Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Jarno on zo 15/05/2016 at 12:29:03,46. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jarno\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-05-15-093553.log 19953 bytes ==== Empty Folders Check ====================== C:\Users\Jarno\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768\extensions\marcoagpinto@mail.telepac.pt not found ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Jarno\AppData\Local\Temp ==== 2016-05-13 17:09:03 D4F0C16200B142D53AC77201201BAD30 45198968 ----a-w- C:\Users\Jarno\AppData\Local\Temp\SkypeSetup.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== 2016-05-11 14:10:52 2C052D70B5EE0CD36A443A93B3D4BB61 747520 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2016-05-11 14:10:46 3957B956A8D93FCF36624676F00254C9 20349952 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2016-05-11 14:10:44 4D66B5E150DB9AB782AA4C4D19DBFBC1 13811200 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2016-05-11 14:10:42 97FF3F35B8AF5A844ADA3D843DB02ED8 2285568 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2016-05-11 14:10:41 B83BB2A8904F3064DA6115751307E5D1 1311744 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2016-05-11 14:10:41 ADAA47B0B99DA9ADFA89DE826CA0C59A 2121216 ----a-w- C:\Windows\SysWOW64\wininet.dll 2016-05-11 14:10:40 EB34A7AE72C32C9D35C7BC477FA4605A 497152 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2016-05-11 14:10:40 6BC88E6733168768CA263C130BEAC5B6 663552 ----a-w- C:\Windows\SysWOW64\jscript.dll 2016-05-11 14:10:39 C02DA4FE089C3B87B6032F76772880C3 693248 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2016-05-11 14:10:39 7EC28F9D4F4082586C9DD408E0621664 4611072 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2016-05-11 14:10:38 A18720F16BE43A8E0E4C0BC27A6DCAEC 230400 ----a-w- C:\Windows\SysWOW64\webcheck.dll 2016-05-11 14:10:38 6B231DD95DCCF1AC3BC43DD75EF2881D 330752 ----a-w- C:\Windows\SysWOW64\iedkcs32.dll 2016-05-11 14:10:38 2BB9F4A3CEDD8717F505DA54EABB5353 2056192 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2016-05-11 14:10:38 0F1B9729B26897D85D494AF6A6C9EBBA 880128 ----a-w- C:\Windows\SysWOW64\inetcomm.dll 2016-05-11 14:10:37 3AA7529B0170C9411ACC52AC826D4AC6 710144 ----a-w- C:\Windows\SysWOW64\ieapfltr.dll 2016-05-11 14:10:04 AC90F437FCCDFE307F5E275300448229 324096 ----a-w- C:\Windows\SysWOW64\certcli.dll 2016-05-11 14:10:03 8FCB074D10FD42CF34F3E57317A154B4 120384 ----a-w- C:\Windows\SysWOW64\ncrypt.dll 2016-05-11 14:10:03 297B821D5ABD57A6785E033373C7BDBB 357888 ----a-w- C:\Windows\SysWOW64\schannel.dll 2016-05-11 14:09:56 C9F702A1C979C4DAF192C0A66BD4EB97 375296 ----a-w- C:\Windows\SysWOW64\Windows.UI.dll 2016-05-11 14:09:55 422CCE58B99B9CE19B168CD9FBC21098 1489088 ----a-w- C:\Windows\SysWOW64\WindowsCodecs.dll 2016-05-11 14:09:25 122615F08619200CF3DE24356F218686 24064 ----a-w- C:\Windows\SysWOW64\dsparse.dll 2016-05-11 14:09:20 69B6C853389A021181E4A636509C6D3C 148480 ----a-w- C:\Windows\SysWOW64\shacct.dll 2016-05-11 14:09:19 5A3661D21EF0992FE01648CAAD7A59C2 613624 ----a-w- C:\Windows\SysWOW64\d3d10level9.dll 2016-05-11 14:09:18 6B69C75E643CA4D4A4A744275E3D090C 3273728 ----a-w- C:\Windows\SysWOW64\rdpcore.dll 2016-05-11 14:09:18 302E1923C9400A8C73DA31C2D30CCCE9 1097728 ----a-w- C:\Windows\SysWOW64\gdi32.dll 2016-05-11 14:09:16 4B86791BA7D8C6BD1CEFA0DDB65396F5 332632 ----a-w- C:\Windows\SysWOW64\msv1_0.dll 2016-05-11 14:09:14 9F8CCC693334EABE9AD9C61C8263A84B 121912 ----a-w- C:\Windows\SysWOW64\IPHLPAPI.DLL 2016-05-11 14:09:14 2628B78AE60DB44D9E2531ED10F636BF 413696 ----a-w- C:\Windows\SysWOW64\webio.