Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Ingr on di 12-05-2015 at 20:53:36.30. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ingr\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-04-11-191156.log 45881 bytes ==== Empty Folders Check ====================== C:\Users\Ingr\AppData\Local\CrashDumps deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\extensions user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_12-05-2015_2145_.backup ProfilePath: C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default user.js not found ---- Lines Sweet removed from prefs.js ---- user_pref("extensions.YT5XZwGnThqpIoEW.url", "http://superiend.org/sync2/?q=hfZ9ofbJBNrMCyVUojs9rdg7tMqLDe49CNU0jUEMCMlNhd9Fqja8rdgGrda7rjaMBzqUojw8rd user_pref("extensions.s1rFBAniEfnIlik4.url", "http://toolkitfree.us/sync2/?q=hfZ9ofV9CShEAen0rTn9rTwMg708BNmGWj8pjchGheDUojw8rdkEqTw4qdn8rchIC7n0rjkEq ---- Lines extensions.YT5XZwGnThqpIoEW removed from prefs.js ---- user_pref("extensions.YT5XZwGnThqpIoEW.epoch", "1431542682"); ---- Lines extensions.jVzOTrZnrup5l2uC removed from prefs.js ---- user_pref("extensions.jVzOTrZnrup5l2uC.epoch", "1"); user_pref("extensions.jVzOTrZnrup5l2uC.scode", "void(0);"); user_pref("extensions.jVzOTrZnrup5l2uC.url", "http://formatopen.xyz/sync/?q=C6qUojwErdn8rHY9qHUGrHk9rHk5rdY4tMZPhd9FrTn9qHg8qTU7rTa8qHn5rTYMCMlNhd9Fqj ---- Lines extensions.kMpdy8w695JGSKeX removed from prefs.js ---- user_pref("extensions.kMpdy8w695JGSKeX.epoch", "1"); user_pref("extensions.kMpdy8w695JGSKeX.scode", "void(0);"); user_pref("extensions.kMpdy8w695JGSKeX.url", "http://allstarcoupon.eu/sync/?q=C6qUojg9rjCHqjwGrTgFqTk5qjn8pdYMAyVUojwGqdn6qTk7pjgGrdk6qdYGpchGheDUojw8 ---- Lines extensions.lWkyOgPOztn5828P removed from prefs.js ---- user_pref("extensions.lWkyOgPOztn5828P.epoch", "1"); user_pref("extensions.lWkyOgPOztn5828P.scode", "void(0);"); user_pref("extensions.lWkyOgPOztn5828P.url", "http://setfreespypros.info/sync/?q=C6qUojwHrTrEqdY5pdg5rja4qHgFpjaMAyVUojwGqdn6qTk7pjgGrdk6qdYGpchGheDUo ---- Lines extensions.s1rFBAniEfnIlik4 removed from prefs.js ---- user_pref("extensions.s1rFBAniEfnIlik4.epoch", "1431029752"); ---- FireFox user.js and prefs.js backups ---- prefs_12-05-2015_2145_.backup ProfilePath: C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\[opt]rs0 user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_12-05-2015_2145_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^the-island-dut-3304158.lnk] ==== Deleting Files \ Folders ====================== C:\ProgramData\{49a79e3b-e6a1-c014-49a7-79e3be6a78ef} not found C:\ProgramData\{1afe009e-b100-76c2-1afe-e009eb10027a} not found C:\ProgramData\{dc302756-72f5-13ba-dc30-0275672f9d59} not found C:\Program Files (x86)\Common Files\DVDVideoSoft not found C:\ProgramData\{60a4823e-1b4b-3521-60a4-4823e1b408f8} not found "C:\Windows\zoek-delete.exe" not found C:\PROGRA~2\dA Message Notifier deleted C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\{594657B4-413A-41D0-8F85-A6D3F35C9BDF} deleted C:\ProgramData\{6511AE77-911F-4CA2-A15A-510F904C6E3E} deleted C:\PROGRA~3\15394425244114405522 deleted C:\Users\Ingr\AppData\Roaming\appdataFr3.bin deleted C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\GaR@y.net deleted C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\M8IC@F.org deleted C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\rOE@K.net deleted C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default\extensions\v@x.co.uk deleted "C:\zoek_backup" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ingr\AppData\Local\Temp ==== 2015-05-10 19:10:10 7C3BCBBCFECE35FFED6658C2E001E347 119680 ----a-w- C:\Users\Ingr\AppData\Local\Temp\EsgInstallerx64Stub.exe 2015-05-06 20:15:27 FDCF03208012026400DA8626656983F8 298096 ----a-w- C:\Users\Ingr\AppData\Local\Temp\MozUpdater\bgupdate\updater.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-04-28 18:10:42 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-04-28 18:10:09 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-04-28 18:10:09 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-04-28 18:10:09 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-04-15 11:06:02 4FB010DEA1028ED0A26F20D2F404210F 256992 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys 2015-04-15 05:16:58 063C09DB965E3DFD6F4F08416F6DB8F5 95672 ----a-w- C:\Windows\Sysnative\drivers\ksecdd.sys 2015-04-15 05:16:56 1FA627E63195BF3BF636BFEF0D7190D4 155576 ----a-w- C:\Windows\Sysnative\drivers\ksecpkg.sys 2015-04-15 05:05:08 F61634BEC53F73702A10DE69F6DCAF57 754688 ----a-w- C:\Windows\Sysnative\drivers\http.sys ====== C:\Windows\Tasks ====== 2015-05-10 19:17:50 AB61802B7EA3449ACF73F245C23E3E16 3504 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task 71e34b06-6e4a-4321-a19e-5b2640dd35f3 2015-05-10 19:17:50 6A9184CA5A10EBB0CF9A9A71BEE90102 3578 ----a-w- C:\Windows\Sysnative\Tasks\SUPERAntiSpyware Scheduled Task afbf406b-e877-428d-87be-2f13152edd20 2015-05-10 19:17:50 1252559A7B94EB571BCFB7F52B8029F0 508 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task afbf406b-e877-428d-87be-2f13152edd20.job 2015-05-10 19:17:49 D54EA75A0E9C06AEA18304A94725B34C 508 ----a-w- C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 71e34b06-6e4a-4321-a19e-5b2640dd35f3.job ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-05-10 19:15:12 -------- d-----w- C:\Program Files\SUPERAntiSpyware ======= C:\PROGRA~2 ===== 2015-05-10 11:57:05 -------- d-----w- C:\PROGRA~2\SystemRequirementsLab 2015-04-22 17:56:54 -------- d-----w- C:\PROGRA~2\KPN 2015-04-16 05:02:16 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2015-04-16 05:02:15 -------- d-----r- C:\PROGRA~2\Skype ======= C: ===== ====== C:\Users\Ingr\AppData\Roaming ====== 2015-05-10 19:17:44 -------- d-----w- C:\Users\Ingr\AppData\Roaming\SUPERAntiSpyware.com 2015-04-27 08:38:55 -------- d-----w- C:\Users\Ingr\AppData\Roaming\Blender Foundation 2015-04-22 17:58:36 -------- d-----w- C:\Users\Ingr\AppData\Local\mquadr.at 2015-04-22 17:54:56 -------- d-----w- C:\Users\Ingr\AppData\Local\kpn 2015-04-20 19:17:02 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Avg 2015-04-20 19:17:02 -------- d-----w- C:\Users\Ingr\AppData\Local\Avg ====== C:\Users\Ingr ====== 2015-05-12 18:16:39 78130949095E6721B40B50E77C1F1BBC 4095448 ----a-w- C:\Users\Ingr\Downloads\spywareblastersetup50.exe 2015-05-10 19:15:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-05-10 19:15:12 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2015-05-10 19:13:24 E9EFA6AB251EC12B971555A60939FE7E 21851656 ----a-w- C:\Users\Ingr\Downloads\SUPERAntiSpyware.exe 2015-05-10 18:10:45 55BA68218A5BA7A7FCE6E16535640B04 3044736 ----a-w- C:\Users\Ingr\Downloads\SpyHunter-installer.exe 2015-05-10 15:10:53 7965E2B2C17588A271051AA925485AE7 6482752 ----a-w- C:\Users\Ingr\Downloads\ccsetup505pro.exe 2015-05-05 18:07:17 2E1D22AC30F4B392CEAF3D7D59BE3626 2204160 ----a-w- C:\Users\Ingr\Downloads\adwcleaner_4.203.exe 2015-04-27 08:13:41 -------- d-----w- C:\Users\Ingr\.thumbnails 2015-04-22 18:02:03 -------- d-----w- C:\Users\Public\Documents\kpn 2015-04-22 17:58:59 -------- d-----w- C:\ProgramData\mquadr.at 2015-04-22 17:58:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KPN 2015-04-16 05:02:16 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ====== C: exe-files == === C: other files == 2015-05-12 18:51:28 DE0983FE4B830699312D35A990B3AE1B 1945 ----a-w- C:\Users\Ingr\AppData\Local\Temp\_MEI26762\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx 2015-05-12 18:51:28 82F5C942549405F61A8808D0EA0FA9E2 25575 ----a-w- C:\Users\Ingr\AppData\Local\Temp\_MEI26762\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-972271792-525367119-1395659665-1001\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "Spotify Web Helper"="C:\Users\Ingr\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart" "Servicetool"="C:\Program Files (x86)\KPN\Servicetool\KPNServicetool_Launcher.exe /auto" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="C:\Users\Ingr\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe" "Spotify Web Helper"="C:\Users\Ingr\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Power Management"="C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled ====================== [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-] "ALLUpdate"="\"C:\\Program Files (x86)\\OpenSubtitlesPlayer\\ALLUpdate.exe\" \"sleep\"" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "DivXUpdate"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" "iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Adobe ARM] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Adobe ARM" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AdobeAAMUpdater-1.0] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AdobeAAMUpdater-1.0" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\OOBE\\PDApp\\UWA\\UpdaterStartupUtility.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\APSDaemon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="APSDaemon" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\Common Files\\Apple\\Apple Application Support\\APSDaemon.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlazeServoTool] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BlazeServoTool" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\NTI\\NTI Digital Flix 2.5\\MediaDetector.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonMyPrinter] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonMyPrinter" "hkey"="HKLM" "command"="C:\\Program Files\\Canon\\MyPrinter\\BJMyPrt.exe /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CanonSolutionMenuEx] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CanonSolutionMenuEx" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Solution Menu EX\\CNSEMAIN.EXE /logon" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXMediaServer] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXMediaServer" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\DivX\\DivX Media Server\\DivXMediaServer.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DivXUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="DivXUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\DivX\\DivX Update\\DivXUpdate.exe\" /CHECKNOW" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IJNetworkScanUtility] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IJNetworkScanUtility" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Canon\\Canon IJ Network Scan Utility\\CNMNSUT.