\extensions\istart_ffnt@gmail.com" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677 - Dangerous Websites Blocker - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com - Virtual Keyboard - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com - Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\anti_banner@kaspersky.com - Safe Money - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com - Kaspersky URL Advisor - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\url_advisor@kaspersky.com AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Eigenaar\AppData\Roaming\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677 C2D756C95D5AE3D030E7D394B9C771B9 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 98137411B9C632095F919E2CE70B288A - C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll - Google Update AB87EEFFD18F2BAAFC274E7075EA6C67 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 893BF7D2261C56C24F813405D9D018E0 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll - Silverlight Plug-In E2B92179DA6F4CF6EC3778D2802C960F - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\virtual_keyboard@kaspersky.com\npvkplugin.dll - Plugins PDK 57686DF728BE5FE43A05B265051D1935 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\online_banking@kaspersky.com\nponlinebanking.dll - Plugins PDK 4BA14D74164EC27A9A97663D7D9755A1 - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\FFExt\content_blocker@kaspersky.com\npcontentblocker.dll - Plugins PDK 43583AB4DFD406F4C188342F41B1F91C - C:\Windows\system32\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash 8DA2ED6B04EA33F2EAE8BA883F903729 - c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrlui.dll - Microsoft® Silverlight ==== Chromium Look ====================== Google Chrome Version: 41.0.2272.118 (Latest Stable version: 41.0.2272.118) [z-db] HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dbhjdbfgekjfcfkkfjjmlmojhbllhbho - https://chrome.google.com/webstore/detail/dbhjdbfgekjfcfkkfjjmlmojhbllhbho[] Google Slides - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky Protection - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\dbhjdbfgekjfcfkkfjjmlmojhbllhbho Google Sheets - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap IMG inspector - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\hpogobkggapdhmfnamfnhmchcbmehokb Google Wallet - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" "Default_Page_URL"="http://www.luckysearches.com/?type=hp&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.luckysearches.com/?type=hp&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE" "Default_Page_URL"="http://www.luckysearches.com/?type=hp&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE" "Default_Search_URL"="http://www.luckysearches.com/web/?type=ds&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE&q={searchTerms}" "Search Page"="http://www.luckysearches.com/web/?type=ds&ts=1429015433&from=amt&uid=MaxtorX6Y120L0_Y3M1NDSE&q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\searchengine@gmail.com deleted successfully HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\istart_ffnt@gmail.com deleted successfully ==== HijackThis Entries ====================== O1 - Hosts: ::1 localhost O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\OnlineBanking\online_banking_bho.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [ContentTransferWMDetector.exe] C:\Program Files\Sony\Content Transfer\ContentTransferWMDetector.exe O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Eigenaar\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-21-99750587-4078008973-3465543785-1002\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'UpdatusUser') O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\ie_banner_deny.htm O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\IEExt\UrlAdvisor\klwtbbho.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - (no file) O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Kaspersky Anti-Virus-service 15.0.0 (AVP15.0.0) - Kaspersky Lab ZAO - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 15.0.0\avp.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\system32\IoctlSvc.exe O23 - Service: SAS Core Service (SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCore.exe ==== Empty IE Cache ====================== C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Eigenaar\AppData\Local\Mozilla\Firefox\Profiles\cxtrx0rh.default-1424613678677\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Eigenaar\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=187 folders=77 18919872 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Eigenaar\AppData\Local\Temp will be emptied at reboot C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Eigenaar\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Eigenaar\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Program Files\XTab" not found "C:\Program Files\XTab" not found ==== EOF on wo 15/04/2015 at 15:11:42,20 ======================