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2016-05-11 14:10:52 2522D170C08F370A208D1305DD580909 1307328 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2016-05-11 14:10:47 64F25610D4F677148017D9F01B5FDC69 25816576 ----a-w- C:\Windows\Sysnative\mshtml.dll 2016-05-11 14:10:45 A74FB225357C8E7C2112C599E5EAE95E 15414784 ----a-w- C:\Windows\Sysnative\ieframe.dll 2016-05-11 14:10:43 3686C1F2EDCCF598B4AFE311372049F6 6052864 ----a-w- C:\Windows\Sysnative\jscript9.dll 2016-05-11 14:10:42 EECA7ADD719740725ED188A31988E322 2893312 ----a-w- C:\Windows\Sysnative\iertutil.dll 2016-05-11 14:10:41 89FAAF50369E9544BCFEBCC81FD29130 1547264 ----a-w- C:\Windows\Sysnative\urlmon.dll 2016-05-11 14:10:41 6C4F624735E4BA0C4BE1707D9F34CEE3 2596864 ----a-w- C:\Windows\Sysnative\wininet.dll 2016-05-11 14:10:40 6672DAB7D61F0117BEE21C55B4AD3C79 571904 ----a-w- C:\Windows\Sysnative\vbscript.dll 2016-05-11 14:10:40 1E817B477A24DDEDFE932642503EB258 817664 ----a-w- C:\Windows\Sysnative\jscript.dll 2016-05-11 14:10:39 E86C218BE4E3765B04ED3804CC05F565 806400 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2016-05-11 14:10:39 E285E684F8D2F1E605907BAE3754BA43 2131968 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2016-05-11 14:10:39 409E41B414EC2CC455A7C3841D712FC7 262144 ----a-w- C:\Windows\Sysnative\webcheck.dll 2016-05-11 14:10:38 B98874A0C470FAD4ADDA8E37FB77C11B 725504 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2016-05-11 14:10:38 9B98F98DEBFCA700397C9341D98FC53A 379392 ----a-w- C:\Windows\Sysnative\iedkcs32.dll 2016-05-11 14:10:38 6BAD53D26A73767B926EE95D746B2BBF 1032704 ----a-w- C:\Windows\Sysnative\inetcomm.dll 2016-05-11 14:10:38 5BABB3114CD3F34BE671E34F75FA02CF 800768 ----a-w- C:\Windows\Sysnative\ieapfltr.dll 2016-05-11 14:10:04 D66C29AA6A47882522DD25688D4C4582 445440 ----a-w- C:\Windows\Sysnative\certcli.dll 2016-05-11 14:10:04 652AA2441A0FC8D8C84FB87455F67B2D 1441792 ----a-w- C:\Windows\Sysnative\lsasrv.dll 2016-05-11 14:10:03 F1DA9359F0D6DC973A2C5E581C6B0102 137976 ----a-w- C:\Windows\Sysnative\ncrypt.dll 2016-05-11 14:10:03 0C8C1AE7F00FC57059A4FF436EC9721B 432128 ----a-w- C:\Windows\Sysnative\schannel.dll 2016-05-11 14:09:56 798EBF3B914E9D9CEC93347737A203B0 1763376 ----a-w- C:\Windows\Sysnative\WindowsCodecs.dll 2016-05-11 14:09:56 5A6747C670FC0C6AA6E94A042EEF0F35 534016 ----a-w- C:\Windows\Sysnative\Windows.UI.dll 2016-05-11 14:09:54 EDCEF1F7686E89E52D7E59B7CE738BBE 7446368 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2016-05-11 14:09:25 D617C4C865117619E13242F8B4152A8E 30208 ----a-w- C:\Windows\Sysnative\dsparse.dll 2016-05-11 14:09:20 45769B22A8EB51DB984DB6758AF1237B 192512 ----a-w- C:\Windows\Sysnative\shacct.dll 2016-05-11 14:09:19 C9586D8BB5AA9AC5D7441E8F3FA4CD35 3547648 ----a-w- C:\Windows\Sysnative\rdpcorets.dll 2016-05-11 14:09:19 BBC8EC3406112E34B8D2F99380A50780 131584 ----a-w- C:\Windows\Sysnative\rdpudd.dll 2016-05-11 14:09:19 1C96B7607E6E4BF21C591A6E6F0C1009 738096 ----a-w- C:\Windows\Sysnative\d3d10level9.dll 2016-05-11 14:09:18 C554A6D7367F5E7FD98533961438B43C 1380600 ----a-w- C:\Windows\Sysnative\gdi32.dll 2016-05-11 14:09:18 