Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Patrick on ma 01-08-2016 at 21:43:50,58. Microsoft Windows 10 Pro 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Patrick\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 1-8-2016 21:45:23 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\DassaultSystemes deleted successfully C:\PROGRA~3\Simpoe deleted successfully C:\PROGRA~3\SoftwareDistribution deleted successfully C:\PROGRA~3\Synology deleted successfully C:\Users\Patrick\AppData\Local\ActiveSync deleted successfully C:\Users\Patrick\AppData\Local\DassaultSystemes deleted successfully C:\Users\Patrick\AppData\Local\PeerDistRepub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Patrick\.android deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\Syswow64\SET155A.tmp deleted C:\WINDOWS\Syswow64\SET156B.tmp deleted C:\WINDOWS\Syswow64\SET2EFB.tmp deleted C:\WINDOWS\Syswow64\SET2F8A.tmp deleted C:\WINDOWS\Syswow64\SET393F.tmp deleted C:\WINDOWS\Syswow64\SET42.tmp deleted C:\WINDOWS\Syswow64\SET4215.tmp deleted C:\WINDOWS\Syswow64\SET472.tmp deleted C:\WINDOWS\Syswow64\SET8025.tmp deleted C:\WINDOWS\Syswow64\SET80C3.tmp deleted C:\WINDOWS\Syswow64\SET83E9.tmp deleted C:\WINDOWS\Syswow64\SET8A45.tmp deleted C:\WINDOWS\Syswow64\SET91A1.tmp deleted C:\WINDOWS\Syswow64\SET91B2.tmp deleted C:\WINDOWS\Syswow64\SETC67.tmp deleted C:\WINDOWS\Syswow64\SETFF94.tmp deleted "C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job" deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-07-12 17:44:07 E396258CFD8F84E8F2C24930E6D88C67 4515256 ----a-w- C:\WINDOWS\explorer.exe 2016-07-12 17:43:36 430DE1635CE173440D34ABA1676113D7 994816 ----a-w- C:\WINDOWS\HelpPane.exe 2016-07-04 18:01:39 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\eDrawingOfficeAutomator.INI ====== C:\Users\Patrick\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-07-12 17:44:35 97BFC3BD9F910B24EB956FF3387C71CF 1987936 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-07-12 17:44:23 91A2D07C017068FD2F11414E8D676EC5 577376 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-07-12 17:44:14 66FDDD2004332EED0A8262E9762EB457 393568 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-07-12 17:44:06 5DFF4CF4DF7FD11AE5A1DAD8C67619D2 161632 ----a-w- C:\WINDOWS\Sysnative\drivers\ksecpkg.sys 2016-07-12 17:44:05 EF94E21C3220AE3F8539542EC0B3FF06 331616 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-07-12 17:44:05 309E3CFC5309CECD9317A69990716A87 604928 ----a-w- C:\WINDOWS\Sysnative\drivers\cng.sys 2016-07-12 17:44:01 549DFD8240CF20BFBD88AD9D89325DBF 530432 ----a-w- C:\WINDOWS\Sysnative\drivers\nwifi.sys 2016-07-12 17:43:01 CF63BF6AAEDF721E37F9E216FD321B8E 2403168 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-07-12 17:42:54 1CDA6D0A2345AA589949AE9C83853913 277856 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-07-06 02:59:02 1A31531632D6034C1BA6BCB84EAFDEA6 305032 ----a-w- C:\WINDOWS\Sysnative\drivers\amdacpksd.sys 2016-07-06 02:13:50 ED7C9D8ADC9526EB376D1AD84493432F 43520 ----a-w- C:\WINDOWS\Sysnative\drivers\ati2erec.dll ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-08-01 17:15:38 -------- d-----w- C:\Program Files\Common Files\DESIGNER 2016-08-01 16:05:09 -------- d-----w- C:\Program Files\trend micro 2016-07-12 20:42:18 -------- d-----w- C:\Program Files\CMAK 2016-07-04 18:35:04 -------- d-----w- C:\Program Files\PDFCreator 2016-07-04 17:48:53 -------- d---a-w- C:\Program Files\Common Files\SOLIDWORKS Shared 2016-07-04 17:48:33 -------- d-----w- C:\Program Files\Common Files\Macrovision Shared 2016-07-04 17:47:03 -------- d---a-w- C:\Program Files\Microsoft Visual Studio 8 2016-07-04 17:45:43 -------- d-----w- C:\Program Files\Microsoft Visual Studio 10.0 2016-07-04 17:45:34 -------- d-----w- C:\Program Files\Microsoft.NET 2016-07-04 17:44:39 -------- d---a-w- C:\Program Files\Microsoft SQL Server 2016-07-04 17:43:50 -------- d---a-w- C:\Program Files\Bonjour ======= C:\PROGRA~2 ===== 2016-08-01 19:41:21 -------- d-----w- C:\PROGRA~2\COMMON~1\Java 2016-07-12 20:42:18 -------- d-----w- C:\PROGRA~2\CMAK 2016-07-04 17:49:05 -------- d-----w- C:\PROGRA~2\NVIDIA Corporation 2016-07-04 17:48:32 -------- d-----w- C:\PROGRA~2\COMMON~1\SOLIDWORKS Shared 2016-07-04 17:47:09 -------- d-----w- C:\PROGRA~2\Windows Kits 2016-07-04 17:45:17 -------- d---a-w- C:\PROGRA~2\Microsoft SQL Server 2016-07-04 17:43:50 -------- d---a-w- C:\PROGRA~2\Bonjour 2016-07-04 17:43:29 -------- d-----w- C:\PROGRA~2\Microsoft Office 2016-07-04 17:43:28 -------- d-----w- C:\PROGRA~2\MSECache 2016-07-04 17:43:05 -------- d-----w- C:\PROGRA~2\COMMON~1\Macrovision