Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version) Tool run by EOSDEESSE on 24/10/2018 at 17:22:09,79. Microsoft Windows 10 Famille 10.0.17134 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\EOSDEESSE\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 24/10/2018 17:25:36 Zoek.exe System Restore Point Created Successfully. ==== Hosts File Content ====================== # Copyright (c) 1993-2009 Microsoft Corp. # # This is a sample HOSTS file used by Microsoft TCP/IP for Windows. # # This file contains the mappings of IP addresses to host names. Each # entry should be kept on an individual line. The IP address should # be placed in the first column followed by the corresponding host name. # The IP address and the host name should be separated by at least one # space. # # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host # 127.0.0.1 localhost ::1 localhost ==== Windows Installer Info ====================== Adobe Acrobat Reader DC - Fran‡ais [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA7DA76301B744CAF070E41400]C:\WINDOWS\Installer\8b76e14.msi Adobe Refresh Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\68AB67CA408033019195008142926844]C:\WINDOWS\Installer\3bb78.msi Easy Photo Scan [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\FA2FEA39BF68DA243829D5EA0C36B8A1]C:\WINDOWS\Installer\55cd45e.msi Epson Connect Printer Setup [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B15D1B9D65BED014EA5BC1FCCAB4C6C8]C:\WINDOWS\Installer\566bf39.msi Epson E-Web Print [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\473F9FB676CE80849AC01F72EDD689D9]C:\WINDOWS\Installer\55cd468.msi Epson Event Manager [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\49E502F924E968449AA2FDF3C68B4544]C:\WINDOWS\Installer\55cd44a.msi Epson Software Updater [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9BC3A069244A7C4AA7977CCF41E6017]C:\WINDOWS\Installer\54026fb.msi Google Update Helper [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A089CE062ADB6BC44A720BA745894BAC]C:\WINDOWS\Installer\2fe9919.msi Java 8 Update 191 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\4EA42A62D9304AC4784BF2238110190F]C:\WINDOWS\Installer\17958c80.msi Manuels EPSON [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B1CCEC48FE121B14A919E327E4D5993D]C:\WINDOWS\Installer\540270a.msi Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\c1c4f01781cc94c4c8fb1542c0981a2a]C:\WINDOWS\Installer\55cd454.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1A4DE204B5F8A783688899A7FB858B2F]c:\WINDOWS\Installer\55cd463.msi Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\D20352A90C039D93DBF6126ECE614057]c:\WINDOWS\Installer\55cd459.msi Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\1D5E3C0FEDA1E123187686FED06E995A]c:\WINDOWS\Installer\53f10b9.msi Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\CA4ECB96275917232ABF4932DB3AA634]C:\WINDOWS\Installer\7d4fcbf.msi Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\47CA2FBBC0273BC32819E543302923AF]C:\WINDOWS\Installer\7d4fcba.msi MyEpson Portal [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\514D163353AB34143B10669119AB2691]C:\WINDOWS\Installer\55cd44f.msi Office 16 Click-to-Run Extensibility Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109C80000000000000000F01FEC]C:\WINDOWS\Installer\4d88a6.msi Office 16 Click-to-Run Licensing Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109F80000000100000000F01FEC]C:\WINDOWS\Installer\4859dd.msi Office 16 Click-to-Run Localization Component [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\00006109C800C0400000000000F01FEC]C:\WINDOWS\Installer\4d88ab.msi ==== Empty Folders Check ====================== C:\PROGRA~3\SoftwareDistribution deleted successfully C:\Users\EOSDEESSE\AppData\Local\DBG deleted successfully C:\Users\EOSDEESSE\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== Adobe Acrobat Reader DC - Fran‡ais Adobe Flash Player 31 NPAPI Adobe Refresh Manager adsl TV Assistant Mise … jour de Windows 10 Easy Photo Scan Epson Connect Printer Setup Epson E-Web Print Epson Easy Photo Print 2 Epson Event Manager Epson Scan 2 EPSON Scan OCR Component Epson Software Updater EPSON XP-243 245 247 Series Printer Uninstall Free Virtual Keyboard Google Chrome Google Update Helper Java 8 