B3AC5570AFE9EBA0C0FE3E36035DB5D8 3820544 ----a-w- C:\Windows\Sysnative\rdpcore.dll 2016-05-11 14:09:16 65CC954FD276201105A42C8329CC5901 442712 ----a-w- C:\Windows\Sysnative\msv1_0.dll 2016-05-11 14:09:16 5BF98144739F81C1F40BBE63E6E6A2A5 186880 ----a-w- C:\Windows\Sysnative\dpapisrv.dll 2016-05-11 14:09:14 6C833AC1E78CF38687363BE88CF64C66 510976 ----a-w- C:\Windows\Sysnative\webio.dll 2016-05-11 14:09:14 4179C792BF1A10DD1197DA56FF8A0380 160160 ----a-w- C:\Windows\Sysnative\IPHLPAPI.DLL 2016-05-11 14:09:04 A49244CB9D653CCED807A7A6663D646F 4169216 ----a-w- C:\Windows\Sysnative\win32k.sys ====== C:\Windows\Sysnative\drivers ===== 2016-05-11 14:10:04 FE219A7107C4BC3BBC35D6CDC281612C 201728 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb20.sys 2016-05-11 14:10:04 D7C9BC4D37BF08C7DD436A0A5F321668 284672 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb10.sys 2016-05-11 14:10:04 6A48941C527C8C51051A1514C5B23A31 561960 ----a-w- C:\Windows\Sysnative\drivers\cng.sys 2016-05-11 14:10:04 5DCD41F62F71519D2A46D41F60C69B0C 401920 ----a-w- C:\Windows\Sysnative\drivers\mrxsmb.sys 2016-05-11 14:09:15 17F7B0F2298D97F4B6C7A69511033D3D 316760 ----a-w- C:\Windows\Sysnative\drivers\volsnap.sys 2016-05-11 14:09:14 1C8560E3A37A9D4F25B7769C3E3D4163 2466136 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2016-05-11 14:09:06 436E1A724E7E683F6B612D3D58F04241 74584 ----a-w- C:\Windows\Sysnative\drivers\volmgr.sys 2016-05-11 14:09:05 F74B839FA0F4E6060CA1DA6B8DA17941 1549144 ----a-w- C:\Windows\Sysnative\drivers\dxgkrnl.sys ====== C:\Windows\Tasks ====== 2016-05-11 13:56:35 A121F6935F7D8DBDE8AD0D05B837AE9C 1026 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-506317321-575504820-1641975243-1001Core1d1ab8cee2acde8.job 2016-05-10 16:05:49 6B09FDCDD867B468D6D2D1F038B27F0F 3334 ----a-w- C:\Windows\Sysnative\Tasks\AcerCloud ====== C:\Windows\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== 2016-05-05 18:29:41 -------- d-----w- C:\PROGRA~2\COMMON~1\Steam ======= C: ===== 2016-05-05 19:06:25 968272E2F4E52EAF6C0386E9C33C0A3C 7206 ----a-w- C:\cc_20160505_210624.reg 2016-04-16 17:26:50 A178C4D8B4FEBD8BEE5D62161C4942B6 19456 ----a-w- C:\cc_20160416_192647.reg ====== C:\Users\Jarno\AppData\Roaming ====== 2016-05-05 18:48:29 -------- d-----w- C:\Users\Jarno\AppData\Local\Steam 2016-05-05 18:48:29 -------- d-----w- C:\Users\Jarno\AppData\Local\CEF 2016-05-05 18:31:13 -------- d-----w- C:\Windows\SysNative\config\systemprofile\AppData\Local\CrashDumps 2016-05-05 09:58:42 C4AE33185C2DD0309939F8C2117834B9 4680 ----a-w- C:\Users\Jarno\AppData\Local\recently-used.xbel 2016-04-21 16:07:58 -------- d-----w- C:\Users\Jarno\AppData\Locallow\Temp ====== C:\Users\Jarno ====== 2016-05-14 18:40:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jarno\Downloads\RSITx64.exe 2016-05-05 19:04:58 56427CD7A2529AEAB14A7FEA8F945554 6882192 ----a-w- C:\Users\Jarno\Downloads\ccsetup517.exe 2016-05-05 18:29:14 29A81479AA8F1B8E0BDA041DB07B97BC 1380712 ----a-w- C:\Users\Jarno\Downloads\SteamSetup.exe ====== C: exe-files == 2016-05-14 18:40:20 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Jarno\Downloads\RSITx64.exe 2016-05-13 17:09:03 D4F0C16200B142D53AC77201201BAD30 45198968 ----a-w- C:\Users\Jarno\AppData\Local\Temp\SkypeSetup.exe 2016-05-13 15:59:11 D082244C4477F0457967C9748E60B44D 1186968 ----a-w- C:\Windows\Temp\CR_1B1C3.tmp\setup.exe 2016-05-13 