
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Patric on wo 22/07/2015 at 13:47:46,46.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZGJJHY6\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-07-18-103706.log	95375 bytes
C:\zoek-results2015-07-18-122018.log	21652 bytes
C:\zoek-results2015-07-18-142154.log	225562 bytes
C:\zoek-results2015-07-18-183623.log	1994 bytes

==== Empty Folders Check ======================

C:\Program Files\WinZip Driver Updater deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_USERS\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully

==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
""=- 

==== Deleting Files \ Folders ======================

C:\Program Files\WinZip Driver Updater not found
C:\Program Files (x86)\WinZip Driver Updater deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
"C:\Program Files (x86)\Microsoft\BingBar" deleted
"C:\zoek_backup" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Patric\AppData\Local\Temp ====
2015-07-19 04:46:14	1C4A6B8803F64FF300A52CDA0F826237	5742592	----a-w-	C:\Users\Patric\AppData\Local\Temp\SkypeToolbars.msi
2015-07-18 12:39:42	5FB996AACACC0C7C2243BAC084836939	36286464	----a-w-	C:\Users\Patric\AppData\Local\Temp\Skype.msi
2015-07-18 12:21:18	BCB0728F4B117855765CE8FE883B5E9B	1536	----a-w-	C:\Users\Patric\AppData\Local\Temp\NOSEventMessages.dll
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2015-07-21 04:15:22	D80ECB18D64AE3C2A9D8220ABEBCE40A	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-07-21 04:15:22	BBA0C61CB01BA4351C41DC36BBEB55B4	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-07-21 04:15:22	900DB967084C22C6D83D637529B77E8F	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-07-21 04:15:22	2DD3D6B44442EF17675554D0482E7BC2	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-07-21 04:15:22	0A6495A400140B89242268A13C807841	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-07-15 04:45:20	6E91F67335D57DDFFE798C815444B0E3	210432	----a-w-	C:\Windows\SysWOW64\cewmdm.dll
2015-07-15 04:45:16	E2A2B221A47271DD4176FB9B93F670E6	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-07-15 04:45:16	CBC91E2E6158358E82D153D811B73C38	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-07-15 04:45:16	7F13188A9656355F664313334971DA22	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-07-15 04:45:16	1728A7831E95BCEEEA3F0D07AE6F74EE	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-07-15 04:45:16	13810657EE732C2F5453C0C877FD5DB2	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-07-15 04:45:08	143046AC227C193B5B2E0E20BC0CF1DD	312320	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2015-07-15 04:45:06	3D73FC0D0997DA1EF6F705EF9936AB20	620032	----a-w-	C:\Windows\SysWOW64\jscript9diag.dll
2015-07-15 04:45:06	31165F9D71D3C249AB97FBAE55DE4B49	4520448	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-07-15 04:45:05	116F506573B59B85CD0DC18527E9951A	19877376	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-07-15 04:45:03	AFAEB9E4269846C64DC9721B1BFA5CEC	12855296	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-07-15 04:45:03	37BC6BC6CFC38A6202B28459F7CCE4CD	479232	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-07-15 04:45:03	05CA106A1B68770BDABB9AA7AEAE516A	1310720	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-07-15 04:45:02	4E4B3CAC5C62415AF5C6B0167A376EB8	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-07-15 04:44:56	8EDF7B6D3A563DAA06DD87053C734168	2279424	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-07-15 04:44:51	E42BB0E02C8F6C8D1CCBFE6AB8EB199F	30720	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2015-07-15 04:44:51	E3883C13DB4D19E29095C9F4BC27B755	47616	----a-w-	C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-15 04:44:50	D503616B296B869486AA84D6DB8FB6A5	64000	----a-w-	C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-15 04:44:50	1A04239A054D810CF32C46F2B70C47B7	76288	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-07-15 04:44:49	E8F3572F002B556D19AC3AE4A11CAC2E	342736	----a-w-	C:\Windows\SysWOW64\iedkcs32.dll
2015-07-15 04:44:48	95C40DFE3B3CFCEBA2DF9E493945A7B5	689152	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-07-15 04:44:48	87E5B70C9F0DE7E3D620E1E3A60AA274	504320	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-07-15 04:44:48	18465944F711AD3FDE58675C3C42FA99	285696	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-07-15 04:44:48	019019007E6980EACAC80DE04B5D330A	60416	----a-w-	C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-15 04:44:45	CC044CFF6018AD0368AF3A8149721407	2052608	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-07-15 04:44:45	442DB5B16073DE2E79E1912D0B77F343	710144	----a-w-	C:\Windows\SysWOW64\ieapfltr.dll
2015-07-15 04:44:45	2CC6836C44C84583386702468125654F	62464	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2015-07-15 04:44:44	E475D4B65088F4F7FABF7D427CD3D30E	115712	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-07-15 04:44:44	81ED1F775E5DDBE990D9C3AFF507DAC2	664064	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-07-15 04:44:44	43CF584D989A4A0EA6B5D3EBFAD260B7	47104	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-07-15 04:44:43	0CB44ADB09C5BE7CE9D1D1F04E909067	418304	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-07-15 04:44:39	0DE5FE06603CF80238EFD9D67AB45A56	1155072	----a-w-	C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-15 04:44:38	63B01F72FD727D5736DBEF54174D8F93	1951232	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-07-15 04:44:38	17DFCBA042195666632C889E04913E19	341504	----a-w-	C:\Windows\SysWOW64\html.iec
2015-07-15 04:44:37	72D524ED31A2FBA7432801361CE41FC3	168960	----a-w-	C:\Windows\SysWOW64\msrating.dll
2015-07-15 04:44:19	4548507ED3C17DB4739DBBEAF6378004	1414656	----a-w-	C:\Windows\SysWOW64\ole32.dll
2015-07-15 04:44:10	F4AFDB5ABEA0C9079E8193E24D1DB21D	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-07-15 04:44:10	33F67BBCC3C0499D3F3382473114CFA8	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-07-15 04:44:09	D864C283FFD7C080FDC25FD4C798FF8D	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-07-15 04:44:09	588D52C2D0E60EE71FD5A64407865B10	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-07-15 04:43:49	E344031017D52F5F1A4C759A815625CC	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-07-15 04:43:49	4466D67AC240FE1CCCB32BE743BCB488	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-07-15 04:43:49	02CD86D59807467D065F521BE81BB858	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-07-15 04:43:48	E97B4515FC3846CB5C6853C40E71EF28	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-07-15 04:43:48	CA017983095846BFCFBE9C02B40958B3	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-07-15 04:43:48	98226182583DF1715F1BE6CCEA6E8D95	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-07-15 04:43:48	393FDE87F56A8E98AC1B37ADB2181332	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-07-15 04:43:46	E6F375BAA4F839592627DA3E95BF3977	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-07-15 04:43:46	A719B9156A6DCDBACC201D9163AFF8D1	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-07-15 04:43:46	A41BF25E4F145E1BC00445B6421B9E11	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-07-15 04:43:46	96741CBB4CC3638A2BCB11F93B92B738	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-07-15 04:43:46	81E207D09B2A7723A549EFB34B47C7EA	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-07-15 04:43:46	6AE6E08938D5BA9D8BA305506620B48D	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-07-15 04:43:46	2E8C9C3223E05F4B42FB89C03DD09C1D	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-07-15 04:43:46	2B4A31319D74B3D3407AB64942B7FF32	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-07-15 04:43:28	D7C4ABB0F1FFA371928EED0C7A6E24DC	2364416	----a-w-	C:\Windows\SysWOW64\msi.dll
