Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Wimpie on di 18/08/2015 at 10:09:55,83. Microsoft Windows 7 Ultimate 6.1.7600 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Wimpie\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 18/08/2015 10:13:45 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\MarkAny deleted successfully C:\PROGRA~2\Ravensburger tiptoi deleted successfully C:\PROGRA~2\COMMON~1\Blizzard Entertainment deleted successfully C:\Program Files\ATI Technologies deleted successfully C:\Program Files\HitmanPro deleted successfully C:\Program Files\log deleted successfully C:\Program Files\SAMSUNG deleted successfully C:\PROGRA~3\OviInstallerCache deleted successfully C:\PROGRA~3\ProcessLasso deleted successfully C:\Users\Wimpie\AppData\Roaming\ArcSoft deleted successfully C:\Users\Wimpie\AppData\Roaming\JAM Software deleted successfully C:\Users\Wimpie\AppData\Roaming\NeroDigital(TM) deleted successfully C:\Users\Wimpie\AppData\Roaming\Nokia Suite deleted successfully C:\Users\Wimpie\AppData\Roaming\RavensburgerTipToi deleted successfully C:\Users\Wimpie\AppData\Roaming\Razer deleted successfully C:\Users\Wimpie\AppData\Roaming\Vso deleted successfully C:\Users\Wimpie\AppData\Roaming\Windows Live Writer deleted successfully C:\Users\Wimpie\AppData\Local\calibre-cache deleted successfully C:\Users\Wimpie\AppData\Local\Logitech-LS deleted successfully C:\Users\Wimpie\AppData\Local\Samsung deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2714756216-894153804-1477211748-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1024F1BE-76DC-40d5-AB98-664A4185E5FA} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\6gnuwier.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151808_1032_.backup ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\grf0788f.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20151808_1032_.backup ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default user.js not found ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WR user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); ---- Lines Search-Results removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline url(\"IMAGE\") right no ---- FireFox user.js and prefs.js backups ---- prefs_20151808_1032_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\MarkAny not found C:\PROGRA~2\Ravensburger tiptoi not found C:\PROGRA~2\Real Alternative deleted C:\Users\Wimpie\AppData\Roaming\calibre deleted C:\Windows\syswow64\appdata deleted C:\Users\Wimpie\.android deleted C:\PROGRA~2\Your Uninstaller 2010 deleted C:\Users\Wimpie\AppData\Roaming\pcouffin.log deleted C:\Users\Wimpie\AppData\Roaming\Systweak deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\RENBA5A.tmp deleted C:\Windows\Syswow64\RENF058.tmp deleted C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default\.autoreg deleted "C:\ComboFix.txt" deleted "C:\Windows\Installer\53c6a21b.msi" deleted "C:\Windows\Installer\ca2b7.msi" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-08-18 08:06:32 A3379E16DBF369B2E84945E1EAB59CC9 1116333888 ------w- C:\Windows\MEMORY.DMP 2015-08-17 12:33:39 B58952E67FC2FA0E689F4F0F4E3091E6 43112 ----a-w- C:\Windows\avastSS.scr ====== C:\Users\Wimpie\AppData\Local\Temp ==== 2015-08-18 08:08:33 E6794640B6725B5606EEB67D53F03D14 71168 ----a-w- C:\Users\Wimpie\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmptvqyrl.dll ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-08-18 08:06:18 E764DC85FF0BE407D8F94F9420F763CC 431848 ----a-w- C:\Windows\Sysnative\FNTCACHE.DAT 2015-08-17 12:33:49 A4DDD3B3A0B3EB00EC64D90CDF5405DD 378880 ----a-w- C:\Windows\Sysnative\aswBoot.exe ====== C:\Windows\Sysnative\drivers ===== 2015-08-17 12:33:54 C88EB6EA6819740B97DECE3E6FD1C7BA 115152 ----a-w- C:\Windows\Sysnative\drivers\ngvss.sys 2015-08-17 12:30:45 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-08-17 12:30:37 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys 2015-08-17 12:30:37 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-08-17 12:30:37 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-08-14 21:12:40 288471F132C7249F598032D03575F083 129472 ----a-w- C:\Windows\Sysnative\drivers\rzpnk.sys 2015-08-14 21:12:26 0C90E6CEA576095888E779E5BD9DD060 37184 ----a-w- C:\Windows\Sysnative\drivers\rzpmgrk.sys 2015-08-14 21:12:07 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_rzudd_01009.Wdf 2015-08-14 21:11:45 D41D8CD98F00B204E9800998ECF8427E 0 ---ha-w- C:\Windows\Sysnative\drivers\Msft_Kernel_rzendpt_01009.Wdf ====== C:\Windows\Tasks ====== 2015-07-30 00:14:32 404B9D170FC28E52F2A8E2113EA7D07A 3242 ----a-w- C:\Windows\Sysnative\Tasks\{23B763D8-6394-4515-AB2E-E763B6B04DFA} ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-17 22:25:23 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-08-12 15:57:40 -------- d-----w- C:\PROGRA~2\WinDirStat 2015-07-29 11:04:01 -------- d-----w- C:\PROGRA~2\AMD ======= C: ===== 2015-08-17 22:13:57 0786C7C3223FB8AFB97BEE1F103B4F10 296 ----a-w- C:\AdwCleaner[S5].txt 2015-08-17 22:13:42 A6C0FFE6E358B019AAE99998DFAEE69B 296 ----a-w- C:\AdwCleaner[S4].txt 2015-08-17 22:13:26 080AB1CA564E83DDB4A481B334B307AF 296 ----a-w- C:\AdwCleaner[S3].txt ====== C:\Users\Wimpie\AppData\Roaming ====== 2015-08-18 08:08:34 0BD6DED11CF830C6F2B96F0F36B49195 111008 ----a-w- C:\Users\Wimpie\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-17 19:10:25 -------- d-----w- C:\Users\Wimpie\AppData\Local\Google 2015-08-17 13:25:41 -------- d-----w- C:\Users\Public\AppData\Local\temp 2015-08-17 13:25:41 -------- d-----w- C:\Users\Default\AppData\Local\temp 2015-08-17 13:25:41 -------- d-----w- C:\Users\Default User\AppData\Local\temp 2015-08-14 21:12:28 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Razer 2015-08-14 21:09:58 -------- d-----w- C:\Users\Wimpie\AppData\Local\Razer 2015-08-14 17:18:55 -------- d-----w- C:\Users\Wimpie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-12 15:57:40 -------- d-----w- C:\Users\Wimpie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinDirStat ====== C:\Users\Wimpie ====== 2015-08-17 22:25:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Wimpie\Desktop\RSITx64.exe 2015-08-17 19:10:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-08-14 21:09:27 -------- d-----w- C:\ProgramData\Razer 2015-08-12 15:57:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDirStat 2015-07-29 11:04:55 -------- d-----w- C:\ProgramData\ATI 2015-07-29 11:04:34 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center ====== C: exe-files == 2015-08-17 22:25:24 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Wimpie.exe 2015-08-17 22:25:02 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Wimpie\Desktop\RSITx64.exe 2015-08-17 19:50:03 B1798BC27E40983B12FEFD0D85C05B3F 873800 ----a-w- C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\SwReporter\4.28.1\software_reporter_tool.exe 2015-08-17 19:10:04 7B1C7024B0C9B68B56B4A5FDBC373B57 48892496 ----a-w- C:\Program Files (x86)\Google\Update\Install\{81C39448-10BE-4D70-BB93-7CC18AB02D73}\44.0.2403.155_chrome64_installer.exe 2015-08-17 19:10:03 7B1C7024B0C9B68B56B4A5FDBC373B57 48892496 ----a-w- C:\Program Files (x86)\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\44.0.2403.155\44.0.2403.155_chrome64_installer.exe 2015-08-17 12:47:20 70D09276FE2AAA808813399245A2F493 1542696 ----a-w- C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\62AXOPQ5\contentDATs[1].exe 2015-08-17 12:33:49 A4DDD3B3A0B3EB00EC64D90CDF5405DD 378880 ----a-w- C:\Windows\System32\aswBoot.exe 2015-08-14 21:12:48 DBC8971108AC94B8CA551AC90D26F572 42215 ----a-w- C:\ProgramData\Razer\Synapse\RzStats\Uninstall\Uninstall.exe 2015-08-14 21:12:48 DBC8971108AC94B8CA551AC90D26F572 42215 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RzStats\Razer_RzStats_Uninstall.exe 2015-08-14 21:12:19 232318EB9BDF24929475DCB218D651D2 32933 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerDeathAdderRGBConfig\RazerDeathAdderChromaConfig_Uninstaller.exe 2015-08-14 21:12:17 7D725DA225A80CC6DD73B90D7E347FA3 46507 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\Razer_Common_Driver\RazerCommonDriverUninstaller.exe 2015-08-14 21:10:47 FF49B47515BBA03510BE96F8B6B11D0F 32206 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerFonts\RazerFonts_Uninstaller.exe 2015-08-14 21:10:44 0FF486C9A34DD7EA930CA2E24EDA6846 3783456 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_RzStats_v1.01.44.exe 2015-08-14 21:10:39 7A75DCD2FFE2E962D4E9C3276814A086 32569800 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_InGame_Engine_v1.0.12.6401.exe 2015-08-14 21:10:38 EFF8261AD45BB90E71FB789A065CE32A 6772528 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\RzGSS_Setup_v1.0.6.2638.exe 2015-08-14 21:10:37 DA60DA05F1B7EC2A829943172250A977 8202968 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_DeathAdderChroma_Config_v1.01.02.exe 2015-08-14 21:10:36 F096DB6C8C2F07F9FFB111C9FABB9849 7492104 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_Common_Driver_v1.31.00.exe 2015-08-14 21:10:33 B3ECCC4D88B749FD207950D586A3FD09 12226440 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\CommonConfigInstaller_v2.46.1.exe 2015-08-14 21:10:30 F85BBDA1E03586F64E60C29F45E4DB90 11669848 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Downloads\Razer_SynapseFonts_v1.00.01.exe 2015-08-14 21:09:41 F7B41BE7ADCBCDE860C38D615A3DC368 33061 ----a-w- C:\ProgramData\Razer\Synapse\ProductUpdates\Uninstallers\RazerCommonConfig\RazerCommonConfig_Uninstaller.exe 2015-08-14 17:18:03 A7209D8ACB8309F7747D44AE5830B8EC 48886904 ----a-w- C:\Users\Wimpie\AppData\Local\Dropbox\Update\Download\{CC46080E-4C33-4981-859A-BBA2F780F31E}\3.8.6\DropboxClient_3.8.6.exe 2015-08-12 15:57:40 A127E6118B9DD2F9D5A7CC4D697A0105 47846 ----a-w- C:\Program Files (x86)\WinDirStat\Uninstall.exe === C: other files == 2015-08-17 13:20:40 52D325FD9477594D3C4B6A837DC74324 296496 ----a-w- C:\Windows\System32\vbox\VBoxSF.sys 2015-08-17 13:04:42 AB7EE863261E2088C68506C4D16190B6 300 ----a-w- C:\Qoobox\Quarantine\L\av1.zip 2015-08-17 13:04:36 43C80BA32BF7C767DF5C94EFCECBBCC9 339 ----a-w- C:\Qoobox\Quarantine\K\av1.zip 2015-08-17 12:33:54 C88EB6EA6819740B97DECE3E6FD1C7BA 115152 ----a-w- C:\Windows\System32\drivers\ngvss.sys 2015-08-17 12:30:45 8F22037D3F5A6BB676525D825A1388B9 113880 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-08-17 12:30:37 E681CE4AE5C09651D53CB4387CA3560E 109272 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys 2015-08-17 12:30:37 AE757332EA130E94E646621CC695B52A 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-08-17 12:30:37 A8D28D5B3E2A528D1EF0E338E44F2820 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-08-14 21:12:40 288471F132C7249F598032D03575F083 129472 ----a-w- C:\Windows\System32\drivers\rzpnk.sys 2015-08-14 21:12:26 0C90E6CEA576095888E779E5BD9DD060 37184 ----a-w- C:\Windows\System32\drivers\rzpmgrk.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe" [HKEY_USERS\S-1-5-21-2714756216-894153804-1477211748-1000\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID TH38S1720P05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Dropbox Update"="C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "GoogleChromeAutoLaunch_F13E96BAE3A72E6DC4059A3D85C2DEBF"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\tray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ATICustomerCare"="C:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe" "HDAudDeck"="C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r" "Razer Lachesis Driver"="C:\Program Files (x86)\Razer\Lachesis 5600\LachesisSysTray.