15:59:11 967B748ECB8AC2345B8D10F19D1E31AC 1295448 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\50.0.2661.102\50.0.2661.102_50.0.2661.94_chrome_updater.exe 2016-05-11 14:54:40 E8B364111F317A60DF073826E628FF6F 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe 2016-05-11 14:54:40 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateSetup.exe 2016-05-11 14:54:40 54D932590CEAB260ADC4FF79797B21D9 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe 2016-05-11 14:54:40 108CB30A5B4C5247E414A3086458FCFC 92824 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateBroker.exe 2016-05-11 14:54:38 A425CDCEB9D26E9A5ABAFA259799D447 312472 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler64.exe 2016-05-11 14:54:38 56FE3C885B0901601549E23E7A435984 250008 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleCrashHandler.exe 2016-05-11 14:54:38 50FCC5C822A6B4FC6F377EE9F9F37C7B 152216 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdate.exe 2016-05-11 14:54:38 13FF5C375BD0C702EA1252E79592692F 135832 ----atw- C:\Program Files (x86)\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe 2016-05-11 14:54:36 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe 2016-05-11 14:10:40 D41FFBC03E046425C434740345A89D3B 474112 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe 2016-05-11 14:10:40 7ABF69D5BB45C519BBE75125DD9C8727 491008 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe 2016-05-11 14:10:38 B98874A0C470FAD4ADDA8E37FB77C11B 725504 ----a-w- C:\Windows\System32\ie4uinit.exe 2016-05-11 14:09:54 EDCEF1F7686E89E52D7E59B7CE738BBE 7446368 ----a-w- C:\Windows\System32\ntoskrnl.exe 2016-05-11 14:09:23 89F5548E5EB7E399AB6A2670252DDFD5 513536 ----a-w- C:\Windows\System32\wbem\WmiPrvSE.exe 2016-05-11 14:09:23 359FCDB6D1D42317A29CEBCCD690604C 419328 ----a-w- C:\Windows\SysWOW64\wbem\WmiPrvSE.exe 2016-05-11 13:56:34 E8B364111F317A60DF073826E628FF6F 92824 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateOnDemand.exe 2016-05-11 13:56:34 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateSetup.exe 2016-05-11 13:56:34 54D932590CEAB260ADC4FF79797B21D9 92824 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateWebPlugin.exe 2016-05-11 13:56:34 108CB30A5B4C5247E414A3086458FCFC 92824 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateBroker.exe 2016-05-11 13:56:32 A425CDCEB9D26E9A5ABAFA259799D447 312472 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleCrashHandler64.exe 2016-05-11 13:56:32 56FE3C885B0901601549E23E7A435984 250008 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleCrashHandler.exe 2016-05-11 13:56:32 13FF5C375BD0C702EA1252E79592692F 135832 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdateComRegisterShell64.exe 2016-05-11 13:56:31 50FCC5C822A6B4FC6F377EE9F9F37C7B 152216 ----atw- C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\GoogleUpdate.exe 2016-05-11 13:56:26 5AB2C2DBC3108A2F7275A2F232FA8036 987040 ----a-w- C:\Users\Jarno\AppData\Local\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.30.3\GoogleUpdateSetup.exe 2016-05-10 16:04:25 43FC1C7958BBF4059F416D80DEDCECDD 1675480 ----a-w- C:\Users\Jarno\AppData\Local\clear.fi\Portal\PortalInstaller\AcerPortalSetup.exe 2016-05-10 16:04:22 DF259FD723526A65404DB4380CF8A520 31308908 ----a-w- C:\Users\Jarno\AppData\Local\clear.fi\Portal\PortalInstaller\AcerPortal.exe 2016-05-10 16:04:18 