2015-07-15 04:43:27	F61A069A5517F85662ED9A6C5AD5445A	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-07-15 04:43:27	C08582E7F8EA706A2D4A3C7BD5AC35C1	337408	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2015-07-15 04:43:27	A344B1EFA7DB86AE1407039CD596FB1E	25088	----a-w-	C:\Windows\SysWOW64\msimsg.dll
2015-07-15 04:43:27	7B4277F9E9F48D5D8E6AEA341F8048E8	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-07-21 04:15:22	D57C03D365BC71C7A30504644515F3F8	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-07-21 04:15:22	37C6F4906A4B3F837780AF078A1718BA	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-07-21 04:15:22	2D0E2C197BA9CD67105DE5BBFBEF72A7	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-07-21 04:15:22	1C4FF36152EBDF5C10A612FC9B2E1F8A	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-07-21 04:15:22	08D58C21888BC2DC754F591C23709C33	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-07-15 04:45:20	60696836CAD56F1B47059E1BA739787D	254976	----a-w-	C:\Windows\Sysnative\cewmdm.dll
2015-07-15 04:45:16	F56E83C1EFEDEF919033CBFF071602B6	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-07-15 04:45:16	D79E3C2D45315ADCAA267A05355DFBF5	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-07-15 04:45:16	BC80574FF264848F8613A3F6F7AF7642	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-07-15 04:45:16	AA3E844A2595B1AA5825C70CA50D963E	2603008	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-07-15 04:45:16	84CEF9B2D8ED8006B3975DC1D8109B3D	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-07-15 04:45:16	80381DD7C4797A601E59F8E001B46793	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-07-15 04:45:16	3F9239D5F65F1318A53EBAEC01C092F1	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-07-15 04:45:16	3EDB01024BA86C5B4D2CB307DC5D3AC0	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-07-15 04:45:16	2896A06239E19379CE44FAFCDB1675B1	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-07-15 04:45:16	00DCC688DF459A9FEE42C7397668C62B	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-07-15 04:45:16	00383E521D3D039968B92A0998BA76FD	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-07-15 04:45:10	C4EA3D63E8BF077ECD1E93BF6556AE99	3207168	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-07-15 04:45:08	EFFFE1C77ACCE66C82CCFD18A9687F48	404992	----a-w-	C:\Windows\Sysnative\gdi32.dll
2015-07-15 04:45:07	837BD6BB879405B416A4326C8B723D83	5923840	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-07-15 04:45:07	2A795629E0746D82A229A01EEE75FCE5	814080	----a-w-	C:\Windows\Sysnative\jscript9diag.dll
2015-07-15 04:45:03	FC165889E97E37BCB55C5B79BEB3D331	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-07-15 04:45:01	78E4D3781E5632BA88E5153510BEB625	1545728	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-07-15 04:45:00	6A70888EEC05B45C8990E8977C480019	14453248	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-07-15 04:45:00	120E3CE08505A9637CAB72D35A2D2E8C	615936	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-07-15 04:44:58	D74E2BE157B8A2A9CF29BEBB052B8A42	25193984	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-07-15 04:44:56	41D59904967A4033FB4497DCED7320AD	2885632	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-07-15 04:44:50	A51BF63E9EA6DDED50A69797EAD23576	48640	----a-w-	C:\Windows\Sysnative\ieetwproxystub.dll
2015-07-15 04:44:50	50AAC6B4AFD93060456134A29C35FB1E	114688	----a-w-	C:\Windows\Sysnative\ieetwcollector.exe
2015-07-15 04:44:49	44D98BF1ED7B520602A55446E28D8840	720384	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2015-07-15 04:44:49	3A46FC42EDE2021399FCD9E4A7A406F8	34304	----a-w-	C:\Windows\Sysnative\iernonce.dll
2015-07-15 04:44:48	4887D79B5CE61A00FCC5C53AA2216007	77824	----a-w-	C:\Windows\Sysnative\JavaScriptCollectionAgent.dll
2015-07-15 04:44:45	7EEC52D1B800230A4E8EC81B92D61118	389832	----a-w-	C:\Windows\Sysnative\iedkcs32.dll
2015-07-15 04:44:44	DAECFA33350D863D49157506587D5EF8	4096	----a-w-	C:\Windows\Sysnative\ieetwcollectorres.dll
2015-07-15 04:44:44	80E899C111219316B94BBA72FAFF7D11	968704	----a-w-	C:\Windows\Sysnative\MsSpellCheckingFacility.exe
2015-07-15 04:44:43	BCE51D1B0F7BC8977CDAECD24A0D4C88	801280	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-07-15 04:44:43	434CBA59035C4F3A02E5AB92FD6C816B	316928	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-07-15 04:44:42	BB33A140CA61A22B5882486881E2191A	800768	----a-w-	C:\Windows\Sysnative\ieapfltr.dll
2015-07-15 04:44:42	AF3D4DA49A9C9C9778953CE9D7470C11	66560	----a-w-	C:\Windows\Sysnative\iesetup.dll
2015-07-15 04:44:41	58243D92748201D38AACDAEA22527412	2125824	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-07-15 04:44:39	B5164F4515C4BC4F45FBF5B3A99685C0	584192	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-07-15 04:44:38	9B9D2B99A865CB3B9BAA9BE77A300680	54784	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-07-15 04:44:38	142D20CA55870589B009D53C37C0B75C	144384	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-07-15 04:44:37	4024752E6B341B07F3823B7DA72C45D2	490496	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-07-15 04:44:35	F30702F2607AEE462A6AB8715E72FC03	1359360	----a-w-	C:\Windows\Sysnative\mshtmlmedia.dll
2015-07-15 04:44:35	796A89701B2560FF453FF08FF941A169	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-07-15 04:44:35	74F367C596EEF3106EBC65625F04C807	92160	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-07-15 04:44:33	E066FDC3A2074D926903B8C31EF3B347	2427392	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-07-15 04:44:33	88E26FC9F8BDE0635F379BB8FE6BFFF1	417792	----a-w-	C:\Windows\Sysnative\html.iec
2015-07-15 04:44:32	C95EE658B7816B3588418E948EF55F83	88064	----a-w-	C:\Windows\Sysnative\MshtmlDac.dll
2015-07-15 04:44:32	8DA3623D372E5147914973383D998980	199680	----a-w-	C:\Windows\Sysnative\msrating.dll
2015-07-15 04:44:19	E3EB94B45A2735D4559558B5899732E8	2087424	----a-w-	C:\Windows\Sysnative\ole32.dll
