Zoek.exe v5.0.0.1 Updated 19-September-2016 Tool run by Krista on ma 26/12/2016 at 13:39:41,69. Microsoft Windows 10 Home 10.0.14393 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Krista\Downloads\zoek (3).exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2016-12-01-154545.log 19410 bytes C:\zoek-results2016-12-04-214847.log 78162 bytes ==== Empty Folders Check ====================== C:\Users\Krista\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\Users\Krista\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2016-11-29 15:56:35 BCDB205132974EC3AB6F5C01DD93489B 130560 ----a-w- C:\WINDOWS\splwow64.exe 2016-11-29 15:56:31 43BF96FCF50945BE35C22206980C9068 4673304 ----a-w- C:\WINDOWS\explorer.exe ====== C:\Users\Krista\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2016-11-29 15:59:02 E6D5762958A839B119C041256149AAD6 967168 ----a-w- C:\WINDOWS\Sysnative\drivers\bthport.sys 2016-11-29 15:58:59 39591D8510CEC3BA6ED4330EE689B791 376672 ----a-w- C:\WINDOWS\Sysnative\drivers\clfs.sys 2016-11-29 15:58:56 3DFBB8B3F8BC0A91297030D0E530BA37 79200 ----a-w- C:\WINDOWS\Sysnative\drivers\crashdmp.sys 2016-11-29 15:58:53 DEA44117F9EE53EAFCE555C0A9B108C6 509280 ----a-w- C:\WINDOWS\Sysnative\drivers\storport.sys 2016-11-29 15:58:53 9CD2A4821DE379305CACB2E99AD8953A 101888 ----a-w- C:\WINDOWS\Sysnative\drivers\bowser.sys 2016-11-29 15:58:45 C1E85B4FB08B4CCF16841B165910148B 258560 ----a-w- C:\WINDOWS\Sysnative\drivers\xboxgip.sys 2016-11-29 15:58:45 25D32BE04FE0A23FDF57FD5382757672 143872 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys 2016-11-29 15:58:31 A10C7C1E69FC90620C7BF2E51302A01F 1100128 ----a-w- C:\WINDOWS\Sysnative\drivers\http.sys 2016-11-29 15:57:47 46ADD0CD4473AAEF1C68266A803F704D 714592 ----a-w- C:\WINDOWS\Sysnative\drivers\vhdmp.sys 2016-11-29 15:55:52 7C3D10BEC8B0DBA00A78C78EB10B3AE2 279904 ----a-w- C:\WINDOWS\Sysnative\drivers\sdbus.sys 2016-11-29 15:55:39 DB69C6DA8B3DDFDC547D455CA23A8250 2255712 ----a-w- C:\WINDOWS\Sysnative\drivers\ntfs.sys 2016-11-29 15:55:35 FFFBB40B9C7AD811AA6EA74A0A6168B1 187232 ----a-w- C:\WINDOWS\Sysnative\drivers\dumpsd.sys 2016-11-29 15:55:26 5157325B17E455D9DF7AFBB4B608E78A 156672 ----a-w- C:\WINDOWS\Sysnative\drivers\hidclass.sys 2016-11-29 15:54:48 5BEE032780FCE432A80E58C14CDEA965 402272 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms1.sys 2016-11-29 15:54:41 72C828E0A21020FC6723A940A8F2F085 658272 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgmms2.sys 2016-11-29 15:54:41 125C83C44EEE61E2ED5893F23AEF0FC9 2190688 ----a-w- C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys 2016-11-29 15:54:20 0D1D392ED2597F295956D058D33BD7C3 144896 ----a-w- C:\WINDOWS\Sysnative\drivers\dfsc.sys 2016-11-29 15:54:16 039B5A8CBD5C75D1C46DF15F7C74D136 63328 ----a-w- C:\WINDOWS\Sysnative\drivers\dam.sys 2016-11-29 15:53:48 D5564FC81350458ED570528C4E3B1CCF 1181536 ----a-w- C:\WINDOWS\Sysnative\drivers\ndis.sys 2016-11-29 15:53:48 2CF0CB2A0ED68C5455371E84C16F9627 64352 ----a-w- C:\WINDOWS\Sysnative\drivers\MegaSas2i.sys 2016-11-29 15:53:47 101CC1FD8D48ED1EF71F0840158D0E6D 335712 ----a-w- C:\WINDOWS\Sysnative\drivers\pci.sys 2016-11-29 15:53:44 C994DF90427103CCB80F893FFD2B1CE8 557408 ----a-w- C:\WINDOWS\Sysnative\drivers\spaceport.sys 2016-11-29 15:53:05 4F25E481124059CC593B4C68BC485640 2537824 ----a-w- C:\WINDOWS\Sysnative\drivers\tcpip.sys 2016-11-29 15:53:01 323AA1953ED9C01E23F740FA891FE064 584032 ----a-w- C:\WINDOWS\Sysnative\drivers\afd.sys 2016-11-29 15:53:00 23522E5D581F7722B1B5B86737CAE39C 227328 ----a-w- C:\WINDOWS\Sysnative\drivers\ahcache.sys 2016-11-29 15:52:59 DB32758F3A7F6CCE81A5430080A2EA65 48992 ----a-w- C:\WINDOWS\Sysnative\drivers\iorate.sys 2016-11-29 15:52:53 B23596AFC687B5256CCD7DD429E2E6FB 409952 ----a-w- C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS 2016-11-29 15:52:47 E5E5D9E317739CEE510EAF46C88A7C38 128864 ----a-w- C:\WINDOWS\Sysnative\drivers\tm.sys 2016-11-29 15:52:43 60EB6A4CE3E21887D302350631C16F26 118272 ----a-w- C:\WINDOWS\Sysnative\drivers\capimg.sys ====== C:\WINDOWS\Tasks ====== 2016-12-26 12:29:27 CA7842933AA21851304F028AF45FA023 3276 ----a-w- C:\WINDOWS\Sysnative\Tasks\OneDrive Standalone Update Task v2 2016-11-28 19:56:17 35B15C1D9E55F5FE523740536081C896 214 ----a-w- C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-11-28 20:45:41 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Krista\AppData\Roaming ====== 2016-12-06 00:12:16 -------- d-----w- C:\Users\Krista\AppData\Local\ESET 2016-12-04 21:47:01 -------- d-----w- C:\Users\Krista\AppData\Local\Temp ====== C:\Users\Krista ====== ====== C: exe-files == 2016-12-26 12:43:27 CB7A4790615372ACC501E0AA35106ED7 2248184 ----a-w- C:\Users\Krista\AppData\Local\Google\Chrome\User Data\SwReporter\15.85.1\software_reporter_tool.exe 2016-12-26 12:29:22 345D131E3C8E4D2794EC750104716DA4 1669856 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe 2016-12-26 12:29:12 847D3A328291E7B91E79F8CB1DA1141B 21628640 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe 2016-12-26 12:29:12 847D3A328291E7B91E79F8CB1DA1141B 21628640 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\OneDriveSetup.exe 2016-12-26 12:28:04 F9813C456FE75D614116199B3E138D65 229088 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileSyncConfig.exe 2016-12-26 12:27:56 7EA564DB7A3D890EC000D2F7812EDF10 215264 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\FileCoAuth.exe 2016-12-26 12:19:45 62014E15B08D9F260B95307B1BB89A92 13983608 ----a-w- C:\Program Files (x86)\Google\Update\Install\{9DBDC537-2489-4403-9511-F4C8F77C8901}\55.0.2883.87_54.0.2840.99_chrome_updater.exe 2016-12-26 12:19:44 62014E15B08D9F260B95307B1BB89A92 13983608 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\55.0.2883.87\55.0.2883.87_54.0.2840.99_chrome_updater.exe 2016-12-26 12:18:43 143764812788E9798A802E13D3A0205F 578912 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\orgchart.exe 2016-12-26 12:18:41 9E1877459813DAD17E75C0C796A840FC 883928 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\protocolhandler.exe 2016-12-26 12:18:36 EE0869265721CE2B1AEE84EA4B1A3B48 21956800 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excelcnv.exe 2016-12-26 12:18:34 63D04AE0A19A94C02C4122927BBD2567 8022824 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE15\cmigrate.exe 2016-12-26 12:18:33 ECEE76A1EC236FE36E1E02066314C896 25739448 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\excel.exe 2016-12-26 12:18:32 066A65EC69865E240D3338C4CD7BE691 48840 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\appsharinghookcontroller64.exe 2016-12-26 12:18:29 F576B78EC68EF8549B2D19F740CC2F64 559856 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\msosqm.exe 2016-12-26 12:18:29 45C57861B280916237A3A60B175F92B1 1163560 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\olicenseheartbeat.exe 2016-12-26 12:18:23 68CD12F331DB99174E23C33E98BEFD0C 5862696 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\cmigrate.exe 2016-12-26 12:18:22 F6232FE29F45C34FF663905DEC7736C8 538368 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\vpreview.exe 2016-12-26 12:18:22 9F8BDC4269C8F4D8399555A530FE363D 483656 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dwtrig20.exe 2016-12-26 12:18:22 0B7DDA9DF38C2B96F55A83F1A8414BB0 851736 ----a-w- C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\DW\dw20.exe 2016-12-26 12:18:21 D269DFCE021424BB062EA92B86452917 490272 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\selfcert.exe 2016-12-26 12:18:20 B80D7665AB1274086A4CB3F52C115FD4 526680 ----a-w- C:\Program Files\Microsoft Office 15\root\office15\iecontentservice.exe 2016-12-26 12:14:14 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateSetup.exe 2016-12-26 12:14:14 5E7ADCF81096860FED5AB569A8ADE3AB 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateOnDemand.exe 2016-12-26 12:14:14 57769E78CCB9F3DE92B507B72D49AF99 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateBroker.exe 2016-12-26 12:14:14 33DF23DDDE222C6270C99885D7A70DE2 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateWebPlugin.exe 2016-12-26 12:14:13 FE9E6388A039441098EB09C070EA5049 601752 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateCore.exe 2016-12-26 12:14:13 FE40EC349D80C0ED24A5808DCFE9A0D2 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe 2016-12-26 12:14:13 FACC7DC5EEF8AF0D969BC2481AAA3EFC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdateComRegisterShell64.exe 2016-12-26 12:14:13 B5C7D56B6DB76C66E24B4B735BB66509 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe 2016-12-26 12:14:13 2D8BBF6C7241AAD9EDE7708EBB7B43A4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleUpdate.exe 2016-12-26 12:14:12 FCAEDFFAA41EA74BA53FDADABBB8B21A 1129376 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.32.7\GoogleUpdateSetup.exe === C: other files == 2016-12-26 12:27:53 8CF4163521FDB8E53482003C7EFA7121 5850 ----a-w- C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6720.1207\CollectOneDriveLogs.