Update 191 Java Auto Updater Logiciel de cr‚ation photo DARTY Manuels EPSON Microsoft Office Professionnel Plusÿ2016 - fr-fr Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215 Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215 Molotov Mozilla Firefox 63.0 (x64 fr) Mozilla Maintenance Service MyEpson Portal mySteganos Online Shield Office 16 Click-to-Run Extensibility Component Office 16 Click-to-Run Licensing Component Office 16 Click-to-Run Localization Component PhotoFiltre Studio X Synaptics TouchPad Driver VirtualDJ PRO Full VLC media player WinRAR 5.50 (64-bit) Wondershare Helper Compact 2.5.2 ==== Running Processes ====================== C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\EPSON\MyEpson Portal\mepService.exe C:\Program Files (x86)\Steganos Online Shield\OnlineShieldService.exe C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe C:\Program Files (x86)\EPSON\MyEpson Portal\mep.exe C:\Program Files (x86)\Steganos Online Shield\SteganosBrowserMonitor.exe C:\Program Files (x86)\Steganos Online Shield\Notifier.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\FreeVK\FreeVK.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Services(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R2 - [AdobeARMservice] - Adobe Acrobat Update Service - c:\program files (x86)\common files\adobe\arm\1.0\armsvc.exe R2 - [ClickToRunSvc] - Service Microsoft Office « Démarrer en un clic » - c:\program files\common files\microsoft shared\clicktorun\officeclicktorun.exe R2 - [EpsonScanSvc] - Epson Scanner Service - c:\windows\system32\escsvc64.exe R2 - [hpsrv] - HP Service - c:\windows\system32\hpservice.exe R2 - [MyEpson Portal Service] - MyEpson Portal Service - c:\program files (x86)\epson\myepson portal\mepservice.exe R2 - [Online Shield Starter Service] - Online Shield Starter Service - c:\program files (x86)\steganos online shield\onlineshieldservice.exe R2 - [SecurityHealthService] - Service Centre de sécurité Windows Defender - c:\windows\system32\securityhealthservice.exe R2 - [SgrmBroker] - Service Broker du moniteur d'exécution System Guard - c:\windows\system32\sgrmbroker.exe R2 - [SynTPEnhService] - SynTPEnh Caller Service - c:\program files\synaptics\syntp\syntpenhservice.exe R2 - [WinDefend] - Service antivirus Windows Defender - c:\programdata\microsoft\windows defender\platform\4.18.1809.2-0\msmpeng.exe R3 - [WdNisSvc] - Service Inspection du réseau de l’antivirus Windows Defender - c:\programdata\microsoft\windows defender\platform\4.18.1809.2-0\nissrv.exe S2 - [gupdate] - Service Google Update (gupdate) - c:\program files (x86)\google\update\googleupdate.exe S2 - [sppsvc] - Protection logicielle - c:\windows\system32\sppsvc.exe S3 - [AdobeFlashPlayerUpdateSvc] - Adobe Flash Player Update Service - c:\windows\syswow64\macromed\flash\flashplayerupdateservice.exe S3 - [ALG] - Service de la passerelle de la couche Application - c:\windows\system32\alg.exe S3 - [COMSysApp] - Application système COM+ - c:\windows\system32\dllhost.exe S3 - [Fax] - Télécopie - c:\windows\system32\fxssvc.exe S3 - [FontCache3.0.0.0] - Cache de police de Windows Presentation Foundation 3.0.0.0 - c:\windows\microsoft.net\framework64\v3.0\wpf\presentationfontcache.exe S3 - [gupdatem] - Service Google Update (gupdatem) - c:\program files (x86)\google\update\googleupdate.exe S3 - [MozillaMaintenance] - Mozilla Maintenance Service - c:\program files (x86)\mozilla maintenance service\maintenanceservice.exe S3 - [MSDTC] - Coordinateur de transactions distribuées - c:\windows\system32\msdtc.exe S3 - [msiserver] - Windows Installer - c:\windows\system32\msiexec.exe S3 - [ose] - Office Source Engine - c:\program files (x86)\common files\microsoft shared\source engine\ose.exe S3 - [PerfHost] - Hôte de DLL de compteur de performance - c:\windows\syswow64\perfhost.exe S3 - [RpcLocator] - Localisateur d’appels de procédure distante (RPC) - c:\windows\system32\locator.exe S3 - [SensorDataService] - Service Données de capteur - c:\windows\system32\sensordataservice.exe S3 - [SNMPTRAP] - Interruption SNMP - c:\windows\system32\snmptrap.exe S3 - [spectrum] - Service de perception Windows - c:\windows\system32\spectrum.exe S3 - [TieringEngineService] - Gestion des niveaux de stockage - c:\windows\system32\tieringengineservice.exe