Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by PC on wo 24-06-2015 at 15:27:51,52. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\PC\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2015-01-26-131423.log 1880 bytes C:\zoek-results2015-01-27-115746.log 31631 bytes C:\zoek-results2015-06-24-131523.log 54903 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\Nico Mak Computing deleted successfully C:\Users\PC\AppData\Roaming\Nico Mak Computing deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce] "WinSATRestorePower"=- [-HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] ==== Deleting Files \ Folders ====================== C:\Users\PC\AppData\Roaming\ProductData deleted ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\PC\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\windows\system32 ===== 2015-06-22 10:55:33 C60EC65E2BCB81DB6F3B472D7EBB6351 3298 ----a-w- C:\windows\System32\StyleVista.png 2015-06-22 10:55:33 8632A3CAE8144727FC781AAAA8D0430E 3137 ----a-w- C:\windows\System32\StyleVistaDown.png 2015-06-12 10:17:07 C11A85DC25558AE6287FE901C0763D83 927 ----a-w- C:\windows\System32\dfboottime.cfg 2015-06-12 10:17:07 2FCEBDF62A3CF345C157FCA95A321023 81408 ----a-w- C:\windows\System32\dfboottime.exe 2015-06-12 04:14:52 A3F7329F6D8EA371316F019EF19F2551 879104 ----a-w- C:\windows\System32\appraiser.dll 2015-06-12 04:14:52 9BA4FB5EA245A26D5FC1E061DAF29647 571392 ----a-w- C:\windows\System32\generaltel.dll 2015-06-12 04:14:52 047146E831EA517A1B65AD6646FF4909 163840 ----a-w- C:\windows\System32\aepic.dll 2015-06-12 04:14:50 E14C37DFCEDAD75474570C1E650D2EBC 901120 ----a-w- C:\windows\System32\aeinv.dll 2015-06-12 04:14:50 94706C6DD2660039B4D193512C2CE8C2 333824 ----a-w- C:\windows\System32\devinv.dll 2015-06-12 04:14:50 4C889CD7AB77ABAAF86AA0956EFDC840 37888 ----a-w- C:\windows\System32\acmigration.dll 2015-06-12 04:14:50 05335321524A70C5520CBFAEE13B702E 621568 ----a-w- C:\windows\System32\invagent.dll 2015-06-12 04:14:49 8F24AB8081EBA455A5FDF5990CC318C0 202752 ----a-w- C:\windows\System32\aepdu.dll 2015-06-12 04:14:42 BCD4C37A7043E75131111EA447210DE7 2384384 ----a-w- C:\windows\System32\win32k.sys 2015-06-12 04:14:23 C842601A18BA4D9058E7C0EFA5683513 102912 ----a-w- C:\windows\System32\ieetwcollector.exe 2015-06-12 04:14:23 8C3A03295F56D1FFB51D9D05DA42B12D 47616 ----a-w- C:\windows\System32\ieetwproxystub.dll 2015-06-12 04:14:23 185490A6C3BEDAC5EF547314F68AB07B 60416 ----a-w- C:\windows\System32\JavaScriptCollectionAgent.dll 2015-06-12 04:14:22 FA628D79E5FD267039A2F7637BA10754 667648 ----a-w- C:\windows\System32\MsSpellCheckingFacility.exe 2015-06-12 04:14:22 E21AE910DF0C5CB7D46D8FA17A4567DE 115712 ----a-w- C:\windows\System32\ieUnatt.exe 2015-06-12 04:14:22 C93AE4D14AEF5169791B35D97AE7C9FC 47104 ----a-w- C:\windows\System32\jsproxy.dll 2015-06-12 04:14:22 B6D8148C1C697A7BF04EE0FE82408B6A 710144 ----a-w- C:\windows\System32\ieapfltr.dll 2015-06-12 04:14:22 AD2726E4A53EC118D88CCA40260E1AE0 342728 ----a-w- C:\windows\System32\iedkcs32.dll 2015-06-12 04:14:22 ABE3B4B605499D726C27ACB6F756BC11 685568 ----a-w- C:\windows\System32\ie4uinit.exe 2015-06-12 04:14:22 96837E5864777688477AF6DE2332C06D 503808 ----a-w- C:\windows\System32\vbscript.dll 2015-06-12 04:14:22 81C1182A9EE7AC4D21187811DE66A7D0 30720 ----a-w- C:\windows\System32\iernonce.dll 2015-06-12 04:14:22 7DBCBB1647B7CD71E2039C1B50A12717 620032 ----a-w- C:\windows\System32\jscript9diag.dll 2015-06-12 04:14:22 53E9614ADFA6A40A452BA014CEF6F261 1309696 ----a-w- C:\windows\System32\urlmon.dll 2015-06-12 04:14:22 2DED8A99E45053C42DD21D6937D3960C 689152 ----a-w- C:\windows\System32\msfeeds.dll 2015-06-12 04:14:22 17B0852D8202A872C3E6D01B518B6A4E 418304 ----a-w- C:\windows\System32\dxtmsft.dll 2015-06-12 04:14:21 8C8B8C78C0CCD5D36ABCB115B0B581E1 