Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by Tinne on wo 03-08-2016 at 18:32:19,96. Microsoft Windows 10 Home 10.0.10586 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Tinne\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 3-8-2016 18:34:13 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MSXML 4.0 deleted successfully C:\PROGRA~2\COMMON~1\Panda Security deleted successfully C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully C:\Program Files\Google deleted successfully C:\Program Files\log deleted successfully C:\Program Files\Common Files\AV deleted successfully C:\PROGRA~3\Comms deleted successfully C:\PROGRA~3\Symantec deleted successfully C:\Users\Tinne\AppData\Local\ActiveSync deleted successfully C:\Users\Tinne\AppData\Local\Cyberlink deleted successfully C:\Users\Tinne\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Tinne\AppData\Local\EmieSiteList deleted successfully C:\Users\Tinne\AppData\Local\EmieUserList deleted successfully C:\Users\Tinne\AppData\Local\NetworkTiles deleted successfully C:\Users\Tinne\AppData\Local\Panda Security deleted successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-4032322933-1343094205-2239859116-1000\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5C0D11B8-C5F6-4be3-AD2C-2B1A3EB94AB6} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~3\HPs deleted C:\PROGRA~3\HP deleted C:\PROGRA~3\OberonGameConsole deleted C:\PROGRA~3\InstallMate deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\Users\Tinne\AppData\LocalLow\Seuaarcch-uNeewTab deleted C:\WINDOWS\Syswow64\GroupPolicy\Machine deleted C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted C:\WINDOWS\SysWow64\searchplugins deleted C:\WINDOWS\SysWow64\Extensions deleted C:\Users\Tinne\Desktop\Schoon uw register gratis op!.lnk deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\Tinne\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2016-08-03 13:10:06 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\Tinne\AppData\Roaming ====== 2016-08-03 16:41:30 -------- d-----w- C:\Users\Tinne\AppData\Local\NetworkTiles 2016-07-11 18:24:33 -------- d-----w- C:\Users\Tinne\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox ====== C:\Users\Tinne ====== 2016-08-03 13:09:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tinne\Downloads\RSITx64.exe ====== C: exe-files == 2016-08-03 13:10:07 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Tinne.exe 2016-08-03 13:09:35 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Tinne\Downloads\RSITx64.exe 2016-08-03 10:40:28 946E8C3705E54367A10DB76B0E3B19BA 1554424 ----a-w- C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\SwReporter\8.62.4\software_reporter_tool.exe 2016-08-02 08:03:38 A2AFEE318C51D8A2BF85A4E46E715565 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateOnDemand.exe 2016-08-02 08:03:38 8ECEE61C9EFE194B6ACA6030DFE3990E 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateWebPlugin.exe 2016-08-02 08:03:37 C75B240057A7169179DB2EC9E059D4C5 96920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateBroker.exe 2016-08-02 08:03:16 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateSetup.exe 2016-08-02 08:02:37 BF76E03E95FD83C31B32639472A8EDCC 174232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdateComRegisterShell64.exe 2016-08-02 08:02:37 788321A2C0C45F16820E00A8BA8FD3DA 366232 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe 2016-08-02 08:02:22 58332C83C4A329A744B0B98F934934BB 288920 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe 2016-08-02 08:01:59 A8FD9222E4D72596BB37DA8BE95C0BA4 153752 ----atw- C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleUpdate.exe 2016-08-02 08:01:26 812D664B0084DF946C8E9BC01B3FC19E 1065376 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.31.5\GoogleUpdateSetup.exe 2016-07-29 09:27:32 909BA69802FA4C6ABD326E2CE3941DC7 239032 ----a-w- C:\Windows\Temp\GlobalExe.exe === C: other files == 2016-08-03 06:22:21 299D2B92F3D26B0C1CA9895B8C799625 416 ----a-w- C:\Users\Tinne\Downloads\take_ownership.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup" [HKEY_USERS\S-1-5-21-4032322933-1343094205-2239859116-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN294183LS05ST:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1" "Dropbox Update"="C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "OneDrive"="C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_USERS\S-1-5-21-4032322933-1343094205-2239859116-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "PSUAMain"="C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe /LaunchSysTray" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 5520 series (NET)"="C:\Program Files\HP\HP Photosmart 5520 series\Bin\ScanToPCActivationApp.exe -deviceID CN294183LS05ST:NW -scfn HP Photosmart 5520 series (NET) -AutoStart 1" "Dropbox Update"="C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "OneDrive"="C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Tinne\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "RtHDVBg_Dolby"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4" "RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /FORPCEE4 " "Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BackupManagerTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BackupManagerTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\NTI\\Acer Backup Manager\\BackupManagerTray.exe\" -h -k" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisTecPMMUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisTecPMMUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\PmmUpdate.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\EgisUpdate] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="EgisUpdate" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec IPS\\EgisUpdate.exe\" -d" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HP Software Update] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HP Software Update" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IAStorIcon] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IAStorIcon" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Intel\\Intel(R) Rapid Storage Technology\\IAStorIcon.