
Zoek.exe v5.0.0.1 Updated 19-September-2016
Tool run by Vdg on zo 11/12/2016 at 22:42:30,06.
Microsoft Windows 10 Pro 10.0.14393  x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Vdg\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2016-12-11-204857.log	300505 bytes

==== Empty Folders Check ======================

C:\Users\Vdg\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{2670000A-7350-4f3c-8081-5663EE0C6C49} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

"C:\WINDOWS\Installer\238c1e1.msi" not found

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
2016-11-27 12:16:34	43BF96FCF50945BE35C22206980C9068	4673304	----a-w-	C:\WINDOWS\explorer.exe
2016-11-27 12:16:16	BCDB205132974EC3AB6F5C01DD93489B	130560	----a-w-	C:\WINDOWS\splwow64.exe
====== C:\Users\Vdg\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2016-11-27 12:17:54	8EEC4925C03E375C4EC496E45C44139A	649568	----a-w-	C:\WINDOWS\Sysnative\drivers\fvevol.sys
2016-11-27 12:17:53	1312896CAE6AF0D4557DB7B37283C116	713216	----a-w-	C:\WINDOWS\Sysnative\drivers\srv2.sys
2016-11-27 12:17:52	E6D5762958A839B119C041256149AAD6	967168	----a-w-	C:\WINDOWS\Sysnative\drivers\bthport.sys
2016-11-27 12:17:49	39591D8510CEC3BA6ED4330EE689B791	376672	----a-w-	C:\WINDOWS\Sysnative\drivers\clfs.sys
2016-11-27 12:17:49	0AB691736D4D4029444AF62DE59CFD37	249856	----a-w-	C:\WINDOWS\Sysnative\drivers\BthLEEnum.sys
2016-11-27 12:17:45	3DFBB8B3F8BC0A91297030D0E530BA37	79200	----a-w-	C:\WINDOWS\Sysnative\drivers\crashdmp.sys
2016-11-27 12:17:44	DEA44117F9EE53EAFCE555C0A9B108C6	509280	----a-w-	C:\WINDOWS\Sysnative\drivers\storport.sys
2016-11-27 12:17:44	9CD2A4821DE379305CACB2E99AD8953A	101888	----a-w-	C:\WINDOWS\Sysnative\drivers\bowser.sys
2016-11-27 12:17:37	C1E85B4FB08B4CCF16841B165910148B	258560	----a-w-	C:\WINDOWS\Sysnative\drivers\xboxgip.sys
2016-11-27 12:17:36	25D32BE04FE0A23FDF57FD5382757672	143872	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxdav.sys
2016-11-27 12:17:18	A10C7C1E69FC90620C7BF2E51302A01F	1100128	----a-w-	C:\WINDOWS\Sysnative\drivers\http.sys
2016-11-27 12:17:06	E330144B97D493AA886000DCAAA8DAF5	119648	----a-w-	C:\WINDOWS\Sysnative\drivers\wcifs.sys
2016-11-27 12:17:06	46ADD0CD4473AAEF1C68266A803F704D	714592	----a-w-	C:\WINDOWS\Sysnative\drivers\vhdmp.sys
2016-11-27 12:17:05	964943933D448935595C450AC4E8A5B1	23392	----a-w-	C:\WINDOWS\Sysnative\drivers\cmimcext.sys
2016-11-27 12:16:30	3D04046C468AD2868A093925B5E2AA0A	218976	----a-w-	C:\WINDOWS\Sysnative\drivers\tpm.sys
2016-11-27 12:16:28	7C3D10BEC8B0DBA00A78C78EB10B3AE2	279904	----a-w-	C:\WINDOWS\Sysnative\drivers\sdbus.sys
2016-11-27 12:16:26	DB69C6DA8B3DDFDC547D455CA23A8250	2255712	----a-w-	C:\WINDOWS\Sysnative\drivers\ntfs.sys
2016-11-27 12:16:26	B66ED2CB37F7E4696A51612AFBA08834	127328	----a-w-	C:\WINDOWS\Sysnative\drivers\AppVStrm.sys
2016-11-27 12:16:25	9DB326B54C03EF2892E7551D8B354036	128352	----a-w-	C:\WINDOWS\Sysnative\drivers\partmgr.sys
2016-11-27 12:16:24	FFFBB40B9C7AD811AA6EA74A0A6168B1	187232	----a-w-	C:\WINDOWS\Sysnative\drivers\dumpsd.sys
2016-11-27 12:16:23	92F6E3E6D3F1795263EB34B37F74AEF7	74080	----a-w-	C:\WINDOWS\Sysnative\drivers\vpci.sys
2016-11-27 12:16:20	224BA1CB1F3C702F0D001D2AFC9793B1	128512	----a-w-	C:\WINDOWS\Sysnative\drivers\bthpan.sys
2016-11-27 12:16:19	88B66D75B0D26B449C83D54C87F30553	51712	----a-w-	C:\WINDOWS\Sysnative\drivers\winhvr.sys
2016-11-27 12:16:19	5157325B17E455D9DF7AFBB4B608E78A	156672	----a-w-	C:\WINDOWS\Sysnative\drivers\hidclass.sys
2016-11-27 12:16:18	0B779E9FC426CA2268D28181FA6C222F	39424	----a-w-	C:\WINDOWS\Sysnative\drivers\kbdhid.sys
2016-11-27 12:15:51	72C828E0A21020FC6723A940A8F2F085	658272	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms2.sys
2016-11-27 12:15:48	125C83C44EEE61E2ED5893F23AEF0FC9	2190688	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgkrnl.sys
2016-11-27 12:15:47	F7C22604CD8AFB9AF1C1E3CE39A5A09F	223584	----a-w-	C:\WINDOWS\Sysnative\drivers\mrxsmb20.sys
2016-11-27 12:15:42	0D1D392ED2597F295956D058D33BD7C3	144896	----a-w-	C:\WINDOWS\Sysnative\drivers\dfsc.sys
2016-11-27 12:15:41	B66D8C75C9BC59D637177AB3B1C569A6	81760	----a-w-	C:\WINDOWS\Sysnative\drivers\stornvme.sys
2016-11-27 12:15:41	5BEE032780FCE432A80E58C14CDEA965	402272	----a-w-	C:\WINDOWS\Sysnative\drivers\dxgmms1.sys