2724864 ----a-w- C:\windows\System32\mshtml.tlb 2015-06-12 04:14:20 FB5C9234E4BF6BDAF4A954763A4582BA 168960 ----a-w- C:\windows\System32\msrating.dll 2015-06-12 04:14:20 C27C8CACEBC712BE2AD791715E9734EC 664064 ----a-w- C:\windows\System32\jscript.dll 2015-06-12 04:14:20 AD392013A39DE951627EE402002E800C 4096 ----a-w- C:\windows\System32\ieetwcollectorres.dll 2015-06-12 04:14:20 5C06EE62F06E990E9521EA80B8D4D4B8 62464 ----a-w- C:\windows\System32\iesetup.dll 2015-06-12 04:14:20 4ABEEF30EA5B9F4718312DCB60B6C9BC 2052608 ----a-w- C:\windows\System32\inetcpl.cpl 2015-06-12 04:14:19 E4EB138060BAE0DBAB1A3B71A3141FE7 1950720 ----a-w- C:\windows\System32\wininet.dll 2015-06-12 04:14:17 F26680AF396F89F7ABFDA1D1D6B62011 285696 ----a-w- C:\windows\System32\dxtrans.dll 2015-06-12 04:14:17 1A628C1F5470F0AF21E37E425026F27A 478208 ----a-w- C:\windows\System32\ieui.dll 2015-06-12 04:14:16 DB254D50B4527C2821C537E0587B44E8 12829696 ----a-w- C:\windows\System32\ieframe.dll 2015-06-12 04:14:14 EF853EA2A6A7BD891CCF31B0C2915352 341504 ----a-w- C:\windows\System32\html.iec 2015-06-12 04:14:13 85E21CCF38166E0D6DE2E42D9D3823BD 1155072 ----a-w- C:\windows\System32\mshtmlmedia.dll 2015-06-12 04:14:13 6B7210618D7E2CE0404ECF748701253A 76288 ----a-w- C:\windows\System32\mshtmled.dll 2015-06-12 04:14:12 9F6066005D8B8620598085C7499E9B70 64000 ----a-w- C:\windows\System32\MshtmlDac.dll 2015-06-12 04:14:11 3FD7E6DB5D81FE400DB4D81D278596E6 4305920 ----a-w- C:\windows\System32\jscript9.dll 2015-06-12 04:14:10 975421AC32F9F6E27A58F75DAB4B5871 19607040 ----a-w- C:\windows\System32\mshtml.dll 2015-06-12 04:14:09 927E38A35E4DFC4E294BD130BAA6F759 2278912 ----a-w- C:\windows\System32\iertutil.dll 2015-06-12 04:13:46 7AB2DE012C88870C9274E966EC88AB61 853504 ----a-w- C:\windows\System32\diagtrack.dll 2015-06-12 04:13:46 2CA16814DA3C5B2D8C7E70DC47A45ED1 551424 ----a-w- C:\windows\System32\kerberos.dll 2015-06-12 04:13:44 8DF4BACE3A14DA53F787631839C9A400 1061376 ----a-w- C:\windows\System32\lsasrv.dll 2015-06-12 04:13:43 9E68E1BDEBD85FC8803707370BE0FC6E 641536 ----a-w- C:\windows\System32\advapi32.dll 2015-06-12 04:13:43 641A14E6AC492ED45BC68815E2E2F566 3989440 ----a-w- C:\windows\System32\ntkrnlpa.exe 2015-06-12 04:13:42 7EBEA2FD2CA9200B18BC8252AF018797 1307648 ----a-w- C:\windows\System32\ntdll.dll 2015-06-12 04:13:42 6D4B495554B49F5221A946F4DA3A6A74 400896 ----a-w- C:\windows\System32\srcore.dll 2015-06-12 04:13:41 CA2628766DC1DFAF7D993C1E33391478 262656 ----a-w- C:\windows\System32\rstrui.exe 2015-06-12 04:13:41 BBABC6702529CFADAC0EC2B28168A288 248832 ----a-w- C:\windows\System32\schannel.dll 2015-06-12 04:13:41 583FFF12D2F0D6E1A8746462C433895F 3934144 ----a-w- C:\windows\System32\ntoskrnl.exe 2015-06-12 04:13:41 3C1BE79C3CE6EB378108B11D94CA1072 364544 ----a-w- C:\windows\System32\tracerpt.exe 2015-06-12 04:13:40 EA141596564AE0C670EDD0F2636EC29C 259584 ----a-w- C:\windows\System32\msv1_0.dll 2015-06-12 04:13:40 9A50B2567918BF7DDD600ECE5DB5ED76 221184 ----a-w- C:\windows\System32\ncrypt.dll 2015-06-12 04:13:40 4238391DE3E3FDCD2C731C1E4E0F402C 635392 ----a-w- C:\windows\System32\tdh.dll 2015-06-12 04:13:40 3B5DA649BF7B7D07510C06DE0AEEB4EB 82944 ----a-w- C:\windows\System32\logman.exe 2015-06-12 04:13:39 F85FA29340A536C8E0A16151B9B03923 50176 ----a-w- C:\windows\System32\auditpol.exe 2015-06-12 04:13:39 ABD1DC994FD40C5F74F7DFDCEEB64599 69632 ----a-w- C:\windows\System32\smss.exe 2015-06-12 04:13:39 A9E8F961F7FE1EDEEF8F46EEB800F2D8 172032 ----a-w- C:\windows\System32\wdigest.dll 2015-06-12 04:13:39 65A5E27C2217D606E212B6088CCD6104 92160 ----a-w- C:\windows\System32\sechost.dll 2015-06-12 04:13:39 629AD3FDA168D82D459164044A29F9BB 40448 ----a-w- C:\windows\System32\typeperf.exe 2015-06-12 04:13:39 5643A88C6DA8AAEC9CE2845431942650 65536 ----a-w- C:\windows\System32\TSpkg.dll 2015-06-12 04:13:39 3E6731BF36A7D6C62D09671B427B6B67 37888 ----a-w- C:\windows\System32\relog.exe 2015-06-12 04:13:38 FCA6EFFEE6D7D42E794F0E538297026C 43008 ----a-w- C:\windows\System32\srclient.dll 2015-06-12 04:13:38 FB224B0A63B8F58E91FE8A314AD295AD 17408 ----a-w- C:\windows\System32\diskperf.exe 2015-06-12 04:13:38 D2967F6D4205A227AAA7D094C12F7141 22528 ----a-w- C:\windows\System32\lsass.exe 2015-06-12 04:13:38 C5C99A03FD48D39B6D36D46682A93B7D 38912 ----a-w- C:\windows\System32\csrsrv.dll 2015-06-12 04:13:38 87BCBD110BB804C8AB3632CEB3B8DA32 15872 ----a-w- C:\windows\System32\sspisrv.dll 2015-06-12 04:13:38 7A9F94E0F53C8F6E09405351AC104A3C 17408 ----a-w- C:\windows\System32\credssp.dll 2015-06-12 04:13:38 769E395FF48802E1276FB615466E38C9 100352 ----a-w- C:\windows\System32\sspicli.dll 2015-06-12 04:13:38 2D23A10FBFA09DC1B61799128BBA91A2 22016 ----a-w- C:\windows\System32\secur32.dll 2015-06-12 04:13:37 52C869A640B8169D7C8460FB1646ABF5 6656 ----a-w- C:\windows\System32\apisetschema.dll 2015-06-12 04:13:35 911B76808EB28284B7395E62C8645319 36864 ----a-w- C:\windows\System32\UtcResources.dll 2015-06-12 04:13:35 7E7933E63BBE2BE71CC908EF140458EF 60416 ----a-w- C:\windows\System32\msobjs.dll 2015-06-12 04:13:35 619D5101114C71E1A4A585C5E68301B7 146432 ----a-w- C:\windows\System32\msaudite.dll 2015-06-12 04:13:35 2E65BF3D85BB2C831669FBCBDE6C9879 686080 ----a-w- C:\windows\System32\adtschema.dll 2015-06-12 04:12:43 A98E8F79C738CAF23C152DBCABD978FE 11411456 ----a-w- C:\windows\System32\wmp.dll 2015-06-12 04:12:39 DA27A4EA7B7C77FAFDB3F94D83E310C1 12625408 ----a-w- C:\windows\System32\wmploc.DLL 2015-06-12 04:12:39 605E9B2CFA3445ED7716D0B345EE21EC 8192 ----a-w- C:\windows\System32\spwmp.dll 2015-06-12 04:12:39 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\windows\System32\msdxm.ocx 2015-06-12 04:12:39 2401379E0610D15FAB78A4B1646F5B8D 4096 ----a-w- C:\windows\System32\dxmasf.dll 2015-06-12 04:12:35 957655757F43858692289B96F73716D8 868352 ----a-w- C:\windows\System32\kernel32.dll 2015-06-12 04:12:34 A83DD77AC941A8B1B2652035EA589149 169984 ----a-w- C:\windows\System32\winsrv.dll 2015-06-12 04:12:34 87A703DECCDC1BFCAC67E1D4686F67B6 293376 ----a-w- C:\windows\System32\KernelBase.dll 2015-06-12 04:12:34 015E337ABA03750D890A035819688FE1 271360 ----a-w- C:\windows\System32\conhost.exe 2015-06-12 04:12:26 58788565442368B0615DDAF1D452B843 530432 ----a-w- C:\windows\System32\comctl32.dll ====== C:\windows\system32\drivers ===== 2015-06-12 04:14:36 575DF237408CA735631F7A0DC423D873 54656 ----a-w- C:\windows\System32\drivers\stream.sys 2015-06-12 04:13:40 3C9D9DFCF517103677D7B6255C727B48 67520 ----a-w- C:\windows\System32\drivers\ksecdd.sys 2015-06-12 04:13:40 0DFC56491C8B56A35AD52EAF770752FE 137664 ----a-w- C:\windows\System32\drivers\ksecpkg.sys ====== C:\windows\Tasks ====== 2015-06-24 12:16:14 5A5526A5EDC8E1986E7BB4B1058FA6F6 2952 ----a-w- C:\windows\system32\Tasks\{8AB3DC56-B7D5-4131-BCDA-BD2DEF5B81F6} ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2015-06-23 13:52:17 -------- d-----w- C:\Program Files\trend micro ======= C: ===== ====== C:\Users\PC\AppData\Roaming ====== 2015-06-24 13:10:11 -------- d-----w- C:\windows\serviceprofiles\Localservice\AppData\Local\Temp 2015-06-24 13:10:10 -------- dc----w- C:\Users\PC\AppData\Local\Temp 2015-06-24 13:10:10 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2015-06-24 13:10:10 -------- d-----w- C:\Users\Default User\AppData\Local\Temp ====== C:\Users\PC ====== 2015-06-23 13:51:56 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\PC\Downloads\RSIT (1).exe 2015-06-23 13:35:25 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\PC\Downloads\RSIT.exe 2015-06-23 12:31:12 A82AB1423B18D7AC45A58EEA26E05C10 4894544 ----a-w- C:\Users\PC\Downloads\wzmalwareprotector_1.exe 