2015-07-15 04:44:10	7BC3E861F7E8EB543A630090FAE779E0	188416	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-07-15 04:44:09	C5752F5CE47B6B00F914AE91087C0CB4	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-07-15 04:44:09	7EE0A3B9E904AF4744E4D8F00CB5CA32	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-07-15 04:44:09	71187FA11F58012C188453877E16EB8B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-07-15 04:43:49	F66102F990EE913261ED7907403718ED	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-07-15 04:43:49	D5844B744F7BAF826965DD634FF8DB00	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-07-15 04:43:49	A66FF313F2F8A6CBF9BB2B0CC92D5ACD	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-07-15 04:43:49	750C44D6F7A708F0C6618F075A0A68A7	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-07-15 04:43:48	E8560BC8E1B85A5A081AEF43626187B1	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-07-15 04:43:48	9F2CCDE3F30C224C082984B6F95D3D95	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-07-15 04:43:48	9EA6DA45B95599C27B1661C1D99307D7	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-07-15 04:43:48	48A88348F1539CC7C8CB4E032DD79DAA	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-07-15 04:43:48	3B96392CBE54FF44BEAEB0B4BCC65487	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-07-15 04:43:48	09730D830B2B69B626817F4A95945308	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-07-15 04:43:46	F01A58E45BB8E28CCE6BCF272FF0F9A8	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-07-15 04:43:46	EEB192537935BB12A998CAB8F5A07E78	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-07-15 04:43:46	C3F6A9A41CC8591EF0370708E54DE474	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-07-15 04:43:46	C3F0594AF92FE71B13A44177FDB80784	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-07-15 04:43:46	B1D191D0EDEB86197A5FD5030B65420F	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-07-15 04:43:46	97D879A884E7CDFED51AD63348A35254	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-07-15 04:43:46	7C26CACB82ECA09874B984B155B06AD4	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-07-15 04:43:46	55750A7588D91B102EB17E69BFF2AAF1	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-07-15 04:43:28	D9A91A779B5059E72D7FAD2B38275EA4	3242496	----a-w-	C:\Windows\Sysnative\msi.dll
2015-07-15 04:43:28	5489E74E56C0255159C8AE2C70744458	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2015-07-15 04:43:27	CDAD406033C31DB34185DDAECDD35FE2	504320	----a-w-	C:\Windows\Sysnative\msihnd.dll
2015-07-15 04:43:27	978DC0A1FBE9CC91B21B40AF66CB396A	70656	----a-w-	C:\Windows\Sysnative\appinfo.dll
2015-07-15 04:43:27	91593D4FB7D89249014564A5F3EC389B	25088	----a-w-	C:\Windows\Sysnative\msimsg.dll
2015-07-15 04:43:27	81CB8D34112178CE1826C86BA5F268C3	128000	----a-w-	C:\Windows\Sysnative\msiexec.exe
2015-07-15 04:43:27	0D9514850CC3A99A6600643F2888858B	112064	----a-w-	C:\Windows\Sysnative\consent.exe
2015-07-15 04:43:15	D236055773550118989C0C81CBE79A29	765440	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-07-15 04:43:15	BBA5CB528CB7482E118D0FEAF808987A	17856	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-07-15 04:43:15	782C216AFEE0561680706698F70B2A93	1085440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-07-15 04:43:15	658B5EC540CD94D76889D0E8390B1C04	433664	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-07-15 04:43:15	5D507961F680D0A0392CC5EB6515E70A	726528	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-07-15 04:43:15	474EA5201E3883F747D540D3EF57C1F2	1145856	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-07-15 04:43:15	0919F433ED64E6CD1912C016F1E80BE7	67584	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-07-15 04:43:14	5663847B3DCC8382B1D1F1EEB4A92994	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
====== C:\Windows\Sysnative\drivers =====
2015-07-17 17:27:26	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2015-07-17 17:27:13	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2015-07-17 17:27:13	AE757332EA130E94E646621CC695B52A	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2015-07-17 17:27:13	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\Sysnative\drivers\mbam.sys
2015-07-15 04:43:48	C0A6C3D6E02B61B5D100FE17306C276F	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-07-15 04:43:48	7A7328E427694CC7244235C3BC299F80	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2015-07-15 04:43:48	21AF322605D8C7F2A627C22634D1C9C9	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-07-15 04:43:46	45A03A0B6461EFBEE77E0A6AC2816EDA	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-07-15 04:43:46	1877EB1495CFBDAB27D6A32F6DDF3818	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-07-08 05:50:38	CF1F6326AC44C42F4615D4BD53188AC5	105984	----a-w-	C:\Windows\Sysnative\drivers\dfsc.sys
2015-07-08 05:50:37	71B6F78D6444CCE6F77BC42917A4E8F7	310272	----a-w-	C:\Windows\Sysnative\drivers\rdbss.sys
2015-07-08 05:50:36	AA0C2BA3782E92BD85E2264BE418E67C	104896	----a-w-	C:\Windows\Sysnative\drivers\mup.sys
2015-07-06 05:03:47	CA4ADE6C3929B70317BFDDF9ABBFE0CE	135800	----a-w-	C:\Windows\Sysnative\drivers\epp64.sys
2015-06-26 07:49:10	E3DC1089EDAD57F5279804167E6142E9	293296	----a-w-	C:\Windows\Sysnative\drivers\avgidsdrivera.sys
====== C:\Windows\Tasks ======
2015-07-18 19:15:10	421D2BE7E33EEF97EEE407B02E463A63	3148	----a-w-	C:\Windows\Sysnative\Tasks\{A2F73286-AB33-4A4D-97CB-632F7CC82B31}
2015-07-18 12:56:40	5C21E748F2419A1AD42405C625D1AA6D	3148	----a-w-	C:\Windows\Sysnative\Tasks\{A6B02370-77DC-4CE1-A2A9-7D19AC7AEE27}
2015-07-18 12:45:30	5C21E748F2419A1AD42405C625D1AA6D	3148	----a-w-	C:\Windows\Sysnative\Tasks\{743BE903-654D-4736-A3AB-50FBEA61037A}
2015-07-18 12:40:33	5C21E748F2419A1AD42405C625D1AA6D	3148	----a-w-	C:\Windows\Sysnative\Tasks\{5C090A88-8B66-4895-98DE-61A73F7654EF}
2015-07-04 04:55:26	6F2C8523F4BDCE7CA2D5C0739D6A41B8	3094	----a-w-	C:\Windows\Sysnative\Tasks\{C0972821-6DB9-498E-B596-C16BA9058662}
2015-06-24 15:40:18	15FBE25749525418EB5EE72C0FA74336	3094	----a-w-	C:\Windows\Sysnative\Tasks\{FE0C7E35-DF88-44F4-9E98-F422195A3441}
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-07-07 19:01:25	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-07-19 04:45:53	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-07-19 04:45:52	--------	d-----r-	C:\PROGRA~2\Skype
======= C: =====
====== C:\Users\Patric\AppData\Roaming ======
2015-07-19 04:46:25	--------	d-----w-	C:\Users\Patric\AppData\Local\Skype
2015-07-19 04:46:18	--------	d-----w-	C:\Users\Patric\AppData\Roaming\Skype
2015-07-18 12:16:11	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-07-18 12:16:10	--------	d-----w-	C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp
2015-07-18 12:16:10	--------	d-----w-	C:\Users\UpdatusUser\AppData\Local\Temp
2015-07-18 12:16:10	--------	d-----w-	C:\Users\Default\AppData\Local\Temp
2015-07-18 12:16:10	--------	d-----w-	C:\Users\Default User\AppData\Local\Temp
2015-07-18 12:16:09	--------	d-----w-	C:\Users\Patric\AppData\Local\Temp
2015-07-08 06:20:39	B931016953DE6C123B39225129E86A69	123560	----a-w-	C:\Users\Patric\AppData\Local\GDIPFONTCACHEV1.DAT
2015-07-08 06:14:05	--------	d-----r-	C:\Windows\sysWoW64\config\systemprofile\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
====== C:\Users\Patric ======
2015-07-19 18:34:14	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip Driver Updater
2015-07-19 04:45:54	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-07-19 04:43:32	47863F9E36A1B1DAFE40278C4C94E780	1384576	----a-w-	C:\Users\Patric\Downloads\SkypeSetup (1).exe
2015-07-18 19:09:22	--------	d-----w-	C:\ProgramData\Skype
2015-07-06 05:02:12	--------	d-----w-	C:\Users\Patric\Nieuwe map (3)

