"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_91262D4A3C3587F7981D89F0F0859673"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1001-{637FE20B-9A5B-4F51-B1BE-D10045625B40}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" [HKEY_USERS\S-1-5-21-4250598485-134378052-927827185-1002-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-1\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avgnt"="C:\Program Files (x86)\Avira\Antivirus\avgnt.exe /min" "Avira SystrayStartTrigger"="C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe" "HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"="C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "GoogleChromeAutoLaunch_91262D4A3C3587F7981D89F0F0859673"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window /prefetch:5" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6281.1202_1\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6301.0127\amd64" "Uninstall C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64"="C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q C:\Users\Marielle\AppData\Local\Microsoft\OneDrive\17.3.6302.0225\amd64" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "tvncontrol"="C:\Program Files\TightVNC\tvnserver.exe -controlservice -slave" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08/04/2016 12:10] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2015 22:01] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [14/11/2015 22:01] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\ASUS Smart Gesture Launcher" [C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 5510 series" ["C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPCustPartic.exe"] "C:\WINDOWS\SysNative\tasks\RtHDVBg_ListenToDevice" ["C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe"] "C:\WINDOWS\SysNative\tasks\RTKCPL" ["C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{DB128E94-58B0-4ABC-AED4-87B7E6B54D00}" [C:\WINDOWS\system32\msfeedssync.exe] ==== Chromium Look ====================== Google Slides - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Google Docs Offline - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi Pin It Button - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Chrome Web Store Payments - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Marielle\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\IE\QMUUFPMK will be deleted at reboot C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\IE\XXBSTOUF will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== No Flash Cache Found ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=27 folders=12 14371294 bytes) ==== Empty Temp Folders ====================== C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\Marielle\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\Marielle\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted "C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\IE\QMUUFPMK" not found "C:\Users\Marielle\AppData\Local\Microsoft\Windows\INetCache\IE\XXBSTOUF" not found ==== EOF on 12/05/2016 at 10:41:03,08 ======================