2015-06-23 10:43:18 9FA4B7D6EDCB0EBC10D6C7E56EFB13D0 10180880 ----a-w- C:\Users\PC\Downloads\Setup_SupersonicPC_2015.exe 2015-06-22 11:18:59 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\PC\Downloads\adwcleaner_4.207.exe 2015-06-22 10:54:55 5E1E1F0E3B4DD3C592B162F17260D756 2505103 ----a-w- C:\Users\PC\Downloads\translateclient.exe ====== C: exe-files == 2015-06-24 13:27:16 31657ADA786863B73FAC28E5BD0753AD 382168 ----a-w- C:\ProgramData\Adobe\ARM\S\26352\AdobeARMHelper.exe 2015-06-23 13:52:18 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\PC.exe 2015-06-23 13:51:56 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\PC\Downloads\RSIT (1).exe 2015-06-23 13:35:25 8685FAF50C04F9A9C2F56FF64B0B7ACB 1107968 ----a-w- C:\Users\PC\Downloads\RSIT.exe 2015-06-23 12:31:12 A82AB1423B18D7AC45A58EEA26E05C10 4894544 ----a-w- C:\Users\PC\Downloads\wzmalwareprotector_1.exe 2015-06-23 10:43:18 9FA4B7D6EDCB0EBC10D6C7E56EFB13D0 10180880 ----a-w- C:\Users\PC\Downloads\Setup_SupersonicPC_2015.exe 2015-06-23 06:39:45 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files\Google\Update\Install\{4CD880F8-8106-4097-803B-DC94C600D9F4}\43.0.2357.130_43.0.2357.124_chrome_updater.exe 2015-06-23 06:39:45 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe 2015-06-22 11:18:59 1A6501B45306B3F5A125FAACE18C5FDE 2244096 ----a-w- C:\Users\PC\Downloads\adwcleaner_4.207.exe 2015-06-22 10:54:55 5E1E1F0E3B4DD3C592B162F17260D756 2505103 ----a-w- C:\Users\PC\Downloads\translateclient.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3360321568-3577047653-1866379785-1000\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "IntelWireless"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel Wireless Tray" "Persistence"="C:\windows\system32\igfxpers.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner.exe /MONITOR" "GoogleChromeAutoLaunch_73B90D4D0D4A45E4E1249D0D8EDB5EB0"="C:\Program Files\Google\Chrome\Application\chrome.exe --no-startup-window" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}" "hkey"="HKCU" "command"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CCleaner Monitoring" "hkey"="HKCU" "command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="CLMLServer" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\Power2Go\\CLMLSvc.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HotKeysCmds] "command"="C:\\windows\\system32\\hkcmd.exe" "hkey"="HKLM" "item"="HotKeysCmds" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IgfxTray] "command"="C:\\windows\\system32\\igfxtray.exe" "hkey"="HKLM" "item"="IgfxTray" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iTunesHelper] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="iTunesHelper" "hkey"="HKLM" "command"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NeroFilterCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="NeroFilterCheck" "hkey"="HKLM" "command"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PDVD8LanguageShortcut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PDVD8LanguageShortcut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\Language\\Language.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RemoteControl8] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RemoteControl8" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDVD8\\PDVD8Serv.