====== C: exe-files ==
2015-07-22 06:22:03	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\F5XW8AJZ\RSITx64.exe
2015-07-22 06:22:03	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F5XW8AJZ\RSITx64.exe
2015-07-19 18:33:54	BE1A089FCE2583DAB3FB3164AC632AAD	3542872	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\CA6R12C5\wzdu18.exe
2015-07-19 18:33:54	BE1A089FCE2583DAB3FB3164AC632AAD	3542872	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CA6R12C5\wzdu18.exe
2015-07-19 18:02:11	D53A871385267926232607371EBBC332	3944424	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\KZGJJHY6\wzdu32.exe
2015-07-19 18:02:11	D53A871385267926232607371EBBC332	3944424	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZGJJHY6\wzdu32.exe
2015-07-19 04:43:32	47863F9E36A1B1DAFE40278C4C94E780	1384576	----a-w-	C:\Users\Patric\Downloads\SkypeSetup (1).exe
2015-07-19 04:29:03	A0844C730F1091B491A8737404F4C914	347816	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\MOURSNOT\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-07-19 04:29:03	A0844C730F1091B491A8737404F4C914	347816	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MOURSNOT\MicrosoftFixit.ProgramInstallUninstall.RNP.Run.exe
2015-07-19 04:15:00	0CEED1D533CAE0741D56D83AB5CB004F	1525064	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_CA8A7236098B8F9A.exe
2015-07-19 04:14:55	71FF025C24EA6E0FC972427208B7AF9D	1105864	----a-w-	C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_D6EBD55792EF3063.exe
2015-07-19 04:13:47	7D2D1E575711AF3C4340304F4A78E35A	532312	----a-w-	C:\Program Files (x86)\Google\Update\Install\{81A9F22E-9A89-4534-A33C-9D7EC63A44D9}\GoogleToolbarInstaller_updater_signed.exe
2015-07-19 04:13:47	7D2D1E575711AF3C4340304F4A78E35A	532312	----a-w-	C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.5.6710.2136\GoogleToolbarInstaller_updater_signed.exe
2015-07-18 19:13:48	47863F9E36A1B1DAFE40278C4C94E780	1384576	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\MOURSNOT\SkypeSetup.exe
2015-07-18 19:13:48	47863F9E36A1B1DAFE40278C4C94E780	1384576	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MOURSNOT\SkypeSetup.exe
2015-07-18 18:46:09	ACBB9DCD415C7272FEEB570B6596DDB7	6565736	----a-w-	C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\ZJYYMBR0\ccsetup507 (1).exe
2015-07-18 18:46:09	ACBB9DCD415C7272FEEB570B6596DDB7	6565736	----a-w-	C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZJYYMBR0\ccsetup507 (1).exe
2015-07-16 04:23:58	93EE27EEA252951660682E891B72D7F5	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateWebPlugin.exe
2015-07-16 04:23:57	D7E523E6F4C911EDFF6A8325ACAEE56C	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateOnDemand.exe
2015-07-16 04:23:56	81A1D591D429FF81D443A993B9B91301	88392	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateBroker.exe
2015-07-16 04:23:51	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateSetup.exe
2015-07-16 04:23:33	FC8EE235C4F75C96907C25EF1349CB81	130888	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdateComRegisterShell64.exe
2015-07-16 04:23:32	C6FF00DA1605982E616C03BE809FFE2D	144200	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleUpdate.exe
2015-07-16 04:23:32	92D840650F95EB60659952AEECAFCE85	305992	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler64.exe
2015-07-16 04:23:32	54FB3B0B29F76E839C648D2F5983A22C	245576	----atw-	C:\Program Files (x86)\Google\Update\1.3.28.1\GoogleCrashHandler.exe
2015-07-16 04:23:16	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Install\{1597AA51-3B04-41DA-82E2-7CD9A832F48F}\GoogleUpdateSetup.exe
2015-07-16 04:23:15	C42B77A66A4B794A56DFCD2FBEA5AD01	931408	----a-w-	C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.28.1\GoogleUpdateSetup.exe
=== C: other files ==
2015-07-17 17:27:26	8F22037D3F5A6BB676525D825A1388B9	113880	----a-w-	C:\Windows\System32\drivers\MBAMSwissArmy.sys
2015-07-17 17:27:13	E681CE4AE5C09651D53CB4387CA3560E	109272	----a-w-	C:\Windows\System32\drivers\mbamchameleon.sys
2015-07-17 17:27:13	AE757332EA130E94E646621CC695B52A	63704	----a-w-	C:\Windows\System32\drivers\mwac.sys
2015-07-17 17:27:13	A8D28D5B3E2A528D1EF0E338E44F2820	25816	----a-w-	C:\Windows\System32\drivers\mbam.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-523000165-1516823666-2951625117-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Facebook Update"="C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"NUSB3MON"="C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"
"Facebook Update"="C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Persistence"="C:\Windows\system32\igfxpers.exe"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"ETDWare"="C:\Program Files\Elantech\ETDCtrl.exe"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS WebStorage]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUS WebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\SERVICE\\AsusWSService.exe MySyncFolder"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUSWebStorage]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ASUSWebStorage"
"hkey"="HKLM"
"command"="C:\\Program Files (x86)\\ASUS\\ASUS WebStorage\\3.0.143.296\\AsusWSPanel.exe /S"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NokiaSuite.exe]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="NokiaSuite.exe"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Nokia\\Nokia Suite\\NokiaSuite.exe -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OneDrive"
"hkey"="HKCU"
"command"="\"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PC Suite Tray]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PC Suite Tray"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Nokia\\Nokia PC Suite 7\\PCSuite.exe\" -onlytray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Shareaza]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Shareaza"
"hkey"="HKCU"
"command"="\"C:\\Nieuwe map\\Shareaza.exe\" -tray"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\StartupDelayer]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="StartupDelayer"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\r2 Studios\\Startup Delayer\\Startup Launcher.exe\" /LaunchType=Auto /LaunchApps=Common"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\16.4.6006.0718_1\amd64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Uninstall C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6006.0718_1\\amd64"
"hkey"="HKCU"
"command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\16.4.6006.0718_1\\amd64\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Uninstall C:\Users\Patric\AppData\Local\Microsoft\SkyDrive\17.0.2010.0530_1\amd64]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\RunOnce"
"item"="Uninstall C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.2010.0530_1\\amd64"
"hkey"="HKCU"
"command"="C:\\Windows\\system32\\cmd.exe /q /c rmdir /s /q \"C:\\Users\\Patric\\AppData\\Local\\Microsoft\\SkyDrive\\17.0.2010.0530_1\\amd64\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Windows Mobile Device Center]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Windows Mobile Device Center"
"hkey"="HKLM"
"command"="%windir%\\WindowsMobile\\wmdc.exe"