2016-11-27 12:15:40	53EB8CE34B55A1EE63424C8DB7388BFC	130912	----a-w-	C:\WINDOWS\Sysnative\drivers\storahci.sys
2016-11-27 12:15:38	039B5A8CBD5C75D1C46DF15F7C74D136	63328	----a-w-	C:\WINDOWS\Sysnative\drivers\dam.sys
2016-11-27 12:15:33	EDAF0E161BE98CCC4FC9671481600745	435040	----a-w-	C:\WINDOWS\Sysnative\drivers\rdbss.sys
2016-11-27 12:15:09	2CF0CB2A0ED68C5455371E84C16F9627	64352	----a-w-	C:\WINDOWS\Sysnative\drivers\MegaSas2i.sys
2016-11-27 12:15:01	D5564FC81350458ED570528C4E3B1CCF	1181536	----a-w-	C:\WINDOWS\Sysnative\drivers\ndis.sys
2016-11-27 12:14:59	C994DF90427103CCB80F893FFD2B1CE8	557408	----a-w-	C:\WINDOWS\Sysnative\drivers\spaceport.sys
2016-11-27 12:14:59	8CB606A3057355FD5A9DBDD1A0AC94EF	719360	----a-w-	C:\WINDOWS\Sysnative\drivers\WdiWiFi.sys
2016-11-27 12:14:55	4F25E481124059CC593B4C68BC485640	2537824	----a-w-	C:\WINDOWS\Sysnative\drivers\tcpip.sys
2016-11-27 12:14:53	323AA1953ED9C01E23F740FA891FE064	584032	----a-w-	C:\WINDOWS\Sysnative\drivers\afd.sys
2016-11-27 12:14:53	23522E5D581F7722B1B5B86737CAE39C	227328	----a-w-	C:\WINDOWS\Sysnative\drivers\ahcache.sys
2016-11-27 12:14:53	101CC1FD8D48ED1EF71F0840158D0E6D	335712	----a-w-	C:\WINDOWS\Sysnative\drivers\pci.sys
2016-11-27 12:14:52	DB32758F3A7F6CCE81A5430080A2EA65	48992	----a-w-	C:\WINDOWS\Sysnative\drivers\iorate.sys
2016-11-27 12:14:50	B23596AFC687B5256CCD7DD429E2E6FB	409952	----a-w-	C:\WINDOWS\Sysnative\drivers\FWPKCLNT.SYS
2016-11-27 12:14:49	E5E5D9E317739CEE510EAF46C88A7C38	128864	----a-w-	C:\WINDOWS\Sysnative\drivers\tm.sys
2016-11-27 12:14:46	60EB6A4CE3E21887D302350631C16F26	118272	----a-w-	C:\WINDOWS\Sysnative\drivers\capimg.sys
====== C:\WINDOWS\Tasks ======
2016-12-01 16:09:02	F538606335052CF4461D92B1342E53B2	4064	----a-w-	C:\WINDOWS\Sysnative\Tasks\Adobe Flash Player PPAPI Notifier
2016-12-01 16:09:02	DFE1E26CFB6D9C7B42AD365A4079EA2F	1002	----a-w-	C:\WINDOWS\Tasks\Adobe Flash Player PPAPI Notifier.job
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2016-12-11 09:46:57	--------	d-----w-	C:\Program Files\trend micro
2016-12-01 16:09:14	--------	d-----w-	C:\Program Files\TrueKey
2016-11-26 17:35:15	--------	d-----w-	C:\Program Files\EpsonNet
2016-11-26 17:02:49	--------	d---a-w-	C:\Program Files\Common Files\DESIGNER
2016-11-26 16:52:19	--------	d-----w-	C:\Program Files\Microsoft Office 15
2016-11-20 18:39:48	--------	d---a-w-	C:\Program Files\Microsoft Office
======= C:\PROGRA~2 =====
2016-11-26 17:20:51	--------	d-----w-	C:\PROGRA~2\Epson Software
2016-11-26 17:20:36	--------	d-----w-	C:\PROGRA~2\epson
2016-11-26 13:40:52	--------	d-----w-	C:\PROGRA~2\Die Keure
======= C: =====
====== C:\Users\Vdg\AppData\Roaming ======
2016-12-09 07:46:46	--------	d-----w-	C:\Users\Vdg\AppData\Local\tkdata
2016-12-07 20:53:52	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\TrueKey
2016-12-07 20:53:41	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\tkdata
2016-12-04 13:45:39	--------	d-----w-	C:\Users\Vdg\AppData\Local\CEF
2016-12-02 18:27:07	--------	d-----w-	C:\Users\Vdg\AppData\Local\Spotify
2016-12-01 16:20:56	--------	d-----w-	C:\Users\sophi\AppData\Local\tkdata
2016-12-01 16:20:56	--------	d-----w-	C:\Users\sophi\AppData\Local\CEF
2016-12-01 16:20:09	--------	d-----w-	C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Intel
2016-11-14 18:10:11	--------	d-----w-	C:\Users\Vdg\AppData\Local\Programs
====== C:\Users\Vdg ======
2016-12-11 09:46:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vdg\Downloads\RSITx64.exe
2016-12-07 20:54:15	--------	d-----w-	C:\ProgramData\TrueKey
2016-12-05 16:39:33	--------	d-----w-	C:\Users\Public\Toshiba
2016-12-02 19:18:01	90F503A58ED6B340C78D626D553672F6	8576448	----a-w-	C:\Users\Vdg\Downloads\ccsetup524.exe
2016-12-02 18:32:31	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2016-hulpprogramma's
2016-12-02 18:27:23	--------	d-----r-	C:\Users\Vdg\3D Objects
2016-11-26 17:21:15	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON Software
2016-11-26 17:20:40	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EPSON
2016-11-26 13:40:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kweetet
2016-11-22 20:00:26	--------	d-----w-	C:\ProgramData\Epson
2016-11-20 17:17:46	6FC234AD3752E1267B34FB12BCD6718B	20	--sh--w-	C:\Users\Vdg\ntuser.ini