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Lync] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Lync" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Microsoft Office\\Office15\\lync.exe\" /fromrunkey" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task] "command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime" "hkey"="HKLM" "item"="QuickTime Task" "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify" "hkey"="HKCU" "command"="\"C:\\Users\\Ingr\\AppData\\Roaming\\Spotify\\Spotify.exe\" -autostart -minimized" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Ingr\\AppData\\Roaming\\Spotify\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\uTorrent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="uTorrent" "hkey"="HKCU" "command"="\"C:\\Users\\Ingr\\AppData\\Roaming\\uTorrent\\uTorrent.exe\" /MINIMIZED" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UVS10 Preload] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UVS10 Preload" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Ulead Systems\\Ulead VideoStudio SE DVD\\uvPL.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^Ingr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk] "item"="Send to OneNote" "path"="C:\\Users\\Ingr\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Send to OneNote.lnk" "backup"="C:\\Windows\\pss\\Send to OneNote.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\PROGRA~2\\MICROS~1\\Office15\\ONENOTEM.EXE" ==== Startup Folders ====================== 2015-04-12 18:37:21 2286 ----a-w- C:\Users\Ingr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download once upon a time s03e2 Torrents - KickassTorrents.lnk 2015-04-17 06:01:33 2545 ----a-w- C:\Users\Ingr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download Once Upon a Time S04E08E09 HDTV NL Subs DutchReleaseTeam Torrent - KickassTorrents (1).lnk 2015-04-17 06:01:08 2517 ----a-w- C:\Users\Ingr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Download Once Upon a Time S04E08E09 HDTV NL Subs DutchReleaseTeam Torrent - KickassTorrents.lnk 2015-05-06 19:45:00 2251 ----a-w- C:\Users\Ingr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Once Upon a Time S04E11 HDTV NL Subs DutchReleaseTeam.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [15-04-2015 20:58] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-03-2013 21:35] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [26-03-2013 21:35] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task 71e34b06-6e4a-4321-a19e-5b2640dd35f3.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [07-11-2013 22:08] C:\Windows\tasks\SUPERAntiSpyware Scheduled Task afbf406b-e877-428d-87be-2f13152edd20.job --a------ C:\Program Files\SUPERAntiSpyware\SASTask.exe [07-11-2013 22:08] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Ingr-PC-Ingr" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe] "C:\Windows\SysNative\tasks\ALL Update" [C:\Program Files (x86)\OpenSubtitlesPlayer\ALLUpdate.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\Windows\SysNative\tasks\DivX-online actualiseringsprogramma" [C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Ingr DBAgent 2 0" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe"] "C:\Windows\SysNative\tasks\NBAgent" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe] "C:\Windows\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task 71e34b06-6e4a-4321-a19e-5b2640dd35f3" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\SUPERAntiSpyware Scheduled Task afbf406b-e877-428d-87be-2f13152edd20" [C:\Program Files\SUPERAntiSpyware\SASTask.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{e4f94d1e-2f53-401e-8885-681602c0ddd8}"="C:\ProgramData\McAfee Security Scan\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8}.xpi" [04-04-2014 12:36] ==== Firefox Extensions ====================== AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Ingr\AppData\Roaming\Mozilla\Firefox\Profiles\hemaw4pr.default 9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash ==== Chromium Look ====================== Google Chrome Version: 42.0.2311.135 HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions apdfllckaahabafndbhieahigkjlhalf - C:\Users\Ingr\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx[28-12-2014 17:57] lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[] Google Drive - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Drive App Launcher - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh Google Wallet - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Ingr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Web Data.temp was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ingr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ingr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BU5YAXN will be deleted at reboot ==== Empty FireFox Cache ====================== C:\Users\Ingr\AppData\Local\Mozilla\Firefox\Profiles\hemaw4pr.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Ingr\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files= ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Ingr\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Ingr\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Ingr\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2BU5YAXN" not found ==== EOF on di 12-05-2015 at 22:31:11.11 ======================