==== Startup Folders ======================

2015-07-20 17:12:54	1322	----a-w-	C:\Users\Patric\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
2015-07-20 17:12:54	956	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Manager.lnk
2015-07-20 17:12:54	2617	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
2015-07-20 17:12:54	2101	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
2015-07-20 17:12:54	2855	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001Core.job --a------ C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2014 20:37]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001UA.job --a------ C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2014 20:37]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Patric-PC-Patric" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\ASPG" [C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe]
"C:\Windows\SysNative\tasks\ASUS Live Update" [C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ASUSControlDeck" [C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\ESTsoft RunAsStdUser 5855965Task" [C:\Program Files (x86)\ESTsoft\ALPlayer\ALPlayer.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001Core" [C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-523000165-1516823666-2951625117-1001UA" [C:\Users\Patric\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\WC3" [C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe]
"C:\Windows\SysNative\tasks\{148E43DD-4B9E-4D11-B8C6-E86E90029A85}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{39E9723E-5FCC-471B-A350-3ECE90161BA6}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{3AA1AC30-AAA6-46EA-95E1-6BFF4DD771C0}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{5C090A88-8B66-4895-98DE-61A73F7654EF}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{5EE79F61-D6C2-48CC-93A0-28390A9D0942}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{67DD4874-EE61-45DC-A840-F34403547F2A}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{743BE903-654D-4736-A3AB-50FBEA61037A}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{8CA99AF4-368B-4CBE-8B28-21C8C686B9FD}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{A2F73286-AB33-4A4D-97CB-632F7CC82B31}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1603]
"C:\Windows\SysNative\tasks\{A4BE2926-9911-4576-9176-25D6608FC2D9}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.4.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{A6B02370-77DC-4CE1-A2A9-7D19AC7AEE27}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.6.0.105/nl/go/help.faq.installer?source=lightinstaller&amp;LastError=1638]
"C:\Windows\SysNative\tasks\{ADCE2085-5AA2-48A4-9529-C1F789790A7B}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{C0972821-6DB9-498E-B596-C16BA9058662}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\{C7E51459-BAAD-4E43-8884-8956DF076AC9}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{DFA19178-1CA5-44F9-8C8D-223B8C4D27D7}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{E02FB80E-062D-4276-8925-205ABBA9AE68}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.2.0.103/nl/go/help.faq.installer?LastError=1618]
"C:\Windows\SysNative\tasks\{FE0C7E35-DF88-44F4-9E98-F422195A3441}" ["C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/7.5.0.102.259/nl/go/help.faq.installer?LastError=1638]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
user_pref("browser.search.defaultengine", "Google");
user_pref("browser.search.defaultenginename", "SearchAlgo");
user_pref("browser.search.selectedEngine", "SearchAlgo");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [12/08/2010 07:39]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
- Firefox Synchronisation Extension - %ProfilePath%\extensions\synchronize@nokia.suite

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Patric\AppData\Roaming\Mozilla\Firefox\Profiles\pmtf5ntd.default
2BF85B6162528E0635DD8D632EB975C8	- C:\Users\Patric\AppData\Local\Facebook\Messenger\2.1.4814.0\npFbDesktopPlugin.dll -	Facebook Desktop
B16EC84E06F26B8B85800F3B07B8D757	- C:\Windows\SysWoW64\Macromed\Flash\NPSWF32.dll -	Shockwave Flash


==== Chromium Look ======================

Google Chrome Version: 43.0.2357.134

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17]

Google Wallet - Patric\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chromium Startpages ======================

