Zoek.exe v5.0.0.0 Updated 18-01-2015
Tool run by Nelleke on vr 23-01-2015 at  9:29:28,60.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Nelleke\Desktop\zoek.exe [Scan all users] [Script inserted] 

==== Older Logs ======================

C:\zoek-results2015-01-22-145027.log	233016 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D40B90B4-D3B1-4D6B-A5D7-DC041C1B76C0} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\faststartff@gmail.com deleted successfully

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Nelleke\AppData\Local\Temp ====
====== Java Cache =====
2015-01-22 15:13:15	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Nelleke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\eef218c-2c7a4ebf
2015-01-22 15:13:11	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Nelleke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-468b7b2d
2015-01-22 15:13:11	0E9E7A8D65E09D51FB1ACBF033BB5BCE	424	----a-w-	C:\Users\Nelleke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\17\49a00451-aa56bb018d5de3a531ee91cc4857f0f479656e5370ebf87789e721aaaf530ebc-6.0.lap
2015-01-22 15:13:10	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Nelleke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-2ff124e7
2015-01-22 15:13:11	34FA8033B50A3F99D3AB8209C72C0ABA	6860	----a-w-	C:\Users\Nelleke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\43\1ca2666b-70910952
====== C:\Windows\SysWOW64 =====
2015-01-18 12:41:58	FE48346938C1CDDDF4E4097DB9B99764	52224	----a-w-	C:\Windows\SysWOW64\nlaapi.dll
2015-01-18 12:41:58	92940397DFFB4D237EA5BB22FF912BDC	156672	----a-w-	C:\Windows\SysWOW64\ncsi.dll
2015-01-18 12:41:53	2AF481C03C0383ADE09FFEDA0C583140	3971512	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2015-01-18 12:41:51	9606307F5E1EABA98ACB61206EFC2127	43008	----a-w-	C:\Windows\SysWOW64\srclient.dll
2015-01-18 12:41:51	8A289EF0AE709327D6AA9769E108B5A6	3916728	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-01-18 12:41:59	B6A58491307B4CADA572583D863DC602	210432	----a-w-	C:\Windows\Sysnative\profsvc.dll
2015-01-18 12:41:58	8B301D474B478E9A92823BAB50A7BC49	303616	----a-w-	C:\Windows\Sysnative\nlasvc.dll
2015-01-18 12:41:57	2A9C3ADBC3B9D061CACDEFFBED67683C	87040	----a-w-	C:\Windows\Sysnative\TSWbPrxy.exe
2015-01-18 12:41:53	0A70B8D78AF95894E221DDAC6482DF6D	5553592	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2015-01-18 12:41:51	F4846789B3795F14DCB7D92ED1DAF74F	503808	----a-w-	C:\Windows\Sysnative\srcore.dll
2015-01-18 12:41:51	DE595EACC79006E7B15B848BF0831E78	296960	----a-w-	C:\Windows\Sysnative\rstrui.exe
2015-01-18 12:41:51	BA6D609BAB615991E8791CA1DFFD034C	50176	----a-w-	C:\Windows\Sysnative\srclient.dll
====== C:\Windows\Sysnative\drivers =====
2015-01-18 12:41:58	AE3334958D8F631FF14A0AEB3D7EFB3A	141312	----a-w-	C:\Windows\Sysnative\drivers\mrxdav.sys
====== C:\Windows\Tasks ======
2015-01-21 19:18:16	9BDB3425309CE3FB782CE8DA39F031CB	3160	----a-w-	C:\Windows\Sysnative\Tasks\{004180C6-1A9F-4CA7-89B3-FD1C543E1B60}
2014-12-28 14:59:22	B63AD96D5AB77552EFDB7D2277C3B0CB	3886	----a-w-	C:\Windows\Sysnative\Tasks\Adobe Acrobat Update Task
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2015-01-22 15:00:04	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
====== C:\Users\Nelleke\AppData\Roaming ======
2015-01-22 15:06:46	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Locallow\Sun
2015-01-22 14:47:56	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\Public\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\Nelleke\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\Gast\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\erik\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-01-22 14:47:56	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-01-06 10:17:21	--------	d-----w-	C:\Users\Nelleke\AppData\Local\pdfforge
2015-01-06 10:04:54	--------	d-----w-	C:\Users\Nelleke\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
====== C:\Users\Nelleke ======
2015-01-22 14:59:01	--------	d-----w-	C:\ProgramData\Oracle
2015-01-22 08:55:56	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Nelleke\Desktop\RSITx64.exe
2015-01-21 21:54:15	--------	d-----w-	C:\Users\Nelleke\Start Menu
2015-01-07 12:10:18	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2015-01-07 12:08:28	--------	d-----w-	C:\Users\Nelleke\Microsoft Office 15

