Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by svenv_000 on vr 26/06/2015 at 18:36:20,03. Microsoft Windows 8.1 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\svenv_000\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 26/06/2015 18:38:10 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\Users\svenv_000\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== clear.fi SDK- Movie 2 clear.fi SDK - Video 2 Acer Device Fast-lane Acer Games Acer Launch Manager Acer Power Management Acer Recovery Management AcerCloud Docs AcerCloud Portal ALPS Touch Pad Driver Avast Free Antivirus Bejeweled 3 clear.fi Media clear.fi Photo Delicious: Emily's Childhood Memories Premium Edition eBay Worldwide Game Channels Google Chrome Google Toolbar for Internet Explorer Google Update Helper Governor of Poker 2 Premium Edition Identity Card Intel(R) Management Engine Components Intel(R) Processor Graphics Intel(R) Rapid Storage Technology Intel(R) SDK for OpenCL - CPU Only Runtime Package Intel(R) Technology Access Intel(R) Update Manager Intel© Trusted Connect Service Client Jewel Match 3 John Deere Drive Green Magic Academy Microsoft Office Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 Microsoft Visual Studio 2005 Tools for Office Runtime More Games from WildTangent Games Nero BackItUp Nero BackItUp 12 Essentials OEM.a01 Nero BackItUp Help (CHM) Nero ControlCenter Nero ControlCenter Help (CHM) Nero Core Components Nero Launcher Nero RescueAgent Nero RescueAgent Help (CHM) Nero Update Norton Online Backup Norton Online Backup ARA Office Addin Office Addin 2003 Plants vs. Zombies - Game of the Year Prerequisite installer Qualcomm Atheros Bluetooth Suite (64) Qualcomm Atheros Inc.(R) AR81Family Gigabit/Fast Ethernet Driver Qualcomm Atheros WLAN and Bluetooth Client Installation Program Realtek High Definition Audio Driver Realtek PCIE Card Reader Shared C Run-time for x64 Skype Click to Call SkypeT 7.5 Spotify Tales of Lagoona Update Installer for WildTangent Games App Visual Studio 2005 Tools for Office Second Edition Runtime Visual Studio Tools for the Office system 3.0 Runtime Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe c:\Program Files (x86)\Nero\Update\NASvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\svenv_000\Downloads\zoek.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe C:\WINDOWS\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== System Specs ====================== Windows: Windows Version 6.2 (Build 9200) Memory (RAM): 3915 MB CPU Info: Intel(R) Pentium(R) CPU 2020M @ 2.40GHz CPU Speed: 2398,3 MHz Sound Card: Speakers (Realtek High Definiti | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | Intel(R) HD Graphics Monitors: 1x; Generic PnP Monitor | Screen Resolution: 1600 X 900 - 32 bit Network: Network Present Network Adapters: Intel(R) Technology Access TAP Driver (NDIS 6.30) | Microsoft Wi-Fi Direct Virtual Adapter | Bluetooth-apparaat (Personal Area Network) | Qualcomm Atheros AR956x Wireless Network Adapter | Qualcomm Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.30) CD / DVD Drives: 1x (D: | ) D: HL-DT-STDVDRAM GT90N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 3 Button Wheel Mouse Present Hard Disks: C: 443,5GB Hard Disks - Free: C: 409,7GB Manufacturer *: Insyde Corp. BIOS Info: AT/AT COMPATIBLE | | ACRSYS - 1 Time Zone: West-Europa (standaardtijd) Motherboard *: Acer EA70_HC Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Windows Defender On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Internet Explorer Version: 11.0.9600.17842 Google Chrome version: 43.0.2357.130 ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== ====== C:\Users\SVENV_~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2015-06-10 16:57:34 44603DA5A87FB491EF59C889EBBB4DDB 325464 ----a-w- C:\WINDOWS\Sysnative\drivers\USBXHCI.SYS ====== C:\WINDOWS\Tasks ====== ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== ======= C:\PROGRA~2 ===== ======= C: ===== ====== C:\Users\svenv_000\AppData\Roaming ====== 2015-06-06 09:38:11 -------- d-----w- C:\Users\svenv_000\AppData\Local\GWX ====== C:\Users\svenv_000 ====== 2015-06-24 16:29:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\svenv_000\Downloads\RSITx64.exe ====== C: exe-files == 2015-06-24 16:29:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\svenv_000\Downloads\RSITx64.exe 2015-06-23 17:26:01 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files (x86)\Google\Update\Install\{D71AB307-0F1B-4E02-9530-EFD25B49A3B5}\43.0.2357.130_43.0.2357.124_chrome_updater.exe 2015-06-23 17:26:01 C29E128D08F09C9AEAABA0B602165262 1063504 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.130\43.0.2357.130_43.0.2357.124_chrome_updater.exe === C: other files == 2015-06-25 16:31:59 F5B285246DAFA459FDEA34F6C4458777 4176 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\ara_4.3_all_livetriWY8QGQR5.zip 2015-06-22 14:27:09 F5B285246DAFA459FDEA34F6C4458777 4176 ----a-w- C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE\ara_4.3_all_livetriNAG5TJQ1.zip ==== Startup Registry Enabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Apoint"="C:\Program Files\Apoint2K\Apoint.exe" "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run] "BtvStack"="C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- [Undetermined Task] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/08/2014 20:17] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\ALU" [C:\Program Files (x86)\Acer\Live Updater\updater.exe] "C:\WINDOWS\SysNative\tasks\ALUAgent" [C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe] "C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" [C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe] "C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"] "C:\WINDOWS\SysNative\tasks\Launch Manager" ["C:\Program Files\Acer\Acer Launch Manager\LMLauncher.exe"] "C:\WINDOWS\SysNative\tasks\Norton Online Backup ARA" [C:\Program Files (x86)\Norton Online Backup ARA\Engine\4.3.0.14\\Ara.exe] "C:\WINDOWS\SysNative\tasks\Power Management" ["C:\Program Files\Acer\Acer Power Management\ePowerTray.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{07545ACE-8461-4216-8B61-4AEEA057D62E}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\Recovery Management\Notification" [C:\Program Files\Acer\Acer Recovery Management\Notification\Notification.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [11/05/2015 18:35] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.130 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[15/03/2015 19:20] Google Docs - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Sven\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake YouTube - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Avast Online Security - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Wallet - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - svenv_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\svenv_000\AppData\Local\Google\Chrome\User Data\Default\Preferences _spdy":true},"syndication.twitter.com:443":{"supports_spdy":true},"t.co:443":{"supports_spdy":true},"t0.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":26683}},"t1.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":28686}},"t2.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":26683}},"t3.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":23418}},"tpc.googlesyndication.com:443":{"network_stats":{"srtt":30354},"supports_spdy":true},"tpc.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":33005}},"twitter.com:443":{"supports_spdy":true},"v2.zopim.com:443":{"supports_spdy":true},"video-ad-stats.googlesyndication.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"video-ad-stats.googlesyndication.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.bt.emsecure.net:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.bullchat.nl:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":40163},"supports_spdy":true},"www.google-analytics.com:80":{"network_stats":{"srtt":23801}},"www.google.be:443":{"network_stats":{"srtt":47015},"supports_spdy":true},"www.google.be:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":40291}},"www.google.com:443":{"network_stats":{"srtt":75983},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":39833}},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":32795},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":40211}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":37803