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl] "command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RtHDVCpl.exe -s" "hkey"="HKLM" "item"="RtHDVCpl" "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Servicetool] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Servicetool" "hkey"="HKLM" "command"="C:\\Program Files\\KPN\\Servicetool\\KPNServicetool_Launcher.exe /auto" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateLBPShortCut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateLBPShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\LabelPrint\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\LabelPrint\" UpdateWithCreateOnce \"Software\\CyberLink\\LabelPrint\\2.5\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdateP2GoShortCut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdateP2GoShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\Power2Go\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\Power2Go\" UpdateWithCreateOnce \"SOFTWARE\\CyberLink\\Power2Go\\6.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\UpdatePDRShortCut] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="UpdatePDRShortCut" "hkey"="HKLM" "command"="\"C:\\Program Files\\CyberLink\\PowerDirector\\MUITransfer\\MUIStartMenu.exe\" \"C:\\Program Files\\CyberLink\\PowerDirector\" UpdateWithCreateOnce \"Software\\CyberLink\\PowerDirector\\7.0\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Secunia PSI Tray.lnk] "backup"="C:\\windows\\pss\\Secunia PSI Tray.lnk.CommonStartup" "backupExtension"=".CommonStartup" "command"="C:\\PROGRA~1\\Secunia\\PSI\\psi_tray.exe " "item"="Secunia PSI Tray" ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [23-05-2015 10:54] C:\windows\tasks\Defraggler Volume C Task.job --a------ C:\Program Files\Defraggler\df.exe [11-03-2015 12:47] C:\windows\tasks\DriverToolkit Autorun.job --a------ C:\Program Files\DriverToolkit\DriverToolkit.exe [] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-10-2013 13:13] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [12-10-2013 13:13] ==== Other Scheduled Tasks ====================== "C:\windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\system32\tasks\advSRS4" ["C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe"] "C:\windows\system32\tasks\ASC8_PerformanceMonitor" [C:\Program Files\IObit\Advanced SystemCare 8\Monitor.exe] "C:\windows\system32\tasks\ASC8_SkipUac_PC" ["C:\Program Files\IObit\Advanced SystemCare 8\ASC.exe" /SkipUac] "C:\windows\system32\tasks\BatteryLifeExtender" [C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe] "C:\windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\windows\system32\tasks\Defraggler Volume C Task" [C:\Program Files\Defraggler\df.exe] "C:\windows\system32\tasks\Driver Booster SkipUAC (PC)" [C:\Program Files\IObit\Driver Booster\DriverBooster.exe] "C:\windows\system32\tasks\DriverToolkit Autorun" [C:\Program Files\DriverToolkit\DriverToolkit.exe] "C:\windows\system32\tasks\EasyBatteryManager" ["%ProgramFiles%\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe"] "C:\windows\system32\tasks\EasySpeedUpManager" [%programfiles%\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\SamsungSupportCenter" [%programfiles%\Samsung\Samsung Support Center\SSCKbdHk.exe] "C:\windows\system32\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe] "C:\windows\system32\tasks\SUPBackground" ["%ProgramFiles%\Samsung\Samsung Update Plus\SUPBackground.exe"] "C:\windows\system32\tasks\Uninstaller_SkipUac_PC" [C:\Program Files\IObit\IObit Uninstaller\IObitUninstaler.exe] "C:\windows\system32\tasks\User_Feed_Synchronization-{73901780-72C1-46D1-B04B-FE76A9F212AB}" [C:\windows\system32\msfeedssync.exe] "C:\windows\system32\tasks\{8AB3DC56-B7D5-4131-BCDA-BD2DEF5B81F6}" [C:\Program Files\AVAST Software\Avast\AvastUI.exe] "C:\windows\system32\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files\Apple Software Update\SoftwareUpdate.exe] "C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [22-04-2015 10:53] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[18-03-2015 09:27] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01-05-2015 11:17] Google Slides - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Angry