C:\Users\Patric\AppData\Local\Google\Chrome\User Data\Default\Preferences
nstall_signature":{"expire_date":"2015-09-16","ids":["lifbcibllhkdhoafpjfnlhfpfgnpldfl"],"invalid_ids":[],"salt":"tjYL56ZaBb61XXt1iyUePdOreZqSe4PDFZBgsgXs8Ms=","signature":"aYtdoBW6FaTIMVw/SnQSVhoTiyPEN9Y8Tf39DrmdHH7PqJO/I1YXpGjQXHAZpIeeCnAkpX03fQc5afMXKAQRRM7g1Ih7+zMJEDI3MWIrptn7AzLoJkLB30BL0rvh6fZXHxIyzhICpK2kNRVTL0Ls1OPWw1lIi/0WFnyMANCcRC6VlM0NcqdWMZpSyLJTdiUXpbxXcZZq4eDxg+N07LFGRCIVmXcvrLXNo2vPu8+Dt/6rhMaAQT5EUwBWTrEOUIWcVpLe37nyxyMERak55z59aVfj7LWqQD3vUp6S60H4mxz8OgskyZ/kDQMIvG5HtWGdYeWctduU87ab106IifrZ4Q==","signature_format_version":2,"timestamp":"13079633883757290"},"last_chrome_version":"43.0.2357.130","toolbar":["lifbcibllhkdhoafpjfnlhfpfgnpldfl","ndibdjnfmopecpmkdieinmbadjfpblof"],"toolbarsize":-1},"http_original_content_length":"544539","http_received_content_length":"544539","http_throttling":{"enabled":true},"instant":{"enabled_time":"12975583351586965"},"intl":{"accept_languages":"nl-NL,nl,en-US,en"},"invalidator":{"client_id":"jNJtNtluxlkfBTJKqKOllA=="},"media":{"device_id_salt":"5DkVsAPN7BRPJMR+NrM+zg=="},"net":{"http_server_properties":{"servers":{"ajax.googleapis.com:443":{"settings":{"4":100},"supports_spdy":true},"apis.google.com:443":{"supports_spdy":true},"chrome.google.com:443":{"settings":{"4":100},"supports_spdy":true},"clients2.google.com:443":{"supports_spdy":true},"ssl.gstatic.com:443":{"settings":{"4":100},"supports_spdy":true},"www.google.be:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"settings":{"4":100},"supports_spdy":true},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.gstatic.com:443":{"supports_spdy":true}},"supports_quic":{"address":"192.168.1.3","used_quic":true},"version":3}},"plugins":{"enabled_internal_pdf3":true,"enabled_nacl":true,"last_internal_directory":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.130","migrated_to_pepper_flash":true,"plugins_list":[{"enabled":true,"name":"Shockwave Flash","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.130\\gcswf32.dll","version":"10,3,181,22"},{"enabled":true,"name":"Shockwave Flash","path":"C:\\Windows\\system32\\Macromed\\Flash\\NPSWF32.dll","version":"10,0,32,18"},{"enabled":true,"name":"Java Deployment Toolkit 6.0.240.7","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npdeployJava1.dll","version":"6.0.240.7"},{"enabled":true,"name":"Java(TM) Platform SE 6 U24","path":"C:\\Program Files (x86)\\Java\\jre6\\bin\\new_plugin\\npjp2.dll","version":"6.0.240.7"},{"enabled":true,"name":"Silverlight Plug-In","path":"C:\\Program Files (x86)\\Microsoft Silverlight\\4.0.60310.0\\npctrl.dll","version":"4.0.60310.0"},{"enabled":true,"name":"Microsoft Office Live Plug-in for Firefox","path":"C:\\Program Files (x86)\\Microsoft\\Office Live\\npOLW.dll","version":"2.0.4024.1"},{"enabled":true,"name":"Chrome PDF Viewer","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.130\\pdf.dll","version":""},{"enabled":true,"name":"Chrome NaCl","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.130\\ppGoogleNaClPluginChrome.dll","version":""},{"enabled":true,"name":"Google Gears 0.5.33.0","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\43.0.2357.130\\gears.dll","version":"0.5.33.0"},{"enabled":false,"name":"Adobe Acrobat","path":"C:\\Program Files (x86)\\Adobe\\Reader 9.0\\Reader\\Browser\\nppdf32.dll","version":"9.1.0.2009022700"},{"enabled":true,"name":"Google Update","path":"C:\\Program Files (x86)\\Google\\Update\\1.3.21.57\\npGoogleUpdate3.dll","version":"1.3.21.57"},{"enabled":true,"name":"Windows Live￯﾿ﾯ￯ﾾ﾿￯ﾾﾯ￯﾿ﾯ￯ﾾﾾ￯ﾾ﾿￯﾿ﾯ￯ﾾﾾ￯ﾾﾂ￯﾿ﾯ￯ﾾ﾿￯ﾾﾯ￯﾿ﾯ￯ﾾﾾ￯ﾾﾾ￯﾿ﾯ￯ﾾﾾ￯ﾾﾙ Photo Gallery","path":"C:\\Program Files (x86)\\Windows Live\\Photo Gallery\\NPWLPG.dll","version":"15.4.3508.1109_ship.wlx.w4m4 (ship)"},{"enabled":true,"name":"Default Plug-in","path":"default_plugin","version":"1"},{"enabled":true,"name":"Flash"},{"enabled":true,"name":"Java"},{"enabled":true,"name":"Silverlight"},{"enabled":true,"name":"Microsoft Office"},{"enabled":true,"name":"Chrome PDF Viewer"},{"enabled":false,"name":"Chrome NaCl"},{"enabled":true,"name":"Google Gears 0.5.33.0"},{"enabled":false,"name":"Adobe Acrobat"},{"enabled":true,"name":"Google Update"},{"enabled":true,"name":"Windows Live￯﾿ﾯ￯ﾾ﾿￯ﾾﾯ￯﾿ﾯ￯ﾾﾾ￯ﾾ﾿￯﾿ﾯ￯ﾾﾾ￯ﾾﾂ￯﾿ﾯ￯ﾾ﾿￯ﾾﾯ￯﾿ﾯ￯ﾾﾾ￯ﾾﾾ￯﾿ﾯ￯ﾾﾾ￯ﾾﾙ Photo Gallery"},{"enabled":true,"name":"Default Plug-in"}],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"*,*":{"per_resource":{"npsitesafety.dll":1}}},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\Patric\\Desktop","type":1},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13057442467590676"},"sync_promo":{"startup_count":10,"user_skipped":true},"tabs":{"use_vertical_tabs":false},"translate_blocked_languages":["nl"],"translate_whitelists":{},"webkit":{"webprefs":{"allow_running_insecure_content":true}}}