====== C: exe-files ==
2016-12-11 10:10:34	418299F70B35752CB048ED773C59002E	145088	----a-w-	C:\Users\Vdg\AppData\Local\Temp\A53BBF2A-9235-4772-9A27-E617463901AE\DismHost.exe
2016-12-11 09:46:58	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Vdg.exe
2016-12-11 09:46:29	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Vdg\Downloads\RSITx64.exe
2016-12-08 07:43:43	442CEC1189EC3D6A7F2B8D9FDE0033F0	2242040	----a-w-	C:\Users\sophi\AppData\Local\Google\Chrome\User Data\SwReporter\14.83.3\software_reporter_tool.exe
2016-12-05 06:21:37	FA808FDF12832F961059AF3FA6D54150	797016	----a-w-	C:\Windows\Logs\PBR\Panther\Rollback\Boot\memtest.exe
=== C: other files ==
2016-12-11 20:49:17	A29030FB93B2E48EDD124749881406CE	943211	----a-w-	C:\Users\Vdg\AppData\Local\Temp\sysspec\SysSpec.zip
2016-12-05 18:17:32	DE0983FE4B830699312D35A990B3AE1B	1945	----a-r-	C:\Users\Vdg\AppData\Local\Temp\_MEI87602\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
2016-12-05 18:17:32	82F5C942549405F61A8808D0EA0FA9E2	25575	----a-r-	C:\Users\Vdg\AppData\Local\Temp\_MEI87602\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDriveSetup"="C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup"