====== C: exe-files ==
2015-01-22 18:11:05	62C4D7247879573C7E7B6FE739403358	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2849121425-4159316806-1266491598-1001\$IKYC4HO.exe
2015-01-22 14:59:45	B0D46640968F989830413EB88F43E0D0	0	----a-we	C:\ProgramData\Oracle\Java\javapath\java.exe
2015-01-22 14:59:45	52C8B9FD016E6317FDB151296FF90877	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaws.exe
2015-01-22 14:59:45	3E72E1AB196855916E2065C604674631	0	----a-we	C:\ProgramData\Oracle\Java\javapath\javaw.exe
2015-01-22 14:59:05	DBB5C8AE19ACFA2857CFB90C7305AC56	51112	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssvagent.exe
2015-01-22 14:59:05	7479DA0BED071427A3F0017AC51CC27B	159656	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\unpack200.exe
2015-01-22 14:59:05	577F5DCBA4DE4C345631873670F84E79	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\tnameserv.exe
2015-01-22 14:59:04	F9D744CD9BC58F287F8FA59D32508EDD	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\orbd.exe
2015-01-22 14:59:04	DA34E76DE9CD93471F24E7BD43139958	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\kinit.exe
2015-01-22 14:59:04	CDB1FE0DCF2ADB755EBF65C8AEBBC871	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\servertool.exe
2015-01-22 14:59:04	AF82EA1498FEC5C49B8A1AE5AA0A5F6C	77224	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2launcher.exe
2015-01-22 14:59:04	A8884FB8246655C84F110E77DF5E1B4A	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\ktab.exe
2015-01-22 14:59:04	90C02BD6D01BBC1C620323F9E330E89C	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jjs.exe
2015-01-22 14:59:04	8B6DF9CD28359C5E819446FD79CE3948	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmiregistry.exe
2015-01-22 14:59:04	69BD74EE834B5629226BF89468B8020B	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\keytool.exe
2015-01-22 14:59:04	5F7C51E0DCA813D647F14FC12AE675F2	16296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\policytool.exe
2015-01-22 14:59:04	39685FC75B6FB2144E793595F1AB111D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\pack200.exe
2015-01-22 14:59:04	2F77C9862B1A2401278C4A5B932DA69D	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\klist.exe
2015-01-22 14:59:04	0FB2ACAC796B166F6486B593B604A3FF	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\rmid.exe
2015-01-22 14:59:03	F5EA785B2BCC08DC28CBC2D96E05F2C1	68520	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javacpl.exe
2015-01-22 14:59:03	DF1C8EDDAF14D2960A06A9DF7B2D0A89	15784	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java-rmi.exe
2015-01-22 14:59:03	B0D46640968F989830413EB88F43E0D0	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\java.exe
2015-01-22 14:59:03	52C8B9FD016E6317FDB151296FF90877	272296	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaws.exe
2015-01-22 14:59:03	3E72E1AB196855916E2065C604674631	176552	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\javaw.exe
2015-01-22 14:59:03	063A1044A451660B159426B9C5E75957	30632	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\bin\jabswitch.exe
2015-01-22 14:47:46	6713E17AFCB3A28191A747DC8C475721	639912	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2849121425-4159316806-1266491598-1001\$RKYC4HO.exe
2015-01-19 23:08:15	BA7DC0C9141BE7292CA7E744B6F19F26	897104	----a-w-	C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\39.0.2171.99\39.0.2171.99_39.0.2171.95_chrome_updater.exe
=== C: other files ==
2015-01-22 14:59:05	3315140254247E248C3531F159C79109	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_31\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Spotify Web Helper"="C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe"
"Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"SkyDrive"="C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"

[HKEY_USERS\S-1-5-21-2849121425-4159316806-1266491598-1001\Software\Microsoft\Windows\CurrentVersion\runonce]
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"BATINDICATOR"="C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe"
"LaunchHPOSIAPP"="C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe"
"AppleSyncNotifier"="C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"DiscWizardMonitor.exe"="C:\Program Files (x86)\Seagate\DiscWizard\DiscWizardMonitor.exe"
"Reader Application Helper"="C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Wondershare Helper Compact.exe"="C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
"iCloudServices"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
"ApplePhotoStreams"="C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe"
"Facebook Update"="C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"Spotify Web Helper"="C:\Users\Nelleke\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\DOCK\HPAdvisorDock.exe"
"Google Update"="C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"SkyDrive"="C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"iCloudDrive"="C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.2015.0811\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4029.0217\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4035.0328\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.0.4041.0512\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1165.0612\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1166.0618\amd64"
"Uninstall C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"="C:\Windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Nelleke\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"hpsysdrv"="c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe"
"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"
"egui"="C:\Program Files\ESET\ESET Smart Security\egui.exe /hide /waitservice"
"Seagate Scheduler2 Service"="C:\Program Files (x86)\Common Files\Seagate\Schedule2\schedhlp.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~3\\bitguard\\271832~1.68\\{16cdf~1\\loader.dll c:\\progra~3\\bitguard\\271769~1.27\\{16cdf~1\\loader.dll"