,"manifest_version":2,"name":"GoPhoto.it","permissions":["contextMenus","tabs","http://*/*","https://*/*"],"update_url":"http://cdn.gophoto.it/Extensions/gophotoit/chrome/update.xml","version":"1.6","web_accessible_resources":["images/back.png","images/loader.gif","images/logo.png","images/icon.png","css/zoom.css"]},"path":"pfmopbbadnfoelckkcmjjeaaegjpjjbk\\1.6_0","preferences":{},"regular_only_preferences":{},"state":0,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"prefs":{"preference_reset_time":"13079074454200439"},"protection":{"macs":{"browser":{"show_home_button":"2D6A4CC19A63CD2ABF991CEDAEED85B0A0E4E56B78A532EE9FDA7E3921AECD7C"},"default_search_provider":{"keyword":"1CA7A832880179532EC9C99FE989659671D489252E90F2755CA588EAD62BB3C8","name":"7664A3726CB8C72456F3C2EBDBC19EFFCA312456080C614E33CDCAFB93A3843E","search_url":"7A1770F71A080B113055CDFF570EE8A6A1FEF64FD54C281D373C62F1993F438B"},"default_search_provider_data":{"template_url_data":"7F300AD36A7995C03C26982BF55DFC094A28E62018A654213CAD92F9ECF164EE"},"extensions":{"known_disabled":"E60692DB9357587512602B11ECFEA17FBF5B4E8F70F2A2C39D7619F375738E0B","settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"1BC34FFDD5EDE701EF8C47D6E607CF2C99F23BBC9569EEA228AC47C8B4B75882","bepbmhgboaologfdajaanbcjmnhjmhfn":"88FAE4D9C245F42312832E4398B975DE2E1754E6E396066D4B2132810B12885E","eemcgdkfndhakfknompkggombfjjjeno":"D29B865016866634E3483DCF16F4147C002FCA0D46C16883E7057DA06209485D","ennkphjdgehloodpbhlhldgbnhmacadg":"1F7C48FDBBE79C8BBC5FD81EB171912FC2E826870F694A81CF3B056738E66FFF","fjoijdanhaiflhibkljeklcghcmmfffh":"935A1A2FA5C1B528C9FD0FC3116D88352A5F61C1545C55AFA2210B9B22134BE0","gfdkimpbcpahaombhbimeihdjnejgicl":"28BD302E7B35F0A18CCC327E56BD6C347C755DFA3CFFD868404E598FD89F6AE9","kmendfapggjehodndflmmgagdbamhnfd":"2BD536D9E9A205E1B1B1F3655107C80B5E4421E8A1C5EAD741BE65F15DE254D0","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"828C32437A691F92095569FE61D1F09A8DD53F05FEAE812AAC0E8050E2A5FB21","mfehgcgbbipciphmccgaenjidiccnmng":"76411714BCB2F9EE01D84DC84190D3457E2E96894B24344A19350486F9C6187C","mgndgikekgjfcpckkfioiadnlibdjbkf":"2E887317409AB04861108182E6806AA49AB9471258ABB16AF8620A70F6B6D50C","mhjfbmdgcfjbbpaeojofohoefgiehjai":"F199783D1F53BF679E6CCE274C4B070C5BCDDF76E325FA499552626710655FE6","neajdppkdcdipfabeoofebfddakdcjhd":"1C24836E069EA1F92BE6EDE3CE6C88FF226B160BA0782824956BF079F4F76D76","nkeimhogjdpnpccoofpliimaahmaaome":"2CF7670BAE9818AB02BD4AAB96829926CF87A9B3626E5E5A31EDE5112D089D30","nmmhkkegccagdldgiimedpiccmgmieda":"DE7B2AB72D599A832F49D9390DBF165B9139C3185EC73C93F56477965116A707","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B6468F11D7CCD1B849A3E74E02276331A1B2A180655B82E6F4FDFDC9ECAF7B8F","pfmopbbadnfoelckkcmjjeaaegjpjjbk":"7D18DA9179C05DE90A6431C7A13091DCDD3A3F0ADCF2B3C63E3BA1BBDD7F0B0E"}},"google":{"services":{"last_username":"3533F4C9948B4A00F6693AE066A8CCDCDF77BEA22C103B7ADE14D34149547298","username":"0B3FF715610B812A5BB73BF01A1DBC16114130C506D70A34827D41630F782B6F"}},"homepage":"832AA6E4074E090B54C4374CDC5ECA2D895CCFD13C10CCFA160D3ECF455A14D0","homepage_is_newtabpage":"C853F0513104CB9E2CE1085A45A21AAF1683A5B291BB01E92E768C5F69C2943F","pinned_tabs":"150CFC2520DC8B1118410EEBBEF82E3F167C4006FEAC12A2308C92BC4EC0B3EE","prefs":{"preference_reset_time":"F86687BC7FF9F4131A1D017453FBC7964BF9327F18BD83E728D8234DF2F5D815"},"profile":{"reset_prompt_memento":"E4B6D13A8B8F82688DE6EF17081AA37999574146A397745AAA4F1367A77F4E17"},"safebrowsing":{"incidents_sent":"08ED11E92FB18376759BA6688F72B591795D52CFCBB3E674D4B7326F8B2FC6ED"},"search_provider_overrides":"0F205A03B37A128C2EBC59BBD6CAE17AA3AC44BD54C5A0A8D16CA007FB743C6D","session":{"restore_on_startup":"5E8835E449EA6A6A952043CE51463C0787A9B43B156E3CEC7880AB8BD5191825","startup_urls":]},"sync":{"remaining_rollback_tries":0}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Deleting CLSID Registry Keys ======================