2DFBFDAE34206CA781E0CAA64B10EA6C 32251960 ----a-w- C:\Users\Jarno\AppData\Local\clear.fi\Portal\AcerPortalSetup.exe === C: other files == 2016-05-15 09:36:25 0B28E9A8A36FD0718C261E7D19256852 4870 ----a-w- C:\Users\Jarno\AppData\Local\Temp\xpi\tmp.zip 2016-05-11 14:10:04 FE219A7107C4BC3BBC35D6CDC281612C 201728 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2016-05-11 14:10:04 D7C9BC4D37BF08C7DD436A0A5F321668 284672 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2016-05-11 14:10:04 6A48941C527C8C51051A1514C5B23A31 561960 ----a-w- C:\Windows\System32\drivers\cng.sys 2016-05-11 14:10:04 5DCD41F62F71519D2A46D41F60C69B0C 401920 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2016-05-11 14:09:15 17F7B0F2298D97F4B6C7A69511033D3D 316760 ----a-w- C:\Windows\System32\drivers\volsnap.sys 2016-05-11 14:09:14 1C8560E3A37A9D4F25B7769C3E3D4163 2466136 ----a-w- C:\Windows\System32\drivers\tcpip.sys 2016-05-11 14:09:06 436E1A724E7E683F6B612D3D58F04241 74584 ----a-w- C:\Windows\System32\drivers\volmgr.sys 2016-05-11 14:09:05 F74B839FA0F4E6060CA1DA6B8DA17941 1549144 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys 2016-05-11 14:09:04 A49244CB9D653CCED807A7A6663D646F 4169216 ----a-w- C:\Windows\System32\win32k.sys 2016-05-10 16:04:16 74E5937FB8D0D7D82D81B32A76CEF792 31861928 ----a-w- C:\Users\Jarno\AppData\Local\clear.fi\Portal.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-506317321-575504820-1641975243-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Google Update"="C:\Users\Jarno\AppData\Local\Google\Update\GoogleUpdate.exe /c" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Google Update"="C:\Users\Jarno\AppData\Local\Google\Update\GoogleUpdate.exe /c" ==== Startup Folders ====================== 2015-02-06 16:55:30 850 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/05/2016 19:34] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/03/2016 12:49] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02/03/2016 12:49] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-506317321-575504820-1641975243-1001Core.job --a-------- C:\Users\Jarno\AppData\Local\Google\Update\GoogleUpdate.exe [02/03/2016 12:49] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-506317321-575504820-1641975243-1001Core1d17e1e7e775520.job --a-------- C:\Users\Jarno\AppData\Local\Google\Update\GoogleUpdate.exe [02/03/2016 12:49] C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-506317321-575504820-1641975243-1001Core1d1ab8cee2acde8.job --a-------- C:\Users\Jarno\AppData\Local\Google\Update\GoogleUpdate.exe [02/03/2016 12:49] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\abDocsDllLoader" [C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe] "C:\Windows\SysNative\tasks\ACC" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe] "C:\Windows\SysNative\tasks\ACCAgent" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe] "C:\Windows\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\Windows\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"] "C:\Windows\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\Windows\SysNative\tasks\Quick Access Quick Launcher" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\Windows\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{253F7A1D-A924-450A-B630-905C5BBA6902}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768 user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:home"); ==== Firefox Extensions ====================== ProfilePath: C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768 - United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org - Undetermined - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi - New Tab Homepage - %ProfilePath%\extensions\{66E978CD-981F-47DF-AC42-E3CF417C1467}.