
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Coban on di 04-08-2015 at 20:32:21,92.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Coban\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

4-8-2015 20:34:00 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
# localhost name resolution is handled within DNS itself. 
127.0.0.1       localhost 
::1             localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\T-Mobile Cloud deleted successfully
C:\Users\Coban\AppData\Roaming\TP deleted successfully
C:\Users\Coban\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Coban\AppData\Local\F-Secure deleted successfully
C:\Users\Coban\AppData\Local\Intel Wireless Display deleted successfully
C:\Users\Coban\AppData\Local\MigWiz deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{77CFE6C8-2824-4478-AD9F-EAA62425DA18} deleted successfully
HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Internet Explorer\SearchScopes\{C1457A7E-EBE5-4180-B116-313CAFCF9F8B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C1457A7E-EBE5-4180-B116-313CAFCF9F8B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C1457A7E-EBE5-4180-B116-313CAFCF9F8B} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\T-Mobile Cloud not found
C:\a7624846bebad2cf48f281750cc76745 deleted
C:\Users\Coban\.android deleted
C:\install.exe deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Coban\AppData\Local\cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard deleted
C:\Users\Coban\AppData\LocalLow\searchresultstb deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\Windows\SysWow64\searchplugins deleted
C:\Windows\SysWow64\Extensions deleted
C:\Users\Coban\Documents\Add-in Express deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Coban\AppData\Local\Temp ====
2015-08-04 15:21:30	F327703F5351BB4A512E8CE9F66ABB9F	563808	----a-w-	C:\Users\Coban\AppData\Local\Temp\jre-8u51-windows-au.exe
====== Java Cache =====
2015-08-04 15:29:43	415FC9732A3F4D89A0E01251CD66E136	646	----a-w-	C:\Users\Coban\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\18\3cb32f52-59141d74
2015-08-04 15:29:49	C1BBA7F1278F193AB584FFF460DB5E2A	17878	----a-w-	C:\Users\Coban\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\35\47c58863-6614b73b
====== C:\Windows\SysWOW64 =====
2015-08-04 16:07:33	E2A2B221A47271DD4176FB9B93F670E6	93184	----a-w-	C:\Windows\SysWOW64\wudriver.dll
2015-08-04 16:07:33	CBC91E2E6158358E82D153D811B73C38	30208	----a-w-	C:\Windows\SysWOW64\wups.dll
2015-08-04 16:07:33	7F13188A9656355F664313334971DA22	173056	----a-w-	C:\Windows\SysWOW64\wuwebv.dll
2015-08-04 16:07:33	1728A7831E95BCEEEA3F0D07AE6F74EE	566784	----a-w-	C:\Windows\SysWOW64\wuapi.dll
2015-08-04 16:07:33	13810657EE732C2F5453C0C877FD5DB2	34816	----a-w-	C:\Windows\SysWOW64\wuapp.exe
2015-08-04 16:06:36	E344031017D52F5F1A4C759A815625CC	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2015-08-04 16:06:36	4466D67AC240FE1CCCB32BE743BCB488	552960	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2015-08-04 16:06:35	E97B4515FC3846CB5C6853C40E71EF28	36864	----a-w-	C:\Windows\SysWOW64\cryptbase.dll
2015-08-04 16:06:35	CA017983095846BFCFBE9C02B40958B3	221184	----a-w-	C:\Windows\SysWOW64\ncrypt.dll
2015-08-04 16:06:35	A41BF25E4F145E1BC00445B6421B9E11	686080	----a-w-	C:\Windows\SysWOW64\adtschema.dll
2015-08-04 16:06:35	98226182583DF1715F1BE6CCEA6E8D95	248832	----a-w-	C:\Windows\SysWOW64\schannel.dll
2015-08-04 16:06:35	96741CBB4CC3638A2BCB11F93B92B738	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
2015-08-04 16:06:35	81E207D09B2A7723A549EFB34B47C7EA	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2015-08-04 16:06:35	6AE6E08938D5BA9D8BA305506620B48D	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2015-08-04 16:06:35	393FDE87F56A8E98AC1B37ADB2181332	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2015-08-04 16:06:35	2E8C9C3223E05F4B42FB89C03DD09C1D	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2015-08-04 16:06:35	2B4A31319D74B3D3407AB64942B7FF32	50176	----a-w-	C:\Windows\SysWOW64\auditpol.exe
2015-08-04 16:06:35	02CD86D59807467D065F521BE81BB858	665088	----a-w-	C:\Windows\SysWOW64\rpcrt4.dll
2015-08-04 16:06:34	E6F375BAA4F839592627DA3E95BF3977	146432	----a-w-	C:\Windows\SysWOW64\msaudite.dll
2015-08-04 16:06:34	A719B9156A6DCDBACC201D9163AFF8D1	60416	----a-w-	C:\Windows\SysWOW64\msobjs.dll
2015-08-04 16:06:15	6E91F67335D57DDFFE798C815444B0E3	210432	----a-w-	C:\Windows\SysWOW64\cewmdm.dll
2015-08-04 16:06:14	D80ECB18D64AE3C2A9D8220ABEBCE40A	25600	----a-w-	C:\Windows\SysWOW64\lpk.dll
2015-08-04 16:06:14	BBA0C61CB01BA4351C41DC36BBEB55B4	299008	----a-w-	C:\Windows\SysWOW64\atmfd.dll
2015-08-04 16:06:14	900DB967084C22C6D83D637529B77E8F	34304	----a-w-	C:\Windows\SysWOW64\atmlib.dll
2015-08-04 16:06:14	2DD3D6B44442EF17675554D0482E7BC2	70656	----a-w-	C:\Windows\SysWOW64\fontsub.dll
2015-08-04 16:06:14	0A6495A400140B89242268A13C807841	10240	----a-w-	C:\Windows\SysWOW64\dciman32.dll
2015-08-04 16:06:11	143046AC227C193B5B2E0E20BC0CF1DD	312320	----a-w-	C:\Windows\SysWOW64\gdi32.dll