Shared 2016-07-04 17:35:01 -------- d-----w- C:\PROGRA~2\COMMON~1\SOLIDWORKS Installation Manager ======= C: ===== ====== C:\Users\Patrick\AppData\Roaming ====== 2016-07-04 18:48:26 -------- d-----w- C:\Users\Patrick\AppData\Local\TempSWBackupDirectory 2016-07-04 18:48:16 -------- d-----w- C:\Users\Patrick\AppData\Local\SolidWorks ====== C:\Users\Patrick ====== 2016-08-01 19:41:12 -------- d-----w- C:\WINDOWS\SysNative\config\systemprofile\.oracle_jre_usage 2016-08-01 16:03:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Patrick\Downloads\RSITx64.exe 2016-07-04 18:37:53 -------- d-----w- C:\ProgramData\COSMOS Applications 2016-07-04 18:37:47 -------- d-----w- C:\ProgramData\SOLIDWORKS Flow Simulation 2016-07-04 17:50:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Tools 2016 2016-07-04 17:50:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS 2016 2016-07-04 17:48:53 -------- d---a-w- C:\ProgramData\SOLIDWORKS 2016-07-04 17:47:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Kits 2016-07-04 17:47:03 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005 2016-07-04 17:45:30 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2008 2016-07-04 17:45:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft SQL Server 2014 2016-07-04 17:43:50 -------- d-----w- C:\ProgramData\Apple 2016-07-04 17:43:13 -------- d-----w- C:\ProgramData\SOLIDWORKS Electrical 2016-07-04 17:43:07 -------- d-----w- C:\ProgramData\FLEXnet 2016-07-04 17:35:08 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SOLIDWORKS Installation Manager ====== C: exe-files == 2016-08-01 19:41:10 F9F130EACA7F3795A2DA8A5F429FA29E 111168 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jp2launcher.exe 2016-08-01 19:41:10 F5A8326F60A523701AEA7BEF036A7D37 206912 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\java.exe 2016-08-01 19:41:10 F073A5683918BCDDCEDF6A6800617E3D 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\rmid.exe 2016-08-01 19:41:10 F00EE26C813416BB4E91A13265FA4732 197184 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\unpack200.exe 2016-08-01 19:41:10 EC1D1720710B9E583EBFA3424CD0E6AC 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\keytool.exe 2016-08-01 19:41:10 B8C5B03DEFBA1449600DADE58DB396C7 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\pack200.exe 2016-08-01 19:41:10 B6B9EE2449BD243C7CC2186FE30A92B5 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\rmiregistry.exe 2016-08-01 19:41:10 A7A87F9DC6E630D38E1533F45D5A693B 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\ktab.exe 2016-08-01 19:41:10 99184E011BEC2254AB52A714CAE8B5BC 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\tnameserv.exe 2016-08-01 19:41:10 8EAB0A00BC60BEF1A5059D3A1E32B883 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\policytool.exe 2016-08-01 19:41:10 8202B34B1F4EC4981C8EE092DBA8C105 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jjs.exe 2016-08-01 19:41:10 797E9D8EB0F7B7B44C61D9CED0A187BC 15936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\java-rmi.exe 2016-08-01 19:41:10 78024CFE102D5BB48A473B2B0CCB9694 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\orbd.exe 2016-08-01 19:41:10 62CA41748E1E18A4A50DEE097FAF0BFC 318528 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javaws.exe 2016-08-01 19:41:10 4AFFF8F0F9A118876324EC94EFA34053 79936 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javacpl.exe 2016-08-01 19:41:10 484445BF924AF046659B4AC44C63EFE5 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\kinit.exe 2016-08-01 19:41:10 2CE4DC31DE438C559E7518647F761384 69696 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\ssvagent.exe 2016-08-01 19:41:10 2A4E3DE9C7DD69A5757AD0BB1359B51E 34368 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\jabswitch.exe 2016-08-01 19:41:10 1F53119455FDD6878698C3D39BEF6D8B 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\servertool.exe 2016-08-01 19:41:10 16D61617123CA3C2AB3E9727B3BCD55A 206912 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\javaw.exe 2016-08-01 19:41:10 0BA5EA8315FA9C293F22EBF32AF59559 16448 ----a-w- C:\Program Files\Java\jre1.8.0_101\bin\klist.exe 2016-08-01 19:40:47 78E00B88F4967B4162213602C0E08B02 741440 ----a-w- C:\Users\Patrick\AppData\Local\Temp\jre-8u101-windows-au.exe 2016-08-01 16:33:53 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe 2016-08-01 16:33:53 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe 2016-08-01 16:33:53 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe 2016-08-01 16:33:52 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe 2016-08-01 16:33:51 