Birds - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj TV - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\beobeededemalmllhkmnkinmfembdimh YouTube - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Kifi Keeper - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjooibalklfinmkiodaamcckfbcjhin Avast Online Security - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki Scrabble Solver - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\halhonijpnjlkcmhokjlogagkidaakam File System for Dropbox - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hlffpaajmfllggclnjppbblobdhokjhe Bitly | Unleash the power of the link - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic Pixlr Editor - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\icmaknaampgiegkcjlimdiidlhopknpk Skype Click to Call - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Maps - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh WGT Golf Game - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mpedbpkelbhcbkdaglillalioeeekbpb Google Wallet - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Instagram - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oacfdfgmgfbpgjgpgghdcjfaajdiggho Print Friendly & PDF - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ohlencieiipommannpdfcmfdpjjmeolj Kifi - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\onjcefmjokhplckpacodglibhjiplgda Gmail - PC\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Slides - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek Google Docs - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Sheets - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap Avast Online Security - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gomekmidlodglbbmalcneegieacbdmki Skype Click to Call - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - PC\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences {"browser":{"last_known_google_url":"https://www.google.nl/","window_placement":{"bottom":801,"left":102,"maximized":true,"right":830,"top":60,"work_area_bottom":852,"work_area_left":0,"work_area_right":1600,"work_area_top":0}},"countryid_at_install":20044,"data_reduction":{"daily_original_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1553059"],"daily_original_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_original_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","1553059"],"daily_received_length_https_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_long_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_short_bypass_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_unknown_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_via_data_reduction_proxy":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"daily_received_length_with_data_reduction_proxy_enabled":["0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0","0"],"last_update_date":"13079484000000000"},"default_apps_install_state":3,"extensions":{"alerts":{"initialized":true},"autoupdate":{"last_check":"13079563805976000","next_check":"13079580701202000"},"chrome_url_overrides":{"bookmarks":["chrome-extension://eemcgdkfndhakfknompkggombfjjjeno/main.html"]},"install_signature":{"expire_date":"2015-09-15","ids":["aapocclcgogkmnckokdopfmhonfmgoek","aohghmighlieiainnegkcijnfilokake","felcaaldnbdncclmgdcncolpebgiejap","gomekmidlodglbbmalcneegieacbdmki","lifbcibllhkdhoafpjfnlhfpfgnpldfl"],"invalid_ids":[],"salt":"SOCsPTcA71IyUYMLN7NLTjwPIp9+iKcRkw1Mm2ibG7c=","signature":"boqF1+ns4ok2cf6xwfSCtTuftwVjrUU9HYXAh3/rwRLpVBMQPr6cn1nJNH89QlZzJZ+kLBK4ZaB9MD2uf2MpSNOIOKNPl8ZZtJoU2VQLVe9zHVGM5TsMhwgqfhz0LNkImP6TlnYpGyDChY++Sqdcld4Y9RG/IzcdcvXQ5sM2DdFs36uTF9qiWdFy/gRsKHaTGaNOG24wF2hl59VzmcrjOWFfUg4j1WygvnYTEa/iFb+wAk4aqvuKKZC/pPW7ZpnKiOjZ1bht79XOyZ/boe8+Mx5EdaidySEllA+iYye1U8ZwMQp/oFm1k1qyMRYue3gNcQlqEQVdO/pdfcojYD9xOg==","signature_format_version":2,"timestamp":"13079535022939358"},"last_chrome_version":"43.0.2357.130"},"gcm":{"check_time":"13079563828271000"},"http_original_content_length":"1553059","http_received_content_length":"1553059","intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"zHos4MaB4kk9anx67LgFZQ=="},"media":{"device_id_salt":"fZv5VzAxlsyk6u6BG8NA+g=="},"net":{"http_server_properties":{"servers":{"accounts.