[HKEY_USERS\S-1-5-21-647988551-3144365328-1807536818-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Vdg\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"GoogleChromeAutoLaunch_78F570CC5CCEC152224FFE989E531544"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"ToshibaServiceStation"="C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe /hide:60"
"dldwmon.exe"="C:\Program Files (x86)\Dell V505\dldwmon.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"="C:\Users\Vdg\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background"
"Spotify Web Helper"="C:\Program Files (x86)\Spotify\Data\SpotifyWebHelper.exe"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"
"GoogleChromeAutoLaunch_78F570CC5CCEC152224FFE989E531544"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Toshiba TEMPRO"="C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe"
"TosVolRegulator"="C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "
"TCrdMain"="C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe"
"TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE"
"BatteryManager"="%ProgramFiles%\TOSHIBA\Power Saver\TBatmgrTrayIcon.exe"
"TosSENotify"="C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe"
"Teco"=""%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r"
"TosWaitSrv"="%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe "
"WindowsDefender"=""%ProgramFiles%\Windows Defender\MSASCuiL.exe""

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player PPAPI Notifier.job --a-------- C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe [01/12/2016 17:09]
C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- [Undetermined Task]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [27/04/2016 11:27]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player PPAPI Notifier" [C:\WINDOWS\SysWoW64\Macromed\Flash\FlashUtil32_23_0_0_207_pepper.exe]
"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\Installation App Launcher" ["C:\Program Files (x86)\Dell V505\dldwamon.exe" -register]
"C:\WINDOWS\SysNative\tasks\OneDrive Standalone Update Task" [C:\Users\sophi\AppData\Local\Microsoft\OneDrive\17.3.6517.0809\OneDriveStandaloneUpdater.exe]
"C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"]

==== Chromium Look ======================

Google Slides - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Sheets - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Chrome Web Store Payments - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Skype Calling - sophi\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk
Google Slides - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
EML MHT Viewer with Drive - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahbjckdnggnfmchoildeljnilenlkoao
Google Docs - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Online PDF tools ilovepdf.com - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbdolfjnphjlbbpfdcohojjmbkkfpfom
Gmail Offline - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk
Google Sheets - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Docs Offline - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
Whitelisted domains - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Proxy Bay - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpabelodkfbnigmjdlhdjcbjoimjjmap
PDF Mergy - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\hgecghmkcdefnknohcimkoemhaofpoha
YouTube - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ijoffpmfcdnncgblkdnobhomnjnkofdm
Autodesk Homestyler - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdmmkfaghgcicheaimnpffeeekheafkb
Google Hangouts - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\knipolnnllmklapflnccelgolnpehhpl
Google Hangouts - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd
Application folder name for uploaded documents - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndjpnladcallmjemlbaebfadecfhkepb
Chrome Web Store Payments - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Picasa - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb
Gmail - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Chrome Media Router - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Skype Calling - Vdg\AppData\Local\Google\Chrome\User Data\Default\Extensions\poghlonenmjdkfghdpfomojhhfggildk

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://toshiba13.msn.com/?pc=TEJB"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05}"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://toshiba13.msn.com/?pc=TEJB"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB;
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=TEJB;
HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
HKCU\SearchScopes\{1D7AA1D5-57A4-4F3B-A9CD-7AE4EDDECE05} - No_Url_Value

==== Reset Google Chrome ======================

C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot
C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7BAC3F7A-B963-468E-982E-B5608A87408D} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\A7F3CAB7369BE86489E25B06A87804D8 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\sophi\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Vdg\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\sophi\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\Vdg\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\sophi\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=215 folders=95 176121911 bytes)

==== Empty Temp Folders ======================

C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Vdg\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted
"C:\Users\Vdg\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted

==== EOF on zo 11/12/2016 at 23:06:45,64 ======================