},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":29257}},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":33835}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":43894},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":34703}},"www.planetromeo.com:443":{"supports_spdy":true},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":25783},"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":32845},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}],"network_stats":{"srtt":26143}},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":37795},"supports_spdy":true}},"supports_quic":{"address":"192.168.0.198","used_quic":true},"version":3}},"ntp":{"most_visited_blacklist":{"447c1d819532470f427483b5c2ad32a6":null,"5e0a5b9c27af8cdb973af2d610b0c9dc":null,"c94b309c671795160fbb666a85656a00":null,"f3068dd1caa324d2689efb0bdd82f064":null}},"password_bubble":{"nopes":2},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"created_by_version":"42.0.2311.152","exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Persoon 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"selectfile":{"last_directory":"C:\\Users\\svenv_000\\Documents"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13076486455201018"},"translate_accepted_count":{"en":0,"fr":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":1,"fr":1},"translate_last_denied_time":1432050080029.575,"translate_too_often_denied":true,"translate_whitelists":{}} d_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13076486455649380","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\42.0.2311.152\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13076486696298748","lastpingday":"13079516404683062","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_1","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C571BB52420B1B20D688F195320ACCC53CC740A7AF484294C140FEACD0CA14C9"},"default_search_provider":{"keyword":"19E78E35CC8B68AF22D0D72ADA4D7A362D1CE1C45B9BE1AD1F8BAD0ECF1DE5C4","name":"91E6B20B0A696CAC19EE466ECF9C9483A0BD3ABC199FC02FDC5E0CB5DACD0BE9","search_url":"3FDD76206F545B38D301790E897F47D360EB538A4A53EC70D934B3566F00441D"},"default_search_provider_data":{"template_url_data":"B9967552331274E7C09487EBC3AACB6316536DE94E9D8E879DBE41BE0E6AB9DC"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"436DEB0793597CBD9E80F357C4D1ACE7DA20AE6302B87AC540B6B5DA462C3055","ahfgeienlihckogmohjhadlkjgocpleb":"9410B27DD6981A75674A7996C833F3E32736EFA9AB74532D6E1E6504D906532B","aohghmighlieiainnegkcijnfilokake":"D60C35640CF6E981161CBF21AE826B2046DF0634C5D04DE21D43912B9F8E52E8","apdfllckaahabafndbhieahigkjlhalf":"BDC70D4F23C2FC9FEE3384336E47A71C0EFFDA52BAB89034F6A064306D033A74","bepbmhgboaologfdajaanbcjmnhjmhfn":"D48C4C370B246C1EF5EAAEF1D844A3AC53B48F4DE958726CB1CB24844527A729","blpcfgokakmgnkcojhhkbfbldkacnbeo":"656A10FD7AF2EC7E1A657D3176B6CA3ACD8458650E380095080F2E4B5173115F","coobgpohoikkiipiblmjeljniedjpjpf":"F5792BE4F4126EE8F835DBA0922BD876E3D46E564824660FBB441395A181E406","eemcgdkfndhakfknompkggombfjjjeno":"48D6CBC96E3C81116325E2B5B008E8DB51F4FD3C6D5421E6A375949207521429","ennkphjdgehloodpbhlhldgbnhmacadg":"487B73C48B924F7BE37F9055437DB1929391CD8E2DC58C5687D59EB618DD53CC","felcaaldnbdncclmgdcncolpebgiejap":"A5C1AAB8A1E8B76B89E35F16C3AFBC81EC835CD4EE2665E22B12A660FAC172E2","gfdkimpbcpahaombhbimeihdjnejgicl":"7C27AC108F7986727980D9C2287047E6DA93918CD0DB5A1AB3CCD9CD28904007","gomekmidlodglbbmalcneegieacbdmki":"5EC3F3CEFA88964A160AA83C018416282E38AB9CA20C782D81686FBBF2183504","kmendfapggjehodndflmmgagdbamhnfd":"95723F2DEEBAF5A4DDF10B6ECFFC7C00BA980C48EF88FF1626A89141ADB3F7F9","mfehgcgbbipciphmccgaenjidiccnmng":"FBCDD945715E32C867479080791C33C62FF3ADE8A89C3A487D3C360AA00743F9","mgndgikekgjfcpckkfioiadnlibdjbkf":"E070906B4821D182ADDCD67F4F4C95D73F6838F345D937792915E6C78B9FE681","mhjfbmdgcfjbbpaeojofohoefgiehjai":"623906B2C5635B6513BD443E10340CDE2AF49EAB6ED7B835F7886F63F33256E2","neajdppkdcdipfabeoofebfddakdcjhd":"2DCCCE6FB9CAB80A333D12CCA62D0FBD15FF3443E964F5A1194282A8E8386764","nkeimhogjdpnpccoofpliimaahmaaome":"0D44ECE60F5A7088B2CFF9714010384723E8E4A9A1C7C04790CF9DD8078339E8","nmmhkkegccagdldgiimedpiccmgmieda":"F3932DEA795C7ADDEB06305383E26BCE6B651F9C96F528DE5D60439C8FFFFB64","