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":28918},"supports_spdy":true},"accounts.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"apis.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}]},"cache.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"chrome.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"clients2.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":29718},"supports_spdy":true},"clients2.googleusercontent.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":28187},"supports_spdy":true},"clients4.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":29718},"supports_spdy":true},"fonts.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"r5---sn-oapm-guhe.c.pack.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"ssl.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":28875},"supports_spdy":true},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":141237},"supports_spdy":true},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":30356},"supports_spdy":true},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true}},"supports_quic":{"address":"192.168.2.1","used_quic":true},"version":3}},"partition":{"per_host_zoom_levels":{"3155232537":{}}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":16,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{},"pref_version":1},"created_by_version":"43.0.2357.130","exit_type":"SessionEnded","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Wendelien","per_host_zoom_levels":{}},"protection":{"macs":{}},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13079534960408319"},"sync_promo":{"startup_count":1},"translate_blocked_languages":["nl"],"translate_whitelists":{}} tate":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13079534960442319","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files\\Google\\Chrome\\Application\\43.0.2357.130\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13079535009909358","lastpingday":"13079516414236319","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"3122A5A5DC44C8FD9CFB4E70C7DEB1B523365E881B3307C0705ACA62E963E4D5"},"default_search_provider":{"keyword":"6915C5C71E46CB82C16D2FC979236150DAAD92528C9E419DFB43F82B61611BF6","name":"BD7D1C303C95FE6787344650333D0F8B7D9B55AABE20DECF11D136F58AB0E448","search_url":"988FA632A060B982F394A2AEE31487720E6AF639ED88BE8C49D9C2DAF9332D11"},"default_search_provider_data":{"template_url_data":"530DF79E86B14B5A4958B38EDA659FB9C7A5F6A5DC12FDE6375F657B31DF7B9F"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"EC05B374B338AF82773B7FD01F03E59C93A60CF896D850FCB8C0CCAFB7750721","ahfgeienlihckogmohjhadlkjgocpleb":"C18C8CE5ECF6A83F8BE62EBCBE1C9B07FA13CDC7148D6557E9917E135686F0FA","aohghmighlieiainnegkcijnfilokake":"720CB8D523F815680FBC6AFA451E282558A789AF5ADBA91CDF78B6256CB8FB78","apdfllckaahabafndbhieahigkjlhalf":"87FA7CB581C2EF7124C0EAA2A843E39AD02D110357DDB56341240ED007C25F8E","bepbmhgboaologfdajaanbcjmnhjmhfn":"31A47D500CF401A44CD48EB90E9BA0054C23DC6C51B631B71AB7F5840E02AE34","blpcfgokakmgnkcojhhkbfbldkacnbeo":"6F630BD78C3AF239D42F1420B6456CDC11FA907BC005F7F687FE3DEB0DA35EB3","coobgpohoikkiipiblmjeljniedjpjpf":"FCF019F96BF93C62C31C0AF71E3DC7DBD237B2C7EB4D1959C5E55B80BE6E5751","eemcgdkfndhakfknompkggombfjjjeno":"C8513F05FE197C2A625C9DABBEB33