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe 2016-08-01 16:33:51 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe 2016-08-01 16:33:51 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe 2016-08-01 16:33:51 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe 2016-08-01 16:33:50 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.31.5\GoogleUpdateSetup.exe 2016-08-01 16:05:09 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Patrick.exe 2016-08-01 16:03:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Patrick\Downloads\RSITx64.exe 2016-07-28 17:56:29 946E8C3705E54367A10DB76B0E3B19BA 1554424 ----a-w- C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\SwReporter\8.62.4\software_reporter_tool.exe === C: other files == 2016-08-01 19:41:10 AA02DCA7BF2E25E6A6D552C5AE501AC4 14156 ----a-w- C:\Program Files\Java\jre1.8.0_101\lib\deploy\ffjcext.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-2845454513-1305070819-2722265083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Patrick\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Patrick\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.4\kpm.exe -autoStart" [HKEY_USERS\S-1-5-21-2845454513-1305070819-2722265083-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "VirtualCloneDrive"="C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe /s" "TrueImageMonitor.exe"="C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe" "AcronisTibMounterMonitor"="C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Spotify Web Helper"="C:\Users\Patrick\AppData\Roaming\Spotify\SpotifyWebHelper.exe" "Spotify"="C:\Users\Patrick\AppData\Roaming\Spotify\Spotify.exe -autostart -minimized" "kpm.exe"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Password Manager 8.0.4\kpm.exe -autoStart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Patrick\AppData\Local\Microsoft\OneDrive\17.3.5951.0827\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "XboxStat"="C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe silentrun" "EvtMgr6"="C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming" "Acronis Scheduler2 Service"="C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe" "Bluetooth Connection Assistant"="LBTWIZ.EXE -silent" "StartCN"="C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [12-02-2016 18:22] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\AMD Updater" ["C:\Program Files\AMD\CIM\\Bin64\InstallManagerApp.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\Motorola Device Manager Initial Update" ["C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"] "C:\WINDOWS\SysNative\tasks\Motorola Device Manager Update" ["C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe"] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "light_plugin_D772DC8D6FAF43A29B25C4EBAA5AD1DE@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox" [25-05-2016 19:57] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\jpx1a5b8.default - Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Total Security 16.0.0\FFExt\light_plugin_firefox AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\jpx1a5b8.default A63E5CB8C5424020CC170E2308DD36CE - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL - Microsoft Office 2016 D7C58215347321D835019C6115BDF3C3 - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - Microsoft Office 2016 ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions eahebamiopdhefndnmappcihfajigkka - https://chrome.google.com/webstore/detail/eahebamiopdhefndnmappcihfajigkka[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions gebpdbfmpedcnopofelmhndhincfkhki - https://chrome.google.com/webstore/detail/gebpdbfmpedcnopofelmhndhincfkhki[] Google Slides - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky Protection - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\eahebamiopdhefndnmappcihfajigkka Google Sheets - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Kaspersky Password Manager - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\gebpdbfmpedcnopofelmhndhincfkhki Google Docs Offline - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Patrick\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Patrick\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Patrick\AppData\Local\Mozilla\Firefox\Profiles\jpx1a5b8.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Patrick\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=86 folders=48 118534002 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Patrick\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 03-08-2016 at 20:41:04,69 ======================