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B6C8B2E6B07A4822D0D47A23987826DB0AE6A285964E88F7605E2E8368146148","pjkljhegncpnkpknbcohdijeoejaedia":"E9A014168A9D481FFF256C1E763D784D1FCDB9366A08D0AFD623E5F7D172D439"}},"google":{"services":{"last_username":"7372D141A28B105BDF00A3070D3A6BB4B369D2E26889D19493EAE538A8A4BA31","username":"A83F5985EB82738E7C97C5CDF0FEAD979CE8EC2C8013BA65E71389C4B68683A8"}},"homepage":"6CB3794ABD97EED60375FF88E2D4FA6D8D4BFF09734E912F86516ED635020BA9","homepage_is_newtabpage":"1831A51724AD793D5E2428680CA67C6A090A3BF0AA2C3371A14565A65E00AFD0","pinned_tabs":"11107DEC9D8F4D6A5275728D1BD86B4125A3F0CACC5119833935100AD386B75A","prefs":{"preference_reset_time":"B8FCCDA184037D9C52B98E3D8BAD84A030CAA2E217CADED97E2DD6576A5BD4E2"},"profile":{"reset_prompt_memento":"7BA3525803D0C444F2B0DB8566E27D821EE206ED0F3CEBFD4EEDB06FFC270B1A"},"safebrowsing":{"incidents_sent":"960A6E8DA240752B5728D39144BC8B6CEE2ED13443BB6F81505BD8754EF1D15B"},"search_provider_overrides":"6C4DF4BECCFE80C6AAF02539E62E3D09FD14A817759B25487158B2F14AC277F7","session":{"restore_on_startup":"82E83FD410D86221AD49592B9E5045F8696EFB9FC11CDA048AC9F37E08662EEC","startup_urls":"3F1DC53F902922CB8314C77E608CEE518815CD46E30FD147F80AC837B2E859DE"},"software_reporter":{"prompt_reason":"145158F2A8184577917D2B62BADCEDD352D39E61CE86B565070FB74C7DFF5C93","prompt_seed":"33060006BE47DFB3773E7E06B6B6BA1E2E45999C88C75BEFF3428196F5DC9B21","prompt_version":"37AC9B049F0753B263EA2594EB21A0D2B6BB7E5582A8696D07E2BD45E9F4CAAD"},"sync":{"remaining_rollback_tries":"9F5E6AE64ABC11A6B338781C9E84AC215E0DA56EA9C6432B6DAEFF5ED951870C"}},"super_mac":"27C88C8C292503B2C5B8E71E0635E349697BD8F94EBA9DF1DADADE5770E5AE1E"}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{9182694D-FEB0-4E61-B03D-2F322D02B75A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" {9182694D-FEB0-4E61-B03D-2F322D02B75A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: AtherosSvc - Windows (R) Win 7 DDK provider - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe O23 - Service: Avast Antivirus (avast! Antivirus) - Avast Software s.r.o. - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe O23 - Service: Device Fast-lane Service (DeviceFastLaneService) - Acer Incorporated - C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing) O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing) O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\WINDOWS\system32\IEEtwCollector.exe (file missing) O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing) O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe O23 - Service: Intel(R) Technology Access Service (Intel(R) TechnologyAccessService) - Intel(R) Corporation - C:\Program Files\Intel Corporation\Intel(R) Technology Access\IntelTechnologyAccessService.exe O23 - Service: Intel(R) Update Manager (iumsvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: Launch Manager Service (LMSvc) - Acer Incorporate - C:\Program Files\Acer\Acer Launch Manager\LMSvc.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing) O23 - Service: Nero Update (NAUpdate) - Nero AG - c:\Program Files (x86)\Nero\Update\NASvc.exe O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Sven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\svenv_000\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\svenv_000\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully C:\Users\svenv_000\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\Users\svenv_000\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully ==== Empty FireFox Cache ====================== No FireFox Profiles found ==== Empty Chrome Cache ====================== C:\Users\Sven\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\svenv_000\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== C:\zoek_backup content ====================== C:\zoek_backup (files=0 folders=0 0 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Sven\AppData\Local\Temp emptied successfully C:\Users\svenv_000\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\WINDOWS\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\WINDOWS\Temp successfully emptied C:\Users\SVENV_~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on vr 26/06/2015 at 18:54:02,23 ======================