798CFBFA6C5F7DC1BC151F3A77265F1D880","ennkphjdgehloodpbhlhldgbnhmacadg":"7F3A4A3AD4252FDD8E870A84AB50F52A0B845C4E8621552B3B9E213887CC71C0","felcaaldnbdncclmgdcncolpebgiejap":"71DC98F37B55DDD23A2DCB01406D82EE1FA779864C21A63512F31DF035F1C8E4","gfdkimpbcpahaombhbimeihdjnejgicl":"F678ED25E718DEF97AE11D6CA6FDA3A5829397478B97EC6C7FF14CC2EB57ADA8","gomekmidlodglbbmalcneegieacbdmki":"6BD3FF8370E2F26B7AB98E3F2EBEBEDBCF66F60FD1C6EDB3B7C5C2962B469D2E","kmendfapggjehodndflmmgagdbamhnfd":"4D82FE03903F8FB20DD224B8976B6036924EA9B3CC5133121947AC796F69DA86","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"CD62B6F5144D4603AF4CCE01CD8ACFC51549C120C309F89E1C0B83EAE2554084","mfehgcgbbipciphmccgaenjidiccnmng":"955D9C4A5AB95DE5C287C3F58FA46B7DB462A2802A0C9B5F8B064289541B6316","mfffpogegjflfpflabcdkioaeobkgjik":"6653C1FDD38ED0EA484F9E7339D65CCB6267BA567F35DBDF8CA1FB009530BECB","mgndgikekgjfcpckkfioiadnlibdjbkf":"91EACAB308FD18A22309D7E5E359E144CCE8CACF8D9065435A8995BBCAE8837F","mhjfbmdgcfjbbpaeojofohoefgiehjai":"C756C3EDF4DE1B54378CA52DE5C937782ECEB0FAB4BDBAFEB5CDDED05C99FB24","neajdppkdcdipfabeoofebfddakdcjhd":"38CC9B05048C6AE9A6C35615042F219F0ABEBCECC03FBB55E14F8CDB0B601BF5","nkeimhogjdpnpccoofpliimaahmaaome":"961BFB606B749564565A3DCB8F7D9FAF2B3C044100B2648BB4099FF1DC0B34B8","nmmhkkegccagdldgiimedpiccmgmieda":"D11986638E9833964EA0767EDC42CCEFF95C8A24B67B4065861F7D0015C95841","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"DBD3312644A8E1227873F48BD4326DC5E20ADE351C9E115BB4D9C5B6DA521D64","pjkljhegncpnkpknbcohdijeoejaedia":"5FFAE76E422F1FA51A3B173549B235B7EB159B07394EF27E6233B0CE421F71BD"}},"google":{"services":{"last_username":"4A1B92B2FA6A6F7F134249D23942EAFB6B0567D920F36CA96BC2BD254D28E4D5","username":"BD4260B36AB3A48CC24A65B924E66556C77A73816D8B97DCD32336D8E8DF26F7"}},"homepage":"EAA9DE0B0477F05C62DC34B1F5A184FDBD226D979C1F678F100BF686F825BF59","homepage_is_newtabpage":"0242859A1DF955D928F458765CA8965076A3DA24D7BF669C1733A9982CE26C18","pinned_tabs":"0574939D4185FA368D02EBA2E086D39A866E27EDC9B8221563DDE6B1B94DF792","prefs":{"preference_reset_time":"12A07F9217F92A21E051CB74CA2BAD42456E9B6361D8D655F015879148B67C2A"},"profile":{"reset_prompt_memento":"EE8CF8D53757C9CBBBAF8CBE32073BDBEB0575B43D5A0D6DF3EED76E3156B636"},"safebrowsing":{"incidents_sent":"7DBB4D18D25E7C03B381E59F4076ABFE648F5D0509B30D61AAA02A3BB6D160D6"},"search_provider_overrides":"01F3646534B170C731472AE6780229E9C6015816210A8F9F87FB876276A0DFF7","session":{"restore_on_startup":"78F45A769B4737657D2EC5D4AF5706AF8E0CE7CC72129677B816890401B395EC","startup_urls":"B2BADDE132190B33A44DC5691A6108C6B8CD1DA87B6946165E8C88DC592CED64"},"software_reporter":{"prompt_reason":"BB6C85EDD5348F57A9D2FF2BFC8BB14241D0D66A1507B8BA17B7D2C5518E4B4E","prompt_seed":"8AC82B4ADFE29B82D5C3DF1AB34DA605C3EB4FE55B8E42A83C62B9E80FE770E7","prompt_version":"2B401379ED434E2E2FBE337413469D944F7C6EF154960C4305FD3EF4B23DFF25"},"sync":{"remaining_rollback_tries":"DB328A161F3BD3899F9D3D52C14C0047BA28B0624695584F2AB11281CA238A2F"}},"super_mac":"D63E0A3914401735356409F67C50811C3E7F67457BBF03F8AE2590FDD30C6805"}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.nl/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {67C334C0-408D-4E6D-B5A7-0ADD6AFFA252} Google Url="https://www.google.com/search?q={searchTerms}" ==== Reset Google Chrome ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences.bad was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully ==== Empty IE Cache ====================== C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=288 folders=53 416296117 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\PC\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\PC\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on wo 24-06-2015 at 16:14:58,36 ======================