==== Startup Registry Disabled ======================

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run-]
"Google Update"="\"C:\\Users\\Nelleke\\AppData\\Local\\Google\\Update\\GoogleUpdate.exe\" /c"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"HP Software Update"="c:\\Program Files (x86)\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"iTunesHelper"="\"C:\\Program Files (x86)\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""
"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"


==== Startup Folders ======================

2014-01-07 21:18:25	1065	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Event Reminder.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [23-01-2015 00:53]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 00:14]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe [12-07-2012 00:14]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-12-2014 22:02]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [09-12-2014 22:02]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 20:38]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA.job --a------ C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe [08-02-2014 20:38]
C:\Windows\tasks\HPCeeScheduleForNelleke.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Apple Diagnostics" [C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\Google Updater and Installer" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001Core" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2849121425-4159316806-1266491598-1001UA" [C:\Users\Nelleke\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HP-Online updateprogramma" [c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForNelleke" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\HPOSIAPP64" ["%ProgramFiles(x86)%\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe"]
"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{87CB33B6-B2AB-4BA6-B18B-C4C009689351}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\erik\AppData\Roaming\Mozilla\Firefox\Profiles\is1p0ty0.default
user_pref("browser.startup.homepage", "http://www.google.com");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.newtab.url", "http://www.google.com/");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");
user_pref("browser.search.selectedEngine", "Google");
user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005
user_pref("browser.startup.homepage", "http://www.allemaal-series.org/browse.php");
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "webssearches");
user_pref("browser.search.selectedEngine", "webssearches");

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default
user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "Google");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"fftoolbar2014@etech.com"="C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005\extensions\fftoolbar2014@etech.com" [21-01-2015 18:34]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\b6hp15ti.default
- Undetermined - %ProfilePath%\extensions\compatibility@addons.mozilla.org

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005
- Undetermined - ffextension@weheartit.com
- Undetermined - {2d3fbcf7-be69-4433-8858-c621a8d0e58d}
- Undetermined - fftoolbar2014@etech.com
- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org
- FF Toolbar - %ProfilePath%\extensions\fftoolbar2014@etech.com
- Widevine Media Optimizer - %ProfilePath%\extensions\{2d3fbcf7-be69-4433-8858-c621a8d0e58d}
- YouTube Video and Audio Downloader - %ProfilePath%\extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi
- Kalp Tuu - %ProfilePath%\extensions\ffextension@weheartit.com.xpi
- Pin It Button - %ProfilePath%\extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\mwdbv0eh.default
- WOT - %ProfilePath%\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}

ProfilePath: C:\Users\Nelleke\AppData\Roaming\Thunderbird\Profiles\2j53e4is.default
- Instrument Test - %ProfilePath%\extensions\tbtestpilot@labs.mozilla.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Nelleke\AppData\Roaming\Mozilla\Firefox\Profiles\fiejsl2o.default-1357987608005
8EE818FCDD262C6B5BFF6905590172CC	- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_287.dll -	Shockwave Flash
D6ED6EB98E759460AD8C66DE23070132	- C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll -	Microsoft Office 2013
D2377C9458EFEB094E38B8C874AA214C	- C:\Users\Nelleke\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll -	Google Update
76EFD64CD206B93E2EB5320A23C19AD7	- C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
2AB6A7F373290AE20A19CF5F306E8C97	- C:\Users\Nelleke\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
3CD19649B2C3023D65E67C056457A2BC	- C:\Users\Nelleke\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll -	Facebook Video Calling Plugin
18CF51689186AEB9D1D149AEB0E92D03	- C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL -	Microsoft Office 2013
EECE85E006E195B1B227A8EB0874BDA8	- C:\Users\Nelleke\AppData\Local\Microsoft\Internet Explorer\Downloaded Program Files\Microsoft Office 15\npofficeondemand.dll -	Microsoft Office 2013


==== Chromium Look ======================

Google Chrome Version: 39.0.2171.99 (Up to date, latest Stable version: 39.0.2171.99)


Google Slides - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google Sheets - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Google Wallet - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Nelleke\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1254 folders=408 177795622 bytes)

==== EOF on vr 23-01-2015 at  9:41:08,51 ======================