2015-08-04 16:05:56	4548507ED3C17DB4739DBBEAF6378004	1414656	----a-w-	C:\Windows\SysWOW64\ole32.dll
2015-08-04 16:05:36	F4AFDB5ABEA0C9079E8193E24D1DB21D	1174528	----a-w-	C:\Windows\SysWOW64\crypt32.dll
2015-08-04 16:05:36	33F67BBCC3C0499D3F3382473114CFA8	143872	----a-w-	C:\Windows\SysWOW64\cryptsvc.dll
2015-08-04 16:05:34	D864C283FFD7C080FDC25FD4C798FF8D	103936	----a-w-	C:\Windows\SysWOW64\cryptnet.dll
2015-08-04 16:05:34	588D52C2D0E60EE71FD5A64407865B10	179200	----a-w-	C:\Windows\SysWOW64\wintrust.dll
2015-08-04 16:05:13	D7C4ABB0F1FFA371928EED0C7A6E24DC	2364416	----a-w-	C:\Windows\SysWOW64\msi.dll
2015-08-04 16:05:13	7B4277F9E9F48D5D8E6AEA341F8048E8	1805824	----a-w-	C:\Windows\SysWOW64\authui.dll
2015-08-04 16:05:12	F61A069A5517F85662ED9A6C5AD5445A	73216	----a-w-	C:\Windows\SysWOW64\msiexec.exe
2015-08-04 16:05:12	C08582E7F8EA706A2D4A3C7BD5AC35C1	337408	----a-w-	C:\Windows\SysWOW64\msihnd.dll
2015-08-04 16:05:12	A344B1EFA7DB86AE1407039CD596FB1E	25088	----a-w-	C:\Windows\SysWOW64\msimsg.dll
2015-08-04 16:04:56	908B2C5317DFA001D77845A54007A189	12386304	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2015-08-04 16:04:56	4D0467DA387EC8060BB7D452C0A8BF65	2382848	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2015-08-04 16:03:52	9C6B5D4C61ECCC376E9245D357807B81	73216	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2015-08-04 16:03:52	60696EDC832502AD5D7DF53D6487E0E9	1129472	----a-w-	C:\Windows\SysWOW64\wininet.dll
2015-08-04 16:03:52	52EEA9AAC0D85D7E4CB42C091DAC8E2D	223232	----a-w-	C:\Windows\SysWOW64\dxtrans.dll
2015-08-04 16:03:52	4E70A4333FCE650477266CBDD3863A56	176640	----a-w-	C:\Windows\SysWOW64\ieui.dll
2015-08-04 16:03:52	3F11B33CCE950955DB9310073F94A917	1810432	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2015-08-04 16:03:52	2C39433C41238236196A11E41A252384	353792	----a-w-	C:\Windows\SysWOW64\dxtmsft.dll
2015-08-04 16:03:52	0F300274196FFE9C7DE9A5FDA4FBD94A	421888	----a-w-	C:\Windows\SysWOW64\vbscript.dll
2015-08-04 16:03:51	660E70878FE85CC0BFD2EA5A14BEC895	718336	----a-w-	C:\Windows\SysWOW64\jscript.dll
2015-08-04 16:03:47	2156B4E719DFCD9C682DB48EA586907D	11776	----a-w-	C:\Windows\SysWOW64\mshta.exe
2015-08-04 16:03:46	F98A2BDC45CB830A40C06C6EDCFA94EA	41472	----a-w-	C:\Windows\SysWOW64\msfeedsbs.dll
2015-08-04 16:03:46	B9511A441F51E28F7E3FBBE1D6740496	231936	----a-w-	C:\Windows\SysWOW64\url.dll
2015-08-04 16:03:46	A652BDCABE7382E1FD5CCAC5D5D021BA	367616	----a-w-	C:\Windows\SysWOW64\html.iec
2015-08-04 16:03:46	7A4EBAB2EEBC4F4AE58D29C3BD191661	142848	----a-w-	C:\Windows\SysWOW64\ieUnatt.exe
2015-08-04 16:03:46	4B70DD5E9FA3A16FD8BBDA19CA78E852	1139712	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2015-08-04 16:03:46	0ECCBEAD8AF920EA20EBC09BFE70536D	1427968	----a-w-	C:\Windows\SysWOW64\inetcpl.cpl
2015-08-04 16:03:46	05CFCC98E18FD0C3AB5AB4C92E7C8887	1804288	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2015-08-04 16:03:44	B733D77B964D566FF72E768BCE884536	9750528	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2015-08-04 16:03:44	6D436A794A9FE75FA74FD74458F51997	607744	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2015-08-04 16:03:44	52C30D873F10C3671302287E31F0F734	65024	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2015-08-04 16:03:43	1AE10331B6E20E69A1E6BC90D8F93395	10752	----a-w-	C:\Windows\SysWOW64\msfeedssync.exe
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2015-08-04 16:12:17	F91D820C59398D15D2FA4D71DEB268EB	1965056	----a-w-	C:\Windows\Sysnative\stapo64.dll
2015-08-04 16:12:17	C9813CBCDB52B7DDA91B7996CC7A51F9	431616	----a-w-	C:\Windows\Sysnative\stcplx64.dll
2015-08-04 16:12:17	B5A12E017E57B7729FE512F64D55D389	654336	------w-	C:\Windows\Sysnative\stapi64.dll
2015-08-04 16:07:33	84CEF9B2D8ED8006B3975DC1D8109B3D	696320	----a-w-	C:\Windows\Sysnative\wuapi.dll
2015-08-04 16:07:33	3F9239D5F65F1318A53EBAEC01C092F1	139776	----a-w-	C:\Windows\Sysnative\wuauclt.exe
2015-08-04 16:07:33	3EDB01024BA86C5B4D2CB307DC5D3AC0	37376	----a-w-	C:\Windows\Sysnative\wuapp.exe
2015-08-04 16:07:33	2896A06239E19379CE44FAFCDB1675B1	91136	----a-w-	C:\Windows\Sysnative\WinSetupUI.dll
2015-08-04 16:07:32	F56E83C1EFEDEF919033CBFF071602B6	36864	----a-w-	C:\Windows\Sysnative\wups.dll
2015-08-04 16:07:32	D79E3C2D45315ADCAA267A05355DFBF5	12288	----a-w-	C:\Windows\Sysnative\wu.upgrade.ps.dll
2015-08-04 16:07:32	80381DD7C4797A601E59F8E001B46793	3154944	----a-w-	C:\Windows\Sysnative\wucltux.dll
2015-08-04 16:07:32	00DCC688DF459A9FEE42C7397668C62B	98304	----a-w-	C:\Windows\Sysnative\wudriver.dll
2015-08-04 16:07:32	00383E521D3D039968B92A0998BA76FD	37888	----a-w-	C:\Windows\Sysnative\wups2.dll
2015-08-04 16:07:31	BC80574FF264848F8613A3F6F7AF7642	192000	----a-w-	C:\Windows\Sysnative\wuwebv.dll
2015-08-04 16:07:31	AA3E844A2595B1AA5825C70CA50D963E	2603008	----a-w-	C:\Windows\Sysnative\wuaueng.dll
2015-08-04 16:06:38	A66FF313F2F8A6CBF9BB2B0CC92D5ACD	1216512	----a-w-	C:\Windows\Sysnative\rpcrt4.dll
2015-08-04 16:06:36	F66102F990EE913261ED7907403718ED	729088	----a-w-	C:\Windows\Sysnative\kerberos.dll
2015-08-04 16:06:36	D5844B744F7BAF826965DD634FF8DB00	1461760	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2015-08-04 16:06:36	750C44D6F7A708F0C6618F075A0A68A7	315392	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2015-08-04 16:06:35	F01A58E45BB8E28CCE6BCF272FF0F9A8	64000	----a-w-	C:\Windows\Sysnative\auditpol.exe
2015-08-04 16:06:35	E8560BC8E1B85A5A081AEF43626187B1	44032	----a-w-	C:\Windows\Sysnative\cryptbase.dll
2015-08-04 16:06:35	C3F6A9A41CC8591EF0370708E54DE474	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
2015-08-04 16:06:35	C3F0594AF92FE71B13A44177FDB80784	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2015-08-04 16:06:35	B1D191D0EDEB86197A5FD5030B65420F	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2015-08-04 16:06:35	9F2CCDE3F30C224C082984B6F95D3D95	309760	----a-w-	C:\Windows\Sysnative\ncrypt.dll
2015-08-04 16:06:35	9EA6DA45B95599C27B1661C1D99307D7	342016	----a-w-	C:\Windows\Sysnative\schannel.dll
2015-08-04 16:06:35	97D879A884E7CDFED51AD63348A35254	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2015-08-04 16:06:35	7C26CACB82ECA09874B984B155B06AD4	686080	----a-w-	C:\Windows\Sysnative\adtschema.dll
2015-08-04 16:06:35	48A88348F1539CC7C8CB4E032DD79DAA	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2015-08-04 16:06:35	3B96392CBE54FF44BEAEB0B4BCC65487	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2015-08-04 16:06:35	09730D830B2B69B626817F4A95945308	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2015-08-04 16:06:34	EEB192537935BB12A998CAB8F5A07E78	60416	----a-w-	C:\Windows\Sysnative\msobjs.dll
2015-08-04 16:06:34	55750A7588D91B102EB17E69BFF2AAF1	146432	----a-w-	C:\Windows\Sysnative\msaudite.dll
2015-08-04 16:06:15	60696836CAD56F1B47059E1BA739787D	254976	----a-w-	C:\Windows\Sysnative\cewmdm.dll
2015-08-04 16:06:14	D57C03D365BC71C7A30504644515F3F8	41984	----a-w-	C:\Windows\Sysnative\lpk.dll
2015-08-04 16:06:14	C4EA3D63E8BF077ECD1E93BF6556AE99	3207168	----a-w-	C:\Windows\Sysnative\win32k.sys
2015-08-04 16:06:14	37C6F4906A4B3F837780AF078A1718BA	14336	----a-w-	C:\Windows\Sysnative\dciman32.dll
2015-08-04 16:06:14	2D0E2C197BA9CD67105DE5BBFBEF72A7	46080	----a-w-	C:\Windows\Sysnative\atmlib.dll
2015-08-04 16:06:14	1C4FF36152EBDF5C10A612FC9B2E1F8A	100864	----a-w-	C:\Windows\Sysnative\fontsub.dll
2015-08-04 16:06:14	08D58C21888BC2DC754F591C23709C33	372224	----a-w-	C:\Windows\Sysnative\atmfd.dll
2015-08-04 16:06:11	EFFFE1C77ACCE66C82CCFD18A9687F48	404992	----a-w-	C:\Windows\Sysnative\gdi32.dll
2015-08-04 16:05:56	E3EB94B45A2735D4559558B5899732E8	2087424	----a-w-	C:\Windows\Sysnative\ole32.dll
2015-08-04 16:05:36	7BC3E861F7E8EB543A630090FAE779E0	188416	----a-w-	C:\Windows\Sysnative\cryptsvc.dll
2015-08-04 16:05:35	71187FA11F58012C188453877E16EB8B	1480192	----a-w-	C:\Windows\Sysnative\crypt32.dll
2015-08-04 16:05:34	C5752F5CE47B6B00F914AE91087C0CB4	229376	----a-w-	C:\Windows\Sysnative\wintrust.dll
2015-08-04 16:05:34	7EE0A3B9E904AF4744E4D8F00CB5CA32	140288	----a-w-	C:\Windows\Sysnative\cryptnet.dll
2015-08-04 16:05:13	D9A91A779B5059E72D7FAD2B38275EA4	3242496	----a-w-	C:\Windows\Sysnative\msi.dll
2015-08-04 16:05:13	5489E74E56C0255159C8AE2C70744458	1941504	----a-w-	C:\Windows\Sysnative\authui.dll
2015-08-04 16:05:12	CDAD406033C31DB34185DDAECDD35FE2	504320	----a-w-	C:\Windows\Sysnative\msihnd.dll
2015-08-04 16:05:12	978DC0A1FBE9CC91B21B40AF66CB396A	70656	----a-w-	C:\Windows\Sysnative\appinfo.dll
2015-08-04 16:05:12	91593D4FB7D89249014564A5F3EC389B	25088	----a-w-	C:\Windows\Sysnative\msimsg.dll
2015-08-04 16:05:12	81CB8D34112178CE1826C86BA5F268C3	128000	----a-w-	C:\Windows\Sysnative\msiexec.exe
2015-08-04 16:05:12	0D9514850CC3A99A6600643F2888858B	112064	----a-w-	C:\Windows\Sysnative\consent.exe
2015-08-04 16:04:56	A12B9171509BAF58CB75231501A0CAE1	2382848	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2015-08-04 16:04:55	579EC7387ADA224A617665CB537AE046	17887744	----a-w-	C:\Windows\Sysnative\mshtml.dll
2015-08-04 16:03:52	CC48BFD56DC807B974505235CD199BDD	248320	----a-w-	C:\Windows\Sysnative\ieui.dll
2015-08-04 16:03:52	A4A009CDEB3DA01F8BD5551904B7032C	282112	----a-w-	C:\Windows\Sysnative\dxtrans.dll
2015-08-04 16:03:52	870CC88CC4C8110BC449CA69856D9433	96768	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2015-08-04 16:03:52	4DE187B1A7AC6EC9CE4B86EAF61B7891	453120	----a-w-	C:\Windows\Sysnative\dxtmsft.dll
2015-08-04 16:03:52	36573CEBE39C481762B20D5615FCDC37	2343936	----a-w-	C:\Windows\Sysnative\jscript9.dll
2015-08-04 16:03:51	8493BAC1D070A9109660C06991C9AE34	85504	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2015-08-04 16:03:51	57AACD76B87C943A19BD5E96287F00CC	1392128	----a-w-	C:\Windows\Sysnative\wininet.dll
2015-08-04 16:03:51	0363039D3A347A0A07B8C192917838B6	599040	----a-w-	C:\Windows\Sysnative\vbscript.dll
2015-08-04 16:03:49	A308F12A0543B9345BF0FFB419C03692	816640	----a-w-	C:\Windows\Sysnative\jscript.dll
2015-08-04 16:03:47	F002C136666BEE04A59BA4742E2AAC74	55296	----a-w-	C:\Windows\Sysnative\msfeedsbs.dll
2015-08-04 16:03:47	573E8C80574A12922A79DD17EA9F9EFB	12800	----a-w-	C:\Windows\Sysnative\mshta.exe
2015-08-04 16:03:46	EC405956C76E7519C523DE4AB6C52CB2	2158080	----a-w-	C:\Windows\Sysnative\iertutil.dll
2015-08-04 16:03:46	D9A12BCEAD3D9C29ED892A4A6E3E609C	729088	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2015-08-04 16:03:46	AE431EBB88B9CC84FB736004002FC48F	173056	----a-w-	C:\Windows\Sysnative\ieUnatt.exe
2015-08-04 16:03:46	83AF39C4BA1AF19CEDC5989994839F1C	448512	----a-w-	C:\Windows\Sysnative\html.iec
2015-08-04 16:03:45	BC4F68FD7ABD5FFED398243D5EF52312	10936320	----a-w-	C:\Windows\Sysnative\ieframe.dll
2015-08-04 16:03:45	572B0E2261113AC97514A0684A83826A	237056	----a-w-	C:\Windows\Sysnative\url.dll
2015-08-04 16:03:45	48C85306B948E0EED620D60740FB8816	1494016	----a-w-	C:\Windows\Sysnative\inetcpl.cpl
2015-08-04 16:03:45	3BC0484F923B2409F94F9B39018A9C4C	1387520	----a-w-	C:\Windows\Sysnative\urlmon.dll
2015-08-04 16:03:43	2035EC2DF20C9E6D16A114E2AA20164E	11264	----a-w-	C:\Windows\Sysnative\msfeedssync.exe
2015-08-04 16:02:49	EB59F8712DC56764D88EB495AD5938B3	1085440	----a-w-	C:\Windows\Sysnative\appraiser.dll
2015-08-04 16:02:49	DA2054C50EB38C91322D4EEBCE408C5C	765440	----a-w-	C:\Windows\Sysnative\invagent.dll
2015-08-04 16:02:49	9AFFAF544BA8FBA1ABFCCC07F6AB85B8	726528	----a-w-	C:\Windows\Sysnative\generaltel.dll
2015-08-04 16:02:49	3CDA55D83D5C9EA09DE82C6E5233C65B	433664	----a-w-	C:\Windows\Sysnative\devinv.dll
2015-08-04 16:02:49	3A87269A74F067EB566813619B4F0CC3	67584	----a-w-	C:\Windows\Sysnative\acmigration.dll
2015-08-04 16:02:49	0AC0A45552B403020780DC74FB3BAC95	1145856	----a-w-	C:\Windows\Sysnative\aeinv.dll
2015-08-04 16:02:48	BE03A1A1B4DEEFDE3E58834F7584C31F	17856	----a-w-	C:\Windows\Sysnative\CompatTelRunner.exe
2015-08-04 16:02:48	81E937F890B2F1A410547D6EB6A79572	227328	----a-w-	C:\Windows\Sysnative\aepdu.dll
====== C:\Windows\Sysnative\drivers =====
2015-08-04 16:12:17	BEB37CE4E7456F5EFA52D783D1E06D8C	528384	----a-w-	C:\Windows\Sysnative\drivers\stwrt64.sys
2015-08-04 16:06:36	45A03A0B6461EFBEE77E0A6AC2816EDA	129024	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb20.sys
2015-08-04 16:06:36	21AF322605D8C7F2A627C22634D1C9C9	290816	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb10.sys
2015-08-04 16:06:36	1877EB1495CFBDAB27D6A32F6DDF3818	159232	----a-w-	C:\Windows\Sysnative\drivers\mrxsmb.sys
2015-08-04 16:06:35	C0A6C3D6E02B61B5D100FE17306C276F	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
2015-08-04 16:06:35	7A7328E427694CC7244235C3BC299F80	155584	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
====== C:\Windows\Tasks ======
2015-08-04 17:19:25	--------	d-----w-	C:\Windows\Sysnative\Tasks\Remediation
====== C:\Windows\Temp ======
======= C:\Program Files =====
2015-08-04 17:22:16	--------	d-----w-	C:\Program Files\trend micro
2015-08-04 17:19:22	--------	d-----w-	C:\Program Files\Common Files\AV
2015-08-04 16:12:04	--------	d-----w-	C:\Program Files\IDT
======= C:\PROGRA~2 =====
2015-08-04 15:26:48	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
======= C: =====
2015-07-06 07:59:04	E7832D67AD190A920970CB5ADFC6D5D1	383	----a-w-	C:\ftconfig.ini
====== C:\Users\Coban\AppData\Roaming ======
2015-08-04 17:25:27	--------	d-----w-	C:\Windows\SysNative\config\systemprofile\AppData\Roaming\Hewlett-Packard
2015-07-10 18:21:02	3B1E943A81874597EB2833F0D65F7EFF	18946155	----a-w-	C:\Users\Coban\AppData\Local\package.nw.new
====== C:\Users\Coban ======
2015-08-04 17:19:25	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Coban\Downloads\RSITx64.exe

====== C: exe-files ==
2015-08-04 17:22:17	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Coban.exe
2015-08-04 17:21:11	DBCC2E464DA45EBCDEF2BE1CF763D75F	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2719908977-4093848447-3276493948-1000\$IDQAW2H.exe
2015-08-04 17:21:11	2E14C2151E7BB0B50122619784ED53E1	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-2719908977-4093848447-3276493948-1000\$I3VHCVB.exe
2015-08-04 16:12:17	96655903769E4996A0988769837E39FD	1128448	----a-w-	C:\Program Files\IDT\WDM\sttray64.exe
2015-08-04 16:12:17	20E27AA5BCC01C2149830C05FE22F675	301568	----a-w-	C:\Program Files\IDT\WDM\stacsv64.exe
2015-08-04 16:12:17	1818037C47EEAC439A300FC60B484994	38400	------w-	C:\Program Files\IDT\WDM\suhlp64.exe
2015-08-04 16:12:13	AEC5F6E0A4D60C1A44EA5D3A0BD52FA2	88576	----a-w-	C:\Program Files\IDT\WDM\IDTPMA64.exe
2015-08-04 16:12:12	20074C697DAC5AFD759F5CD67E62600A	212480	----a-w-	C:\Program Files\IDT\WDM\IDTNJ.exe
2015-08-04 16:12:12	08889881CB4FF5678F24536FAE8D077D	6382080	----a-w-	C:\Program Files\IDT\WDM\IDTNGUI.exe
2015-08-04 16:12:11	A6FB9DB8F1A86861D955FD6975977AE0	89600	----a-w-	C:\Program Files\IDT\WDM\AESTSr64.exe
2015-08-04 16:12:11	09972A096FF7259E1B0BFA0918C74C36	564224	----a-w-	C:\Program Files\IDT\WDM\idt64mp1.exe
2015-08-04 16:12:04	EFBC7DEC61E11CFB331F1F40B186120E	375992	------w-	C:\Program Files\IDT\setup.exe
2015-08-04 16:12:04	C03DBC6FA250B092E89766413CCC8420	754928	------w-	C:\Program Files\IDT\HDAQFE\win2k3\jpn\KB901105.exe
2015-08-04 16:12:04	BD548A47E139C3B9DA85A007017ABB56	774360	------w-	C:\Program Files\IDT\HDAQFE\xpsp1\us\kb888111xpsp1.exe
2015-08-04 16:12:04	AE0B40875224229D325AD5DBE0AB0193	658136	------w-	C:\Program Files\IDT\HDAQFE\win2k_xp\us\kb835221.exe
2015-08-04 16:12:04	ABB837361247686701CDD4DC9DDBC400	557296	------w-	C:\Program Files\IDT\HDAQFE\srvsp1\us\KB901105.exe
2015-08-04 16:12:04	A7389CC256D192A4E0EFF572143C323B	771288	------w-	C:\Program Files\IDT\HDAQFE\srvrtm\us\kb888111srvrtm.exe
2015-08-04 16:12:04	6F909BCB550F0CCAA5D1877B9293BF1F	742104	------w-	C:\Program Files\IDT\HDAQFE\win2ksp4\us\kb888111w2ksp4.exe
2015-08-04 16:12:04	4665583BC4608E833239DF3B19C28E58	720088	------w-	C:\Program Files\IDT\HDAQFE\xpsp2\us\kb888111xpsp2.exe
2015-08-04 16:12:04	149DC8054619F7765F38CC8C18603E62	752368	------w-	C:\Program Files\IDT\HDAQFE\win2k3\us\kb901105.exe
2015-08-04 16:04:54	2F1B2D73F9DDC925592CA653C5200B83	490496	----a-w-	C:\Program Files\Internet Explorer\ieinstal.exe
2015-08-04 16:03:45	4E5BA04C77DBEA9DC71768631C94D614	763632	----a-w-	C:\Program Files\Internet Explorer\iexplore.exe
2015-08-04 16:03:43	3525E77AD9670812057235A3698FE009	223744	----a-w-	C:\Program Files\Internet Explorer\ielowutil.exe
2015-08-04 15:37:34	594E23DD0288855CE2F2335F25C42E34	6609608	----a-w-	C:\$Recycle.Bin\S-1-5-21-2719908977-4093848447-3276493948-1000\$RDQAW2H.exe
2015-08-04 15:36:32	594E23DD0288855CE2F2335F25C42E34	6609608	----a-w-	C:\$Recycle.Bin\S-1-5-21-2719908977-4093848447-3276493948-1000\$R3VHCVB.exe
=== C: other files ==
2015-08-04 17:31:24	77BC42B06F537B6F8711DA35C80DFDF0	1832	----a-w-	C:\SWSetup\sp55150\Regupdate.vbs
2015-08-04 16:12:17	BEB37CE4E7456F5EFA52D783D1E06D8C	528384	----a-w-	C:\Windows\System32\drivers\stwrt64.sys
2015-08-04 16:12:17	BEB37CE4E7456F5EFA52D783D1E06D8C	528384	----a-w-	C:\Program Files\IDT\WDM\stwrt64.sys
2015-08-04 16:11:38	BEB37CE4E7456F5EFA52D783D1E06D8C	528384	----a-w-	C:\SWSetup\sp55094\WDM\Vista\stwrt64.sys
2015-08-04 16:11:38	6DF8F38CB63F1C4A9C32834C7D918F50	441856	----a-w-	C:\SWSetup\sp55094\WDM\Vista\stwrt.sys
2015-08-04 16:06:36	45A03A0B6461EFBEE77E0A6AC2816EDA	129024	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
2015-08-04 16:06:36	21AF322605D8C7F2A627C22634D1C9C9	290816	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-04 16:06:36	1877EB1495CFBDAB27D6A32F6DDF3818	159232	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-08-04 16:06:35	C0A6C3D6E02B61B5D100FE17306C276F	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-08-04 16:06:35	7A7328E427694CC7244235C3BC299F80	155584	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-08-04 16:06:14	C4EA3D63E8BF077ECD1E93BF6556AE99	3207168	----a-w-	C:\Windows\System32\win32k.sys
2015-08-04 15:23:56	5F7B14A65C88D4AEB0E3DF49C6A0941F	14130	----a-w-	C:\Program Files (x86)\Java\jre1.8.0_51\lib\deploy\ffjcext.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-2719908977-4093848447-3276493948-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON687742 (Epson Stylus SX525WD)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S4337.tmp /EF HKCU"
"EPSON SX525WD Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S7031.tmp /EF HKCU"
"EPSON SX525WD Series (Kopie 1)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S232E.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"NUSB3MON"="C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"EEventManager"="C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"F-Secure Hoster (45123)"="C:\Program Files (x86)\Internetbeveiliging\fshoster32.exe -app -hosterid:1"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"EPSON687742 (Epson Stylus SX525WD)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S4337.tmp /EF HKCU"
"EPSON SX525WD Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S7031.tmp /EF HKCU"
"EPSON SX525WD Series (Kopie 1)"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATIGAE.EXE /FU C:\Windows\TEMP\E_S232E.tmp /EF HKCU"
"CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~2\\search~1\\datamngr\\mgrldr.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"IntelPAN"="C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe /tf Intel PAN Tray"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApplePhotoStreams]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="ApplePhotoStreams"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\ApplePhotoStreams.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudDrive]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudDrive"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudDrive.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iCloudServices]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iCloudServices"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\Apple\\Internet Services\\iCloudServices.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\QuickTime Task]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="QuickTime Task"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"


==== Startup Folders ======================

2015-07-03 09:52:13	1314	----a-w-	C:\Users\Coban\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2007 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [04-08-2015 17:33]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-10-2014 18:48]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [25-10-2014 18:48]
C:\Windows\tasks\HPCeeScheduleForCoban.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Coban-HP-Coban" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\HPCeeScheduleForCoban" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\WSCStub.exe"]
"C:\Windows\SysNative\tasks\Registration" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{DB8EC54B-5970-4EFC-AFC5-CD2D585D2FA8}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{140DAB91-022C-4E87-9EA3-0E196413338E}" [C:\Program Files (x86)\Skype\Phone\Skype.exe]
"C:\Windows\SysNative\tasks\{28028E7E-E904-466B-ABFB-C78048AB5E88}" [C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE]
"C:\Windows\SysNative\tasks\{33AB78E2-1203-4548-9A13-4387B0A91FBF}" [C:\Program Files (x86)\iTunes\iTunes.exe]
"C:\Windows\SysNative\tasks\{8E29D526-A002-4DCA-8783-2E90BD3CFBE5}" [C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Assistant\HPSA Upgrade" [C:\ProgramData\Hewlett-Packard\HPSAUpgrade3\HpSAUpgrade.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HPW10UpgradeReminder" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPW10UpgradeReminder.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\Windows\SysNative\tasks\Norton Family\Norton Error Analyzer" [C:\Program Files (x86)\Norton Family\Engine\3.2.0.15\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Family\Norton Error Processor" [C:\Program Files (x86)\Norton Family\Engine\3.2.0.15\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe]
"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\SymErr.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\Windows\SysNative\tasks\Remediation\AntimalwareMigrationTask" ["C:\Program Files\Common Files\AV\Norton Internet Security\Upgrade.exe"]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{6D5C8FC4-DE46-41bf-9092-93F0F78E9115}"="C:\ProgramData\Norton\{78CA3BF0-9C3B-40e1-B46D-38C877EF059A}\NSM_3.2.0.15\coFFFw" []

==== Chromium Look ======================

Google Chrome Version: 44.0.2403.125

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
aepeildmfnnehghlknddebgjghlompfe - C:\Program Files (x86)\HP SimplePass 2011\tschrome.crx[11-02-2011 03:37]
eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Coban\AppData\Roaming\BabSolution\CR\delta1.crx[]
iikflkcanblccfahdhdonehdalibjnif - No path found[]
mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\21.7.0.11\Exts\Chrome.crx[05-03-2015 10:45]

Google Slides - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Website Logon - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aepeildmfnnehghlknddebgjghlompfe
Google Docs - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Video downloader pro - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem
Google Sheets - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap
Chrome Web Store Payments - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
twork_stats":{"srtt":249668}},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":44982}},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":40371}},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":37554}},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":49416}},"www.googletagservices.com:80":{"network_stats":{"srtt":829474}},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":149261},"supports_spdy":true},"www.gstatic.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":24686}},"www.youtube-nocookie.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":23252}},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":67360}}},"supports_quic":{"address":"192.168.2.8","used_quic":true},"version":3}},"ntp":{"app_page_names":["Apps"]},"partition":{"per_host_zoom_levels":{"2166136261":{"studentportal.inholland.nl":-0.5778829311823857,"webmail.inholland.nl":0.5227586988632231,"www.vodafone.nl":-1.5778829311823859,"www.ziggo.nl":-3.8017840169239294}}},"password_bubble":{"nopes":1},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"printing":{"print_preview_sticky_settings":{"appState":"{\"version\":2,\"isGcpPromoDismissed\":false,\"selectedDestinationId\":\"EPSON SX525WD Series (Kopie 1)\",\"selectedDestinationOrigin\":\"local\",\"selectedDestinationAccount\":\"\",\"selectedDestinationCapabilities\":{\"printer\":{\"collate\":{\"default\":false},\"color\":{\"option\":[{\"is_default\":true,\"type\":\"STANDARD_COLOR\",\"vendor_id\":\"2\"},{\"type\":\"STANDARD_MONOCHROME\",\"vendor_id\":\"1\"}]},\"copies\":{},\"duplex\":{\"option\":[{\"is_default\":true,\"type\":\"NO_DUPLEX\"},{\"type\":\"LONG_EDGE\"},{\"type\":\"SHORT_EDGE\"}]},\"media_size\":{\"option\":[{\"custom_display_name\":\"A4 210 x 297 mm\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},{\"custom_display_name\":\"10 x 15 cm (4 x 6 in)\",\"height_microns\":152400,\"name\":\"NA_INDEX_4X6\",\"vendor_id\":\"285\",\"width_microns\":101600},{\"custom_display_name\":\"13 