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-1842194742-782957760-2676667981-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Krista\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP Deskjet 3050 J610 series (NET)"="C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe -deviceID CN07D13KJX05HX:NW -scfn HP Deskjet 3050 J610 series (NET) -AutoStart 1" [HKEY_USERS\S-1-5-21-1842194742-782957760-2676667981-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall 17.3.6517.0809_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64" "Uninstall 17.3.6517.0809_1"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "MyDriveConnect.exe"="C:\Program Files (x86)\MyDrive Connect\TomTom MyDrive Connect.exe" "Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe" "OneDrive"="C:\Users\Krista\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "HP Deskjet 3050 J610 series (NET)"="C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\ScanToPCActivationApp.exe -deviceID CN07D13KJX05HX:NW -scfn HP Deskjet 3050 J610 series (NET) -AutoStart 1" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall 17.3.6517.0809_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1\amd64" "Uninstall 17.3.6517.0809_1"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6517.0809_1" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\CreateExplorerShellUnelevatedTask.job --a-------- C:\WINDOWS\explorer.exe [02/11/2016 11:59] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ACC" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe] "C:\WINDOWS\SysNative\tasks\ACCAgent" [C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe] "C:\WINDOWS\SysNative\tasks\AcerCloud" [C:\Program Files (x86)\Acer\Acer Portal\AcerPortal.exe] "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\BacKGroundAgent" [C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Deskjet 3050 J610 series" ["C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\Krista\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task v2" [%localappdata%\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTrayLauncher.exe"] "C:\WINDOWS\SysNative\tasks\Quick Access" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\WINDOWS\SysNative\tasks\Quick Access Quick Launcher" ["C:\Program Files\Acer\Acer Quick Access\QALauncher.exe"] "C:\WINDOWS\SysNative\tasks\SafeZone scheduled Autoupdate 1468518704" [C:\Program Files\AVAST Software\SZBrowser\launcher.exe] "C:\WINDOWS\SysNative\tasks\SweetLabs App Platform" [%LOCALAPPDATA%\SweetLabs App Platform\Engine\ServiceHostAppUpdater.exe] "C:\WINDOWS\SysNative\tasks\UbtFrameworkService" ["C:\Program Files\Acer\User Experience Improvement Program\Framework\TriggerFramework.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{B35A5093-95BE-4D35-AEDA-9D0D81D410CE}" [C:\Windows\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater" [C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe] "C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [27/11/2016 21:21] [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "sp@avast.com"="C:\Program Files\AVAST Software\Avast\SafePrice\FF" [27/11/2016 21:21] ==== Chromium Look ====================== Google Slides - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Sheets - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Chrome Web Store Payments - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Krista\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://acer13.msn.com/?pc=ACJB" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://acer13.msn.com/?pc=ACJB" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} ==== Reset Google Chrome ====================== C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Krista\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Krista\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Krista\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Krista\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Krista\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=5973 folders=246 400577218 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Krista\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on ma 26/12/2016 at 14:36:29,00 ======================