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "HP Software Update"="C:\Program Files (x86)\Hewlett-Packard\HP Software Update\HPWuSchd2.exe" "SDTray"="C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "Garmin Lifetime Updater"="C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized" "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "StartCCC"="C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe MSRun" "Razer Synapse"="C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HP Photosmart 6520 series (NET)"="C:\Program Files\HP\HP Photosmart 6520 series\Bin\ScanToPCActivationApp.exe -deviceID TH38S1720P05XP:NW -scfn HP Photosmart 6520 series (NET) -AutoStart 1" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "Dropbox Update"="C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "GoogleChromeAutoLaunch_F13E96BAE3A72E6DC4059A3D85C2DEBF"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Launch LCore"="C:\Program Files\Logitech Gaming Software\LCore.exe /minimized" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BlueStacks Agent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="BlueStacks Agent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\BlueStacks\\HD-Agent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\Wimpie\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\KiesTrayAgent] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="KiesTrayAgent" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\Samsung\\Kies\\KiesTrayAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LogMeIn GUI] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="LogMeIn GUI" "hkey"="HKLM" "command"="\"C:\\Program Files (x86)\\LogMeIn\\x64\\LogMeInSystray.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Raptr] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Raptr" "hkey"="HKCU" "command"="C:\\PROGRA~2\\Raptr\\raptrstub.exe --startup" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Viber] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Viber" "hkey"="HKCU" "command"="\"C:\\Users\\Wimpie\\AppData\\Local\\Viber\\Viber.exe\" StartMinimized" ==== Startup Folders ====================== 2014-07-29 21:37:54 1142 ----a-w- C:\Users\Wimpie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/08/2015 19:36] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2714756216-894153804-1477211748-1000Core.job --a------ C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [18/06/2015 16:20] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2714756216-894153804-1477211748-1000UA.job --a------ C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe [18/06/2015 16:20] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/10/2014 17:06] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [21/10/2014 17:06] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2714756216-894153804-1477211748-1000Core" [C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\DropboxUpdateTaskUserS-1-5-21-2714756216-894153804-1477211748-1000UA" [C:\Users\Wimpie\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express Self Updater\ExpressSelfUpdater.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 19dd519dcdda472fa6a2ec1b7081d22bd40be859cbb74aab827645ec549b3e7b" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 693b86574c06400f9db7704202f45748ff8cb75dcc8a415c926939646246cd29" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 6bca986907b943409cbb3f5556c8953a31abdf4957524f70a1df687d01581da7" [C:\Program Files\HP\HP Photosmart 6520 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCustParticipation HP Photosmart 6520 series" ["C:\Program Files\HP\HP Photosmart 6520 series\Bin\HPCustPartic.exe"] "C:\Windows\SysNative\tasks\ibVPN-Service" ["C:\Program Files (x86)\ibVPN\ibVPN.service.exe"] "C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{F10D958D-4777-4B66-A32E-6EE0403D7594}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\{D4DA33AB-9773-466B-885E-42764F1041B3}" [C:\Program Files (x86)\Skype\\Phone\Skype.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS RegRun Loader" [C:\Program Files (x86)\ASUS\AASP\1.00.95\AsLoader.