Zoek.exe v5.0.0.0 Updated 28-07-2014 Tool run by Ricardo on di 29-07-2014 at 19:19:05,85. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Ricardo\AppData\LocalLow\WINZIP_Pade8\zoek.exe [Scan all users] [Quick Scan] [Auto Clean] ==== Older Logs ====================== C:\zoek-results2013-12-06-180445.log 83629 bytes C:\zoek-results2014-02-22-225722.log 17134 bytes C:\zoek-results2014-02-22-233255.log 457 bytes C:\zoek-results2014-02-23-004617.log 13301 bytes C:\zoek-results2014-07-28-144157.log 19755 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Oracle deleted successfully C:\PROGRA~2\WinZipEC deleted successfully C:\Users\Ricardo\AppData\Roaming\Recordpad deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-1705988117-2768847543-2802782899-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{54739D49-AC03-4C57-9264-C5195596B3A1} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Ricardo\AppData\Local\Temp ==== 2014-07-29 17:14:49 001B7E9172710BBA7DCD5D943A8A9EF9 435560 ----a-w- C:\Users\Ricardo\AppData\Local\Temp\IntResource.dll ====== Java Cache ===== 2014-07-28 15:29:13 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Ricardo\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-7aeb2353 ====== C:\Windows\system32 ===== 2014-07-21 21:19:11 A2B305632AF76519BC47BD1576CAAEF7 339784 ----a-w- C:\Windows\System32\WPShellExt32.dll ====== C:\Windows\system32\drivers ===== 2014-07-09 15:00:58 D0B388DA1D111A34366E04EB4A5DD156 338944 ----a-w- C:\Windows\System32\drivers\afd.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C: ===== ====== C:\Users\Ricardo\AppData\Roaming ====== 2014-07-29 17:18:38 -------- d-----w- C:\Users\Ricardo\AppData\Locallow\WINZIP_Pade8 2014-07-28 14:34:47 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-07-28 14:34:45 -------- d-----w- C:\Users\Ricardo\AppData\Local\Temp ====== C:\Users\Ricardo ====== 2014-07-21 21:18:57 -------- d-----w- C:\ProgramData\Wondershare Player 2014-07-21 21:18:57 -------- d-----w- C:\ProgramData\Wondershare ====== C: exe-files == 2014-07-27 21:32:02 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\Ricardo\Desktop\pc\RSIT.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-1705988117-2768847543-2802782899-1001\Software\Microsoft\Windows\CurrentVersion\Run] "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "PopUpStopperFreeEdition"="C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"="C:\Program Files\AVG\AVG2013\avgui.exe /TRAYONLY" "BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "CanonMyPrinter"="C:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon" "CanonSolutionMenu"="C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "Wondershare Helper Compact.exe"="C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe" "DelaypluginInstall"="C:\ProgramData\Wondershare\Player\DelayPluginI.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EA Core"="C:\Program Files\Electronic Arts\EADM\Core.exe -silent" "PopUpStopperFreeEdition"="C:\PROGRA~1\PANICW~1\POP-UP~1\PSFree.exe" "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\\Users\\Ricardo\\AppData\\Local\\Linkey\\IEEXTE~1\\iedll.dll " ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [08-07-2014 23:43] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-03-2013 15:55] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31-03-2013 15:55] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\Windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\system32\tasks\NCH Software\WavePadReminder" [C:\Program Files\NCH Software\WavePad\WavePad.exe] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "Player@Wondershare.com"="C:\ProgramData\Wondershare\Player\Player@Wondershare.com" [21-07-2014 23:19] ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bkdegagmpemadclljncealhmmkojfoam - C:\ProgramData\Wondershare\Player\Player@Wondershare.com.crx[28-09-2013 13:59] Google Docs - Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Wallet - Ricardo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}&rlz=1I7WQIB_nlNL529" ==== Empty IE Cache ====================== C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ricardo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Ricardo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\SL9FBHMR will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Ricardo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2831 folders=301 371367616 bytes) ==== Empty Temp Folders ====================== C:\Users\Ricardo\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot