
Zoek.exe v5.0.0.0 Updated 23-12-2014
Tool run by robke on di 23/12/2014 at 21:54:50,66.
Microsoft® Windows Vista™ Home Premium  6.0.6001 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\robke\Desktop\zoek.exe.com [Scan all users] [Script inserted] 

==== System Restore Info ======================

23-12-2014 21:56:40 Zoek.exe System Restore Point Created Succesfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} ntshrui.dll 


==== Empty Folders Check ======================

C:\Program Files\CyberLink deleted successfully
C:\Program Files\MSXML 4.0 deleted successfully
C:\PROGRA~2\Avg7 deleted successfully
C:\Users\robke\AppData\Roaming\WinRAR deleted successfully
C:\Users\robke\AppData\Local\25777 deleted successfully
C:\Users\robke\AppData\Local\Unity deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5fb4c9a0-2a22-44c8-a873-914d261345fe} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{11111111-1111-1111-1111-110411151152} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{9cf699ca-2174-4ed8-bec1-ba82095edce0} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{8271B5D6-76D3-4ABF-AEB3-1721161C76BC} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{1824FF90-C98E-48A6-838F-E3B6572B0C77} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{a43fc89b-4cde-4f7d-b090-492acfce6dc1} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{cb4c1030-7005-4cc4-8f04-e0ed04afef27} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{1015f5d5-da65-4854-8985-17e269941407} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{0239af1f-bd28-4699-8e2d-1167e3b33930} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{bda921b0-ff4f-4d43-8fbe-0c9951f23cf8} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{f334354c-2792-439a-8c71-e21327a1b27d} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{0f435fb5-b2f8-4868-bd23-43a2c4d02d5f} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{db1a5021-8858-4e8c-9c2f-20f20ac5c7fb} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Approved Extensions\{5fb4c9a0-2a22-44c8-a873-914d261345fe} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} deleted successfully
HKEY_USERS\S-1-5-21-3723894691-1265959471-2415864850-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

==== File Information Results ======================


--- C:\Program Files\HDReg\HDRegRem.exe ---
Company: ------
File Description: ------
File Version: ------
Product Name: ------
Copyright: ------
Original Filename: ------
File type: ----a-w-
File size: 24576
Created time: 2003-07-15 08:14:54
Modified time: 2003-07-15 08:14:54
MD5: 4CCD772ADC75A6F284461402BDB32981
SHA1: 2D84AE631EC302E9FF0E94412143296E2B2E6A19


==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-12-17 09:00:37	E185BDA84E5F03F4E1D8DCA30E209277	1912	----a-w-	C:\Windows\epplauncher.mif
====== C:\Users\robke\AppData\Local\Temp ====
2014-12-20 11:32:44	8E7E544AD4C0E5625D896FE33B9A0BF4	1703936	----a-w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-43f2050a.exe
2014-12-18 18:11:45	08A9E464345057DCC119D75E82CA0FF3	832248	----a-w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\mpam-3e744269.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2014-12-16 14:26:56	1916D94C15BA24648E3FDEF734074614	13568	----a-w-	C:\Windows\System32\.crusader
====== C:\Windows\system32\drivers =====
2014-12-16 19:06:11	B3635FD088BA2F6F03A276A961BE6ED2	35992	----a-w-	C:\Windows\System32\drivers\hitmanpro37.sys
2014-12-16 13:26:02	8E2E9CCD873ABF180F48BCAEEEBE347D	114904	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-16 13:25:46	A3F4391DFDF2F9E9FE4EAD193265A5AD	23256	----a-w-	C:\Windows\System32\drivers\mbam.sys
2014-12-16 13:25:46	9BD41E40039098BF5F8FE878A9A6989E	75480	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2014-12-16 13:25:46	6D2DB74A8CF2DDFE372FFF9C73E8F0EF	51928	----a-w-	C:\Windows\System32\drivers\mwac.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-12-23 19:49:36	--------	d-----w-	C:\Program Files\trend micro
======= C: =====
2014-12-16 13:19:13	8D987BE841B404B83E6CE18C33C44C88	55	----a-w-	C:\AdwCleanerDebug.txt
====== C:\Users\robke\AppData\Roaming ======
====== C:\Users\robke ======
2014-12-23 19:47:57	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\robke\Downloads\RSIT.exe
2014-12-17 08:55:50	320CD3F04A60096D9F563ACE425884FA	11472184	----a-w-	C:\Users\robke\Downloads\mseinstall.exe
2014-12-16 13:41:39	--------	d-----w-	C:\ProgramData\HitmanPro

====== C: exe-files ==
2014-12-23 19:49:37	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\robke.exe
2014-12-23 19:47:57	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\robke\Downloads\RSIT.exe
2014-12-23 19:47:52	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\Users\robke\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\IQA86M8H\RSIT[1].exe
2014-12-20 11:32:44	8E7E544AD4C0E5625D896FE33B9A0BF4	1703936	----a-w-	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-43f2050a.exe
2014-12-18 18:11:45	08A9E464345057DCC119D75E82CA0FF3	832248	----a-w-	C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Temp\mpam-3e744269.exe
2014-12-17 08:55:50	320CD3F04A60096D9F563ACE425884FA	11472184	----a-w-	C:\Users\robke\Downloads\mseinstall.exe
=== C: other files ==
2014-12-23 20:55:21	8449AF6C2ACFD99D8150E7670C8E0B5F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3723894691-1265959471-2415864850-1002\$IE8JAI1.com
2014-12-23 20:54:34	2C0D23DDB20B92B938499A59630BAED3	1429293	----a-w-	C:\$Recycle.Bin\S-1-5-21-3723894691-1265959471-2415864850-1002\$RE8JAI1.com

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"WindowsWelcomeCenter"="rundll32.exe oobefldr.dll,ShowWelcomeCenter"
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /detectMem"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"NvSvc"="RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart"
"NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
"NvMediaCenter"="RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit"
"Windows Defender"="%ProgramFiles%\Windows Defender\MSASCui.exe -hide"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AVG9_TRAY]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="AVG9_TRAY"
"hkey"="HKLM"
"command"="C:\\PROGRA~1\\AVG\\AVG9\\avgtray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AvgUninstallURL]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="AvgUninstallURL"
"hkey"="HKLM"
"command"="cmd.exe /c start http://www.avg.com/nl.special-uninstallation-feedback-appf?lic=OQBBAFYARgBSAEUARQAtAFYATgBKADMAMgAtAEcAMwBMAEEAQQAtAEEANAA4ADkAUgAtADkAVQBKAEsARgAtAEUASwBLADMAWAA\"&\"inst=NwA3AC0ANAAxADQANwAzADUAMAAzADcALQBGAEwAKwA5AC0AWABPADMANgArADEALQBYAE8AOQArADEALQBEAEQAVAArADIAMQA2ADEANAAtAEQARAA5ADAARgArADEALQBTAFQAOQAwAEYAQQBQAFAAKwAxAC0ARgA5ADAATQAxADIARQBUACsAMQAtAFQAQgBOACsAMQAtAEwAOQAwAE0ASgArADIALQBGADkAMABNADEAMgBKAE4AKwAxAC0ARgA5ADAATQAxADIAUgArADEALQBWAEkAUAAxADIAKwAxAA\"&\"prod=90\"&\"ver=9.0.894"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CardReaderMonitor]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CardReaderMonitor"
"hkey"="HKLM"
"command"="C:\\Program Files\\Realtek Semiconductor Corp.\\Realtek Card Reader Monitor\\CardReaderMonitor.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ehTray.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ehTray.exe"
"hkey"="HKCU"
"command"="C:\\Windows\\ehome\\ehTray.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Facebook Update"
"hkey"="HKCU"
"command"="\"C:\\Users\\robke\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\fssui]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="fssui"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Windows Live\\Family Safety\\fsui.exe\" -autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Google Desktop Search]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Google Desktop Search"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Google\\Google Desktop Search\\GoogleDesktop.exe\" /startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ISUSPM]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ISUSPM"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Common Files\\InstallShield\\UpdateService\\ISUSPM.exe\" -scheduler"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvCplDaemon]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvCplDaemon"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvMediaCenter]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvMediaCenter"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NvSvc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NvSvc"
"hkey"="HKLM"
"command"="RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Skype"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SynTPEnh]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="SynTPEnh"
"hkey"="HKLM"
"command"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Ulead AutoDetector v2]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Ulead AutoDetector v2"
"hkey"="HKLM"
"command"="C:\\Program Files\\Common Files\\Ulead Systems\\AutoDetector\\monitor.exe"


==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3723894691-1265959471-2415864850-1002Core.job --a------ C:\Users\robke\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/12/2013 12:03]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-3723894691-1265959471-2415864850-1002UA.job --a------ C:\Users\robke\AppData\Local\Facebook\Update\FacebookUpdate.exe [22/12/2013 12:03]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 19:15]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [31/01/2010 19:15]
C:\Windows\tasks\HDReg.job --a------ C:\Program Files\HDReg\HDRegRem.exe [15/07/2003 09:14]
C:\Windows\tasks\User_Feed_Synchronization-{FA5BB042-30F9-427A-9F0A-4A90A31DFB6A}.job --ah----- C:\Windows\system32\msfeedssync.exe [19/01/2008 08:33]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3723894691-1265959471-2415864850-1002Core" [C:\Users\robke\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3723894691-1265959471-2415864850-1002UA" [C:\Users\robke\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\HDReg" [C:\Program Files\HDReg\HDRegRem.exe]
"C:\Windows\system32\tasks\User_Feed_Synchronization-{FA5BB042-30F9-427A-9F0A-4A90A31DFB6A}" [C:\Windows\system32\msfeedssync.exe]

==== Folders in C:\PROGRA~2 0-6 Months Old ======================

2014-12-16 13:25:46	--------	d-----w-	C:\PROGRA~2\Malwarebytes
2014-12-16 13:41:39	--------	d-----w-	C:\PROGRA~2\HitmanPro

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{20a82645-c095-46ed-80e3-08825760534b}"="c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension" [03/09/2009 19:45]

==== Firefox Extensions ======================

ProfilePath: C:\Users\robke\AppData\Roaming\Mozilla\Firefox\Profiles\yr4xnxgp.default
- Google Toolbar for Firefox - C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\packardbell@partners.mozilla.com
- Undetermined - C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
- Undetermined - C:\Program Files\Web Assistant\Firefox
- Undetermined - C:\Program Files\BetterSurf\BetterSurfPlus\ff
- Undetermined - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha339\ff
- Undetermined - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta780\ff
- Undetermined - C:\Program Files\MediaPlayerV1\MediaPlayerV1alpha479\ff
- Undetermined - C:\Program Files\MediaViewerV1\MediaViewerV1alpha389\ff
- Undetermined - C:\Program Files\MediaViewV1\MediaViewV1alpha3055\ff
- Undetermined - C:\Program Files\MediaWatchV1\MediaWatchV1home269\ff
- Undetermined - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4266\ff
- Undetermined - C:\Program Files\RichMediaViewV1\RichMediaViewV1release895\ff
- Undetermined - %ProfilePath%\extensions\staged
- Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

AppDir: C:\Program Files\Mozilla Firefox
- Google Toolbar for Firefox - %AppDir%\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}

==== Firefox Plugins ======================


==== Chromium Look ======================

Google Chrome Version: 31.0.1650.63 (Possible outdated, latest Stable version: 39.0.2171.95)

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
egfgmbllafpinfecganbahogjnldadcj - C:\Program Files\MediaViewV1\MediaViewV1alpha4886\ch\MediaViewV1alpha4886.crx[]
haifakggmdlhncdggandfpcghgdkejpg - C:\Program Files\MediaBuzzV1\MediaBuzzV1mode4266\ch\MediaBuzzV1mode4266.crx[]
ifgoponfhhihabhighlhojbbjolannan - C:\Program Files\VideoPlayerV3\VideoPlayerV3beta780\ch\VideoPlayerV3beta780.crx[]
ijbhbgkeoakomobdpmcgocpgpbhbmfck - C:\Program Files\RichMediaViewV1\RichMediaViewV1release895\ch\RichMediaViewV1release895.crx[]
jifgcmmokfojhjnbgoghcgdoocehicod - C:\Program Files\MediaViewV1\MediaViewV1alpha3055\ch\MediaViewV1alpha3055.crx[]
kemcahcfhhpjdpmhpomeapnpchhkmpmp - C:\Program Files\MediaWatchV1\MediaWatchV1home269\ch\MediaWatchV1home269.crx[]
mkmnphjgmfonpinfdilppmdjlachbdpg - C:\Program Files\MediaViewerV1\MediaViewerV1alpha389\ch\MediaViewerV1alpha389.crx[]
ogeadhccfcpadbmmeppfmidcamgcamph - C:\Program Files\WebexpEnhancedV1\WebexpEnhancedV1alpha339\ch\WebexpEnhancedV1alpha339.crx[]

Google Docs - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Media Player - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bpbgfcigceilkjdnbkoehmmeggibdjah
Last updated at time on date - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
AppetoU - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\hocokhkddobepbdlfgngakekamojjedj
Google Wallet - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - robke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\robke\AppData\Local\Google\Chrome\User Data\Default\Preferences
"urls_to_restore_on_startup": [ "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26&did=10963", "http://www.msn.com/nl-be/?pc=UP97&ocid=UP97DHP", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.incredibar-search.com/?a=6OzvFs8X6J&loc=skw&i=26", "http://www.google.com" ]


==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== EOF on di 23/12/2014 at 22:04:43,87 ======================