S3 - [TrustedInstaller] - Programme d’installation pour les modules Windows - c:\windows\servicing\trustedinstaller.exe S3 - [vds] - Disque virtuel - c:\windows\system32\vds.exe S3 - [VSS] - Cliché instantané des volumes - c:\windows\system32\vssvc.exe S3 - [wbengine] - Service de moteur de sauvegarde en mode bloc - c:\windows\system32\wbengine.exe S3 - [wmiApSrv] - Carte de performance WMI - c:\windows\system32\wbem\wmiapsrv.exe S3 - [xbgm] - Xbox Game Monitoring - c:\windows\system32\xbgmsvc.exe S4 - [diagnosticshub.standardcollector.service] - Service Collecteur standard du concentrateur de diagnostic Microsoft (R) - c:\windows\system32\diagsvcs\diagnosticshub.standardcollector.service.exe S4 - [ssh-agent] - OpenSSH Authentication Agent - c:\windows\system32\openssh\ssh-agent.exe S4 - [WMPNetworkSvc] - Service Partage réseau du Lecteur Windows Media - c:\program files\windows media player\wmpnetwk.exe S4 - [WSearch] - Windows Search - c:\windows\system32\searchindexer.exe ==== Drivers(whitelist) ====================== Powered by [url=http://www.antimalwarehelp.be/EDev/]E Dev[/url] R0 - [FileInfo] - File Information FS MiniFilter - C:\WINDOWS\system32\Drivers\FileInfo.sys R0 - [FltMgr] - FltMgr - C:\WINDOWS\system32\Drivers\FltMgr.sys R0 - [Mup] - Mup - C:\WINDOWS\system32\Drivers\Mup.sys R0 - [WdFilter] - Pilote de minifiltre de l’antivirus Windows Defender - C:\WINDOWS\system32\Drivers\WdFilter.sys R0 - [Wof] - Windows Overlay File System Filter Driver - C:\WINDOWS\system32\Drivers\Wof.sys R1 - [NetBIOS] - NetBIOS Interface - C:\WINDOWS\system32\Drivers\NetBIOS.sys R3 - [srv2] - Pilote de serveur SMB 2.xxx - C:\WINDOWS\system32\Drivers\srv2.sys R0 - [ACPI] - Pilote ACPI Microsoft - C:\WINDOWS\system32\Drivers\ACPI.sys R0 - [acpiex] - Microsoft ACPIEx Driver - C:\WINDOWS\system32\Drivers\acpiex.sys R0 - [CLFS] - Common Log (CLFS) - C:\WINDOWS\system32\Drivers\CLFS.sys R0 - [CNG] - CNG - C:\WINDOWS\system32\Drivers\CNG.sys R0 - [Disk] - Pilote de disque - C:\WINDOWS\system32\Drivers\Disk.sys R0 - [fvevol] - Pilote de filtre de chiffrement de lecteur BitLocker - C:\WINDOWS\system32\Drivers\fvevol.sys R0 - [hpdskflt] - HP Filter - C:\WINDOWS\system32\Drivers\hpdskflt.sys R0 - [intelpep] - Pilote de plug-in du moteur d’alimentation Intel(R) - C:\WINDOWS\system32\Drivers\intelpep.sys R0 - [iorate] - Pilote du filtre du taux d’E/S du disque - C:\WINDOWS\system32\Drivers\iorate.sys R0 - [KSecDD] - KSecDD - C:\WINDOWS\system32\Drivers\KSecDD.sys R0 - [KSecPkg] - KSecPkg - C:\WINDOWS\system32\Drivers\KSecPkg.sys R0 - [mountmgr] - Gestionnaire des points de montage - C:\WINDOWS\system32\Drivers\mountmgr.sys R0 - [msisadrv] - msisadrv - C:\WINDOWS\system32\Drivers\msisadrv.sys R0 - [NDIS] - Pilote système NDIS - C:\WINDOWS\system32\Drivers\NDIS.sys R0 - [partmgr] - Gestionnaire de partitions - C:\WINDOWS\system32\Drivers\partmgr.sys R0 - [pci] - Pilote de bus PCI - C:\WINDOWS\system32\Drivers\pci.sys R0 - [pcw] - Performance Counters for Windows Driver - C:\WINDOWS\system32\Drivers\pcw.sys R0 - [pdc] - CDP - C:\WINDOWS\system32\Drivers\pdc.sys R0 - [rdyboost] - ReadyBoost - C:\WINDOWS\system32\Drivers\rdyboost.sys R0 - [SgrmAgent] - System Guard Runtime Monitor Agent - C:\WINDOWS\system32\Drivers\SgrmAgent.sys R0 - [spaceport] - Pilote des espaces de stockage - C:\WINDOWS\system32\Drivers\spaceport.sys R0 - [storahci] - Lecteur AHCI SATA Microsoft standard - C:\WINDOWS\system32\Drivers\storahci.sys R0 - [Tcpip] - Pilote pour protocole TCP/IP - C:\WINDOWS\system32\Drivers\Tcpip.sys R0 - [vdrvroot] - Énumérateur de lecteur virtuel Microsoft - C:\WINDOWS\system32\Drivers\vdrvroot.sys R0 - [volmgr] - Pilote du gestionnaire de volumes - C:\WINDOWS\system32\Drivers\volmgr.sys R0 - [volmgrx] - Gestionnaire de volumes dynamiques - C:\WINDOWS\system32\Drivers\volmgrx.sys R0 - [volsnap] - Pilote de cliché instantané du volume - C:\WINDOWS\system32\Drivers\volsnap.sys R0 - [volume] - Pilote de volume - C:\WINDOWS\system32\Drivers\volume.sys R0 - [Wdf01000] - Service Infrastructure de pilote en mode noyau - C:\WINDOWS\system32\Drivers\Wdf01000.sys R0 - [WFPLWFS] - Plateforme de filtrage Microsoft Windows - C:\WINDOWS\system32\Drivers\WFPLWFS.sys R0 - [WindowsTrustedRT] - Windows Trusted Execution Environment Class Extension - C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys R0 - [WindowsTrustedRTProxy] - Service sécurisé d'exécution approuvée Microsoft Windows - C:\WINDOWS\system32\Drivers\WindowsTrustedRTProxy.sys R1 - [AFD] - Pilote de fonction connexe pour Winsock - C:\WINDOWS\system32\Drivers\AFD.sys R1 - [Beep] - Beep - C:\WINDOWS\system32\Drivers\Beep.sys R1 - [tdx] - Pilote de prise en charge TDI héritée NetIO - C:\WINDOWS\system32\Drivers\tdx.sys R2 - [tcpipreg] - TCP/IP Registry Compatibility - C:\WINDOWS\system32\Drivers\tcpipreg.sys S0 - [EhStorClass] - Enhanced Storage Filter Driver - C:\WINDOWS\system32\Drivers\EhStorClass.sys S0 - [hwpolicy] - Hardware Policy Driver - C:\WINDOWS\system32\Drivers\hwpolicy.sys S0 - [WdBoot] - Pilote de démarrage de l’antivirus Windows Defender - C:\WINDOWS\system32\Drivers\WdBoot.sys S3 - [atapi] - Canal IDE - C:\WINDOWS\system32\Drivers\atapi.sys S3 - [Tcpip6] - @todo.dll,-100;Microsoft IPv6 Protocol Driver - C:\WINDOWS\system32\Drivers\Tcpip6.sys [x] ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default\prefs.js: Added to C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ProfilePath: C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default user.js not found ---- Lines searchengine removed from prefs.js ---- user_pref("browser.pageActions.persistedActions", "{\"version\":1,\"ids\":[\"bookmark\",\"bookmarkSeparator\",\"copyURL\",\"emailLink\",\"addSearchEng ---- FireFox user.js and prefs.js backups ---- prefs_102018_1754_.backup ==== Batch Command(s) Run By Tool====================== ==== Deleting Files \ Folders ====================== C:\Users\EOSDEESSE\AppData\Roaming\Molotov deleted C:\Users\EOSDEESSE\.android deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\prefs.js deleted C:\Users\EOSDEESSE\AppData\Roaming\Wondershare deleted C:\PROGRA~3\Package Cache deleted C:\Users\EOSDEESSE\AppData\Local\Wondershare deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare deleted C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default\extensions\firefox@tampermonkey.net.xpi deleted C:\Users\EOSDEESSE\ZHPCleaner.exe deleted C:\Users\EOSDEESSE\ZHPDiag3.exe deleted "C:\WINDOWS\Installer\54026fb.msi" deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "e-webprint@epson.com"="C:\Program Files (x86)\Epson Software\E-Web Print\Firefox Add-on" [23/08/2018 19:06] ==== Firefox Extensions ====================== ProfilePath: C:\Users\EOSDEE~1\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default - __MSG_about_ext_name__ - %ProfilePath%\extensions\https-everywhere@eff.org.xpi - short_ webrtc-control - %ProfilePath%\extensions\jid0-oFxt2GoakYukFl7Yp42Kq@jetpack.xpi - Refresh Page - %ProfilePath%\extensions\refreshpage@refreshpage.net.xpi - short_ uBlock\u2080 - %ProfilePath%\extensions\uBlock0@raymondhill.net.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\EOSDEESSE\AppData\Roaming\Mozilla\Firefox\Profiles\0rk4zcdi.default - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll - [?] 180F93EA2B09DA6394258B86E5B49463 - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin ==== Chromium Look ====================== Chrome Media Router - EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC ==== Reset Google Chrome ====================== C:\Users\EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F9BC3A069244A7C4AA7977CCF41E6017 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{60A3CB9F-4429-4C7A-AA97-77CC4FE10671} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\F9BC3A069244A7C4AA7977CCF41E6017 deleted successfully ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\EOSDEESSE\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\EOSDEESSE\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== C:\Users\EOSDEESSE\AppData\Local\Mozilla\Firefox\Profiles\0rk4zcdi.default\cache2 emptied successfully ==== Empty Edge Cache ====================== Edge Cache Emptied Successfully ==== Empty Chrome Cache ====================== C:\Users\EOSDEESSE\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1185 folders=46 381053450 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\EOSDEESSE\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\EOSDEE~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on 24/10/2018 at 19:20:16,19 ======================