HKEY_CLASSES_ROOT\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{9854A5C4-5BE5-46E2-A989-352DD8B37E20}_is1 deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MP5F5A3 will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CA6R12C5 will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JG62GDHP will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZGJJHY6 will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEJ6WLHN will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UG2NUQRR will be deleted at reboot
C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUETZWYU will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\3MP5F5A3 will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\CA6R12C5 will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\JG62GDHP will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\KZGJJHY6 will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\LEJ6WLHN will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\UG2NUQRR will be deleted at reboot
C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\UUETZWYU will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\Patric\AppData\Local\Mozilla\Firefox\Profiles\pmtf5ntd.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Patric\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=
==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Patric\AppData\Local\Temp will be emptied at reboot
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Patric\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\3MP5F5A3" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CA6R12C5" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JG62GDHP" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\KZGJJHY6" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LEJ6WLHN" deleted
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UG2NUQRR" not found
"C:\Users\Patric\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\UUETZWYU" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\3MP5F5A3" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\CA6R12C5" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\JG62GDHP" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\KZGJJHY6" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\LEJ6WLHN" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\UG2NUQRR" not found
"C:\Users\Patric\AppData\Local\Temporary Internet Files\Content.IE5\UUETZWYU" not found
"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on wo 22/07/2015 at 17:41:34,99 ======================