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IntelTBRunOnce] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IntelTBRunOnce" "hkey"="HKLM" "command"="wscript.exe //b //nologo \"C:\\Program Files\\Intel\\TurboBoost\\RunTBGadgetOnce.vbs\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LManager] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LManager" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Launch Manager\\LManager.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Malwarebytes Anti-Malware] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\RunOnce" "item"="Malwarebytes Anti-Malware" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Malwarebytes' Anti-Malware\\mbamgui.exe /install /silent" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Mio Share] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Mio Share" "hkey"="HKCU" "command"="C:\\Users\\Tinne\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Mio\\Mio Share.appref-ms" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="msnmsgr" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Spotify Web Helper" "hkey"="HKCU" "command"="\"C:\\Users\\Tinne\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SuiteTray] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SuiteTray" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\EgisTec MyWinLockerSuite\\x86\\SuiteTray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SUPERAntiSpyware] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="SUPERAntiSpyware" "hkey"="HKCU" "command"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\TomTomHOME.exe] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="TomTomHOME.exe" "hkey"="HKCU" "command"="\"C:\\Program Files (x86)\\TomTom HOME 2\\TomTomHOMERunner.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk] "item"="HP Digital Imaging Monitor" "path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\HP Digital Imaging Monitor.lnk" "backup"="C:\\Windows\\pss\\HP Digital Imaging Monitor.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~2\\HP\\DIGITA~1\\bin\\hpqtra08.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24-09-2014 17:43] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-4032322933-1343094205-2239859116-1000Core.job --a-------- C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21-08-2015 13:43] C:\WINDOWS\tasks\DropboxUpdateTaskUserS-1-5-21-4032322933-1343094205-2239859116-1000UA.job --a-------- C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe [21-08-2015 13:43] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-09-2015 09:10] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [02-09-2015 09:10] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-4032322933-1343094205-2239859116-1000Core" [C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-4032322933-1343094205-2239859116-1000UA" [C:\Users\Tinne\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 210ccce71f634effab8d79f679d70f72167e29714b924a5690f8b0ed5dd92625" [C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 43c8338e5f7f44c99caaed9666968c6fc45998aed15a4dec90771f82230e6948" [C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - 4b87d1795cf64580be4b7294556cca98dcb24d76a93b411da6bfa02cde6ad417" [C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HP AR Program Upload - bab9c9b7ee4b4a54933550c1294befb958dca121250b451e8e9ef5243c6acac2" [C:\Program Files\HP\HP Photosmart 5520 series\bin\HPRewards.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\{1E48A147-8650-4D79-B99A-F9F39E61EC5A}" ["c:\program files (x86)\google\chrome\application\chrome.exe"] "C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [15-12-2011 12:27] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Tinne\AppData\Roaming\TomTom\HOME\Profiles\v4uk7kfx.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== ==== Chromium Look ====================== YouTube - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo OnlineMapFinder - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd Google Search - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chrome Web Store Payments - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Chrome Media Router - Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Chromium Fix ====================== C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsbox.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.lyricsbox.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gounzip.dl.myway.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gounzip.dl.myway.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.myway.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_huizen.trovit.be_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_onlinemapfinder.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_ad.360yield.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.himediads.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_static.himediads.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_ads1.msads.net_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_c.betrad.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_dsms0mj1bbhn4.cloudfront.net_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gounzip.dl.tb.ask.com_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gounzip.dl.tb.ask.com_0.localstorage-journal deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceopoaldcnmhechacafgagdkklcogkgd deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ceopoaldcnmhechacafgagdkklcogkgd_0.localstorage deleted successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ceopoaldcnmhechacafgagdkklcogkgd_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7 HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC HKCU\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} - http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7ADRA_nlBE459 ==== Reset Google Chrome ====================== C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9EB8120F-FFA7-2347-4994-4B80E2CB5657} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IAStorIcon deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelTBRunOnce deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Spotify Web Helper deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Tinne\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Tinne\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Tinne\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=2872 folders=357 70730454 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Tinne\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 03-08-2016 at 19:44:21,31 ======================