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Skype - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768 258693279212838A6A879A69A17BE215 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_242.dll - Shockwave Flash 7FEBFE86DA24919D3CCAC7C108825C22 - C:\Users\Jarno\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi.dll - Skype Web Plugin C426F7E678D6E539041847556059D5E8 - C:\Users\Jarno\AppData\Local\Google\Update\1.3.30.3\npGoogleUpdate3.dll - Google Update 20FF20FBC1F20ADEC0AD6AF98ABE9545 - C:\Users\Jarno\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - Google Talk Plugin 57D28190C994AD5E9B1007FB2259393A - C:\Users\Jarno\AppData\Roaming\Mozilla\plugins\npo1d.dll - Google Talk Plugin Video Renderer 64F3C6B959B2B20D87DA5B1886FCE3A7 - C:\Users\Jarno\AppData\Local\SkypePlugin\7.12.0.55\npGatewayNpapi-x64.dll - Skype Web Plugin ==== Chromium Look ====================== Google Docs - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo uBlockâ‚€ - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm Google Search - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Jarno\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130906988697429253&GUID=E3180004-DBDD-4F7C-81C7-3B4DD76D4EB2" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkID=617910&ResetID=130906988697429253&GUID=E3180004-DBDD-4F7C-81C7-3B4DD76D4EB2" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{E6B739CF-D525-4225-A973-9ACF1379AA21}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\SearchScopes\{E6B739CF-D525-4225-A973-9ACF1379AA21} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKLM\Wow6432Node\SearchScopes "DefaultScope"="{E6B739CF-D525-4225-A973-9ACF1379AA21}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value HKLM\Wow6432Node\SearchScopes\{E6B739CF-D525-4225-A973-9ACF1379AA21} - http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=ACJB HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{E6B739CF-D525-4225-A973-9ACF1379AA21} - No_Url_Value ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jarno\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jarno\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Jarno\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Jarno\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Jarno\AppData\Local\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768\cache2 emptied successfully C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768\storage\default\https+++www.letras.mus.br\cache emptied successfully C:\Users\Jarno\AppData\Roaming\Mozilla\Firefox\Profiles\pevgrkp3.default-1442753370768\storage\default\https+++www.pinterest.com\cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Jarno\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=9 folders=3 1159484 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Jarno\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jarno\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on zo 15/05/2016 at 12:48:22,57 ======================