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS SIX Engine" [C:\Program Files\ASUS\Six Engine\SixEngine.exe] "C:\Windows\SysNative\tasks\ASUS\ASUS Update Checker" [C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe] "C:\Windows\SysNative\tasks\ASUS\Cpu Level Up Hook Lanunch" [C:\Program Files (x86)\ASUS\AI Suite\CpuLevelUpHookLaunch.exe] "C:\Windows\SysNative\tasks\ASUS\TurboVHelp" [C:\Program Files\ASUS\TurboV EVO\TurboVHELP.exe] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe"] "C:\Windows\SysNative\tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system" ["C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe"] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default user_pref("browser.search.defaulturl", "http://go.mail.ru/search?utf8in=1&fr=ietb&q={SearchTerms}"); user_pref("keyword.URL", "http://go.mail.ru/search?utf8in=1&fr=ietb&q="); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\grf0788f.default - Undetermined - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} - BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} ProfilePath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - LogMeIn Inc. Remote Access Plugin - %ProfilePath%\extensions\LogMeInClient@logmein.com - VideoDownloader - %ProfilePath%\extensions\videodowloader@videodownloader.net - Garmin Communicator - %ProfilePath%\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b} - @Mail.Ru - %ProfilePath%\extensions\{37964A3C-4EE8-47b1-8321-34DE2C39BA4D} - BitComet - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} - Undetermined - %ProfilePath%\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}-trash - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} - FireDownload - %ProfilePath%\extensions\firedownload@mozilla.org.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== Profilepath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\grf0788f.default 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies Profilepath: C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default DD32CC554BF6EAA6ED4BBE0C6978D2E2 - C:\Users\Wimpie\AppData\Roaming\Mozilla\Firefox\Profiles\qtej5d93.default\extensions\LogMeInClient@logmein.com\plugins\npRACtrl.dll - LogMeIn, Inc. Remote Access Components 1.0.0.1024 CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWoW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director 54FC590185D7D00D65E53B9A5990DC14 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_135.dll - Shockwave Flash 990C95EDA57C6DAD5326113D088CF4D7 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll - Shockwave Flash 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies D5577EFFAEB3CCC1A6166AAD6EC7B52C - C:\Windows\SysWoW64\Macromed\AUTHORWA\np32asw.dll - Authorware Web Player 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.155 HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[17/03/2015 17:30] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17] Belfius Smart Card Reader Chrome Extension - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\agicnfmechmlphpjmeefookfjhifbmhi Google Drive - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Tampermonkey - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo IBA Opt-out (by Google) - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb Create your own QR Codes This App generates QR Codes from free text URLs phone numbers SMS messages or contacts vcard. - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcmhlmapohffdglflokbgknlknnmogbb AdBlock - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Avast Online Security - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Google Play Music - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg Dropbox - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl Google Play - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi Google Maps - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh https //www.google.be/ - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbgjgmjeegodepankjobjpbkmjljgipd Chrome Web Store Payments - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Outlook.com - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge Gmail - Wimpie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Preferences "supports_spdy":true},"stats.g.doubleclick.net:443":{"supports_spdy":true},"storage.googleapis.com:443":{"supports_spdy":true},"syndication.twitter.com:443":{"supports_spdy":true},"t.co:443":{"supports_spdy":true},"talkgadget.google.com:443":{"supports_spdy":true},"translate.googleapis.com:443":{"supports_spdy":true},"upload.wikimedia.org:443":{"supports_spdy":true},"usurf01.appspot.com:443":{"supports_spdy":true},"video-ams2-1.xx.fbcdn.net:443":{"supports_spdy":true},"video-sjc2-1.xx.fbcdn.net:443":{"supports_spdy":true},"www.facebook.com:443":{"supports_spdy":true},"www.google-analytics.com:443":{"supports_spdy":true},"www.google.be:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googleadservices.com:443":{"supports_spdy":true},"www.googleapis.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.googletagmanager.com:443":{"supports_spdy":true},"www.gstatic.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"supports_spdy":true},"yts.to:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"npn-spdy/3.1"}],"supports_spdy":true},"zebra.pushbullet.com:443":{"supports_spdy":true}},"version":3}},"ntp":{"app_page_names":["Applicaties"]},"partition":{"per_host_zoom_levels":{"8073667879648486032":{}}},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"[*.]chrome.angrybirds.com,*":{"setting":1},"[*.]kinepolis.be,*":{"setting":1},"[*.]movies.yahoo.com,*":{"setting":1},"[*.]toprightnews.com,*":{"setting":1},"[*.]www.froot.nl,*":{"setting":1},"[*.]www.hln.be,*":{"setting":1},"[*.]www.imdb.com,*":{"setting":1},"[*.]www.thehobbit.com,*":{"setting":1},"[*.]www.youtube.com,*":{"setting":1},"http://cdnapi.kaltura.com:80,http://www.hln.be:80":{"setting":1},"https://[*.]www.facebook.com:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"[*.]www.gamepoint.com,*":{"setting":1},"[*.]www.jessy89sweet.com,*":{"setting":1},"[*.]www.jmeeting.com,*":{"setting":1},"[*.]www.spelpunt.nl,*":{"setting":1},"[*.]www2.jmeeting.com,*":{"setting":1},"http://192.168.0.121:8080,*":{"setting":1},"http://192.168.1.101:8080,*":{"setting":1},"http://192.168.1.4:8080,*":{"setting":1},"https://[*.]stuiterproxy.associatie.kuleuven.be:443,*":{"setting":1},"https://[*.]wimpiesbeast-chxdtaduxf.app03-11.logmein.com:443,*":{"setting":1},"https://[*.]wimpiesbeast-onoqdgllml.app03-01.logmein.com:443,*":{"setting":1},"https://[*.]www.belfius.be:443,*":{"setting":1}},"popups":{"[*.]www.tlplanet.com,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"[*.]chrome.angrybirds.com,*":{"fullscreen":1},"[*.]kinepolis.be,*":{"fullscreen":1},"[*.]movies.yahoo.com,*":{"fullscreen":1},"[*.]toprightnews.com,*":{"fullscreen":1},"[*.]www.froot.nl,*":{"fullscreen":1},"[*.]www.gamepoint.com,*":{"plugins":1},"[*.]www.hln.be,*":{"fullscreen":1},"[*.]www.imdb.com,*":{"fullscreen":1},"[*.]www.jessy89sweet.com,*":{"plugins":1},"[*.]www.jmeeting.com,*":{"plugins":1},"[*.]www.spelpunt.nl,*":{"plugins":1},"[*.]www.thehobbit.com,*":{"fullscreen":1},"[*.]www.tlplanet.com,*":{"popups":1},"[*.]www.youtube.com,*":{"fullscreen":1},"[*.]www2.jmeeting.com,*":{"plugins":1},"http://192.168.0.121:8080,*":{"plugins":1},"http://192.168.1.101:8080,*":{"plugins":1},"http://192.168.1.4:8080,*":{"plugins":1},"http://boels.be:80,http://boels.be:80":{"geolocation":1},"http://cdnapi.kaltura.com:80,http://www.hln.be:80":{"fullscreen":1},"http://chrome.ebuddy.com:80,*":{"notifications":1},"http://embed.cyberxess.com:80,*":{"media-stream-camera":2,"media-stream-mic":2},"http://flex.dnxlive.com:80,*":{"media-stream-camera":1,"media-stream-mic":1},"http://locator.shell.be:80,http://www.shell.be:80":{"geolocation":1},"http://www.googlenaps.info:80,http://www.googlenaps.info:80":{"geolocation":2},"http://www.lucide.be:80,http://www.lucide.be:80":{"geolocation":1,"last