x 18 cm (5 x 7 in)\",\"height_microns\":177900,\"name\":\"NA_5X7\",\"vendor_id\":\"284\",\"width_microns\":127000},{\"custom_display_name\":\"A6 105 x 148 mm\",\"height_microns\":148000,\"name\":\"ISO_A6\",\"vendor_id\":\"260\",\"width_microns\":105000},{\"custom_display_name\":\"A5 148 x 210 mm\",\"height_microns\":210000,\"name\":\"ISO_A5\",\"vendor_id\":\"11\",\"width_microns\":148000},{\"custom_display_name\":\"B5 182 x 257 mm\",\"height_microns\":257000,\"name\":\"JIS_B5\",\"vendor_id\":\"13\",\"width_microns\":182000},{\"custom_display_name\":\"9 x 13 cm (3.5 x 5 in)\",\"height_microns\":127000,\"vendor_id\":\"281\",\"width_microns\":89000},{\"custom_display_name\":\"13 x 20 cm (5 x 8 in)\",\"height_microns\":203200,\"name\":\"NA_INDEX_5X8\",\"vendor_id\":\"267\",\"width_microns\":127000},{\"custom_display_name\":\"20 x 25 cm (8 x 10 in)\",\"height_microns\":254000,\"name\":\"NA_GOVT_LETTER\",\"vendor_id\":\"268\",\"width_microns\":203200},{\"custom_display_name\":\"16:9 wide size (102 x 181 mm)\",\"height_microns\":180600,\"vendor_id\":\"306\",\"width_microns\":101600},{\"custom_display_name\":\"100 x 148 mm\",\"height_microns\":148000,\"name\":\"JPN_HAGAKI\",\"vendor_id\":\"263\",\"width_microns\":100000},{\"custom_display_name\":\"Enveloppe #10 4 1/8 x 9 1/2 in\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104800},{\"custom_display_name\":\"Enveloppe DL  110 x 220 mm\",\"height_microns\":220000,\"name\":\"ISO_DL\",\"vendor_id\":\"27\",\"width_microns\":110000},{\"custom_display_name\":\"Enveloppe C6  114 x 162 mm\",\"height_microns\":162000,\"name\":\"ISO_C6\",\"vendor_id\":\"31\",\"width_microns\":114000},{\"custom_display_name\":\"Letter 8 1/2 x 11 in\",\"height_microns\":279400,\"name\":\"NA_LETTER\",\"vendor_id\":\"1\",\"width_microns\":215900},{\"custom_display_name\":\"Legal 8 1/2 x 14 in\",\"height_microns\":355600,\"name\":\"NA_LEGAL\",\"vendor_id\":\"5\",\"width_microns\":215900},{\"custom_display_name\":\"A3 297 x 420 mm\",\"height_microns\":420000,\"name\":\"ISO_A3\",\"vendor_id\":\"8\",\"width_microns\":297000},{\"custom_display_name\":\"A3+ 329 x 483 mm\",\"height_microns\":483000,\"vendor_id\":\"258\",\"width_microns\":329000},{\"custom_display_name\":\"A2 420 x 594 mm\",\"height_microns\":594000,\"name\":\"ISO_A2\",\"vendor_id\":\"257\",\"width_microns\":420000},{\"custom_display_name\":\"B4 257 x 364 mm\",\"height_microns\":364000,\"name\":\"JIS_B4\",\"vendor_id\":\"12\",\"width_microns\":257000},{\"custom_display_name\":\"B3 364 x 515 mm\",\"height_microns\":515000,\"name\":\"JIS_B3\",\"vendor_id\":\"259\",\"width_microns\":364000}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"EPSON SX525WD Series (Kopie 1)\",\"mediaSize\":{\"custom_display_name\":\"A4 210 x 297 mm\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"isColorEnabled\":true,\"customMargins\":null,\"vendorOptions\":{}}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":13,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]www.pathe-thuis.nl,*":{"setting":1}},"popups":{"https://[*.]mijn.belastingdienst.nl:443,*":{"setting":1},"https://[*.]studentportal.inholland.nl:443,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]www.pathe-thuis.nl,*":{"plugins":1},"https://[*.]mijn.belastingdienst.nl:443,*":{"popups":1},"https://[*.]studentportal.inholland.nl:443,*":{"popups":1}},"pref_version":1},"created_by_version":"38.0.2125.111","exit_type":"Crashed","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Marsmannetje","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{},"selectfile":{"last_directory":"C:\\rsit"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13061232519102664"},"sync_promo":{"startup_count":10},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":3},"translate_denied_count_for_language":{"en":1},"translate_last_denied_time":1.416934e+12,"translate_last_denied_time_for_language":{"en":1.438703e+12},"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}
ePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13061232519110909","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\38.0.2125.111\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13072011293209484","lastpingday":"13083145220237970","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"3167B705C91D79086631B6FC3209C87827222628E70C34BE39AF3D92A423C9C8"},"default_search_provider":{"keyword":"D3EC6D211B2B5BC9955E681F960B0ABC231390E1CF5976F32BACF470C1B189C7","name":"B9334D8464ADE152DFF1FD511692E4940408AEFBCBC4798A449D6AC56863509A","search_url":"E7BF8F0205D3257A90A33876C7DB67D61003A59DC2C2B3FCB1F55B24BEB10635"},"default_search_provider_data":{"template_url_data":"F99FAB82E85206C248E0FC5A63D7284BBD073325B663D98D4C1F541988DA7510"},"extensions":{"settings":{"aapocclcgogkmnckokdopfmhonfmgoek":"28DBEFC48FC0C67556061436439732861089195B19011C6361C4899E7A9969B6","aepeildmfnnehghlknddebgjghlompfe":"D754155CD8264F1551D486AE86F288BE777917A0A304B35E2A13C65B20425125","ahfgeienlihckogmohjhadlkjgocpleb":"53A85283B1C304BF9F453ABAB5FDB8F95B94728508F72D1B80722D6E86A750BE","aohghmighlieiainnegkcijnfilokake":"BD1B3B5BF7966BFA457D9317EAAA0FC11BE88CC870D051CA14564A6333E59691","apdfllckaahabafndbhieahigkjlhalf":"5C2B186705155391222346AF03D04EF1C84959E7B799C6BCF69045FA8BB6D39D","bepbmhgboaologfdajaanbcjmnhjmhfn":"076B68A45CFEFE395271D4AE4E0A8DA1193244573EA56E65E83288C6CA947622","blpcfgokakmgnkcojhhkbfbldkacnbeo":"83828F470F5FA43419977C13F2B1C2C9F2DA3BA9336A8C0540FEE90B750DBB7C","coobgpohoikkiipiblmjeljniedjpjpf":"AA3805B465C58D41B4B8E2ABC89BD3CEA31E182359A8D92CE776EFEDD76C1563","dbjlfogfpagepnaojhfbdlhjhildeaem":"9DDACF1DB9E6F9E315D57CCEB96A2B08E9212937B35301577BF6CA94B9209010","eemcgdkfndhakfknompkggombfjjjeno":"F1C7BD303ABDA2B2DCC5ABA02B7AB936120C7A370C0206F5F9D156B510887CFD","ennkphjdgehloodpbhlhldgbnhmacadg":"CDA473C2304EBA4F32F688FA547A2FF900223309B8BB6428185CF734C6C6DBAD","felcaaldnbdncclmgdcncolpebgiejap":"E05155871C52372C0832651525E5F4C4600A51D19B903CF056D1847AB0F7512E","gfdkimpbcpahaombhbimeihdjnejgicl":"0D9FCEF5F3FF709A5BB60CD11A4127F39FAB03E878A14C90868976F08D834074","iikflkcanblccfahdhdonehdalibjnif":"94E484AF21BF81F5B04C4995E9156791438336CADBE5181D62902903A2AFE2C3","kmendfapggjehodndflmmgagdbamhnfd":"F40520884B330372AAA6DF1DA3E3E09C8CF31E412733187686B848F125536EC4","mfehgcgbbipciphmccgaenjidiccnmng":"ED4ED30722600DD9CA0B976E33EA4E0222231604178B3B2A7BADEBAD77A70789","mfffpogegjflfpflabcdkioaeobkgjik":"FD6CA4C15BFEE6B0C4259B5063CB518ACA2AF222E013443A52B8970ACC7C6651","mgndgikekgjfcpckkfioiadnlibdjbkf":"114481C042EE0C06674AA5D7CA1FB1A5B08DFDA517010A6F139452B2DE8F0A61","mhjfbmdgcfjbbpaeojofohoefgiehjai":"69AE0A569E567961F64B4A74447448C0CFC27D98945AF1F199D588381346DE90","mkfokfffehpeedafpekjeddnmnjhmcmk":"E0EB2251C2920FF6E249069D8B904F25EF3DFF1D779B141B9F28217BAF1E88AF","ndibdjnfmopecpmkdieinmbadjfpblof":"6713E9D0E8EBA41CD856BDCCA3B48754C1AD968A461FF85B3A5347BB5BA5F9AB","neajdppkdcdipfabeoofebfddakdcjhd":"3FC9CD4E1FAFD4EC62C1EC9320D3BD88B30B12F800BBD0EB0E5748A89202AFA8","nkeimhogjdpnpccoofpliimaahmaaome":"560F146B37254948C0E12E22E91D2F4DE70186AC5C2AC71BDDE1F8E73EAFDE57","nmmhkkegccagdldgiimedpiccmgmieda":"91CC3B9DA100E57F7B4B454BFA4A3A06C19E88C7B9B0C4CA65D2C7CFABDDE9DC","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"00E4714CF9D23F1E33A2E0E5F1243EA4B404D3715ECF5EDE6FAD903319001B0A","pjkljhegncpnkpknbcohdijeoejaedia":"449D4529E18A602CAA02EA345CE5ADC65B61729CDFCF37DAC2C93A505F877627"}},"google":{"services":{"account_id":"20BD78266A66A364508AC6D94F9A0CAD310E1D112D13A63B29FB5DD38B627956","last_username":"A36930FBB0012D2A2C62A3CEAADA3D222C8BDDC5432EFF7CF03D042DDECD005F","username":"31572FF0F8B91A7147871D26C257D8930EEA9405D07782A6B048B1989C9449DD"}},"homepage":"F58AC70668B89AB3EFD528437C4D052E581766C64FE8CCC4345AE665B014AC75","homepage_is_newtabpage":"1C508C4540EF4C363629DE87568BDB45FBC530440045F6567BA5D389D7DC2BF8","pinned_tabs":"3FFAEE72F95EE19D3E344888D22A37E4A08219E6DE58A2CBA009874332504E1E","prefs":{"preference_reset_time":"15AD05E7DFB39333AB9804F72F2D834772D5B30CD91C0964A52CE6CC910D903B"},"profile":{"reset_prompt_memento":"533D65419E82E66C49D474763B1E3BAA43EE47E3C1C29F02DDF9679514F74870"},"safebrowsing":{"incidents_sent":"B0CAEAB776F90F517BC95369FBF422FB4C5C4A581FFA4C3B7D6795A2B571945E"},"search_provider_overrides":"3131C83DFCA5E896FE90731A3FADCFEC2A10BCC68B77B0D8DB32C29D66BA41D0","session":{"restore_on_startup":"87F2C447CD2E0B9BBC9EB534581E01FAA61FEE4513447616C1FFD45876DADC14","startup_urls":"7065D16BB41A09F7912B39D8DB8D7E7A33D3C8AEA99A8D22CDDE4F31A630CE44"},"software_reporter":{"prompt_reason":"8299BDDC87E73F46F400F07798239E3B359C15EB7CCB58E5257FBF3D6E2206C7","prompt_seed":"E3501DC87AD670CEEB7A66731F10DE48F2859F544CB0FCA445C7C22005574356","prompt_version":"878555ACD8432CE2A9C60E0FDC6B2FA4E0525D08674077B4E5A300466A610DE2"},"sync":{"remaining_rollback_tries":"6A770A9113C4F2449E164080A7C4C82169DC16894831D1E727243CCD4F6C01B3"}},"super_mac":"430637EB0C506836DBFBB6C71B6D3A91CA02F63CB3F9B43A594F9C9F2D2CA7A7"}}


==== Chromium Fix ======================

C:\Users\Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dbjlfogfpagepnaojhfbdlhjhildeaem deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://startpagina.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://startpagina.nl/"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="https://www.google.com/search?q={searchTerms}"
{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia  Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{6D5C8FC4-DE46-41bf-9092-93F0F78E9115} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Coban\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Coban\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=112 folders=39 146890238 bytes)

==== Empty Temp Folders ======================

C:\Users\Coban\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Coban\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
"C:\Users\Coban\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted
"C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted

==== EOF on di 04-08-2015 at 21:00:55,41 ======================