_used":{"geolocation":1425123254.957831}},"http://www.rizap.com:80,*":{"media-stream-camera":1,"media-stream-mic":1},"http://www.samsung.com:80,http://www.samsung.com:80":{"geolocation":1,"last_used":{"geolocation":1428405966.81458}},"http://www.wittegids.be:80,http://www.wittegids.be:80":{"geolocation":1,"last_used":{"geolocation":1415977263.554957}},"https://[*.]stuiterproxy.associatie.kuleuven.be:443,*":{"plugins":1},"https://[*.]wimpiesbeast-chxdtaduxf.app03-11.logmein.com:443,*":{"plugins":1},"https://[*.]wimpiesbeast-onoqdgllml.app03-01.logmein.com:443,*":{"plugins":1},"https://[*.]www.belfius.be:443,*":{"plugins":1},"https://[*.]www.facebook.com:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://web.whatsapp.com:443,*":{"last_used":{"notifications":1422830676.094648},"notifications":1},"https://web.whatsapp.com:443,https://web.whatsapp.com:443":{"last_used":{"notifications":1422830676.09483}},"https://www.google.be:443,*":{"media-stream-camera":2,"media-stream-mic":2}},"pref_version":1},"created_by_version":"44.0.2403.155","exit_type":"Crashed","exited_cleanly":true,"gaia_info_picture_url":"https://lh3.googleusercontent.com/-bKPbHdSexy4/AAAAAAAAAAI/AAAAAAAAADk/QfGX0aoZKoA/s256-c/photo.jpg","gaia_info_update_time":"13084312364218407","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"savefile":{"default_directory":"C:\\Users\\Wimpie\\Desktop"},"selectfile":{"last_directory":"C:\\Users\\Wimpie\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13084312225582806"},"signin":{"signedin_time":"13084312362064180"},"sync":{"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAgl6d7idbJ0qnOzdmXsVZVAAAAAACAAAAAAAQZgAAAAEAACAAAACk72FDVxCQSF9poGNy38OqoXxJSVAQtr8W7V0pFzTFzQAAAAAOgAAAAAIAACAAAACVegyYcUwdjCBgRvFRdjSemBnevKl1S1X+V7mpXY98nkAAAABiQyJN5g+v41j+7V9Dc5usjzKzwSdz9pZ2N3oi4qaladw8n49PeQMD1OUu0M915yU4ZJ5jYOhe3So3O4tDlSFNQAAAAGPJb3KFamrxBl9uloyLTRWGfqYoaHb1JfkPpa5/jGwDQfyc1vASimbCTheN/aAHgEQ9pBSg2K+81OwPlw2HHPE=","first_sync_time":"13084312362072147","has_setup_completed":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAgl6d7idbJ0qnOzdmXsVZVAAAAAACAAAAAAAQZgAAAAEAACAAAACf7AUTL+DTbqqRUw9XgftPwwbOBPB40uwFLr+iY9ZwDgAAAAAOgAAAAAIAACAAAABGdP65mlhAEm6R1I+qgq4AuTfuUk0ni6LOwXqjvkGxrFAAAADoWLK87gKZ+xmcnU5dzeefrnfBoBrYgbBLY2KhzdMJDZzEc7GBD3HTWHANgSHjwkpt08e+tYcXmYpVzHTcHLUBMXyu7Ox4XxwpE+Y0gSKs/EAAAADeEQIIkYBBaUIeHmndJpb8C1zWVM6qJAG1L3GAnX/41Y/SjWRvNh4da5rHl4njnxKOzB76edT5x1YGFmYSAs8V","last_synced_time":"13084359864125686","memory_warning_count":0,"session_sync_guid":"session_syncP6Xej3gJAEF9rJ6mNk24ng==","shutdown_cleanly":false,"suppress_start":false},"sync_promo":{"startup_count":1},"translate":{"enabled":false},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_whitelists":{}} al":"zy","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084312244832109","last_active_pingday":"13084354821963904","last_launch_time":"13084358519272279","lastpingday":"13084354803260230","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"google":{"services":{"account_id":"wimpie001@gmail.com","last_username":"wimpie001@gmail.com"}},"homepage":"","homepage_is_newtabpage":true,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"47EA9B5904CF1C273B2D02FE5154D092A0B9F27B15E63596B244D2C67B5FE6CF"},"default_search_provider":{"keyword":"F781A4715976D99D1CCE0186E724EF9CC16844889A90DED1E03C3A44349BF05D","name":"F5010B44DC9AA51508D46EC048CE37136FB3CA54B5F4363343565149DAAA2696","search_url":"2A6D84B82A56E5502299202D10FE4081BF88BC36638BA728FDD8F485360E0530"},"default_search_provider_data":{"template_url_data":"02048A6F38E85C1814C921B5A815D93E8A2DC6B299FB1D6B1F751D67D908CEF3"},"extensions":{"settings":{"agicnfmechmlphpjmeefookfjhifbmhi":"F412EBC25B0C35695217B4ED2F0E5141DE863C0DB42E6BDB1D1B13DCF70CB02E","ahfgeienlihckogmohjhadlkjgocpleb":"62AAB21CECC996FC50A6C4383DA44759CBC8A98A549D09EDD2ED29BE7A364292","aknpkdffaafgjchaibgeefbgmgeghloj":"696C0952BF3712216E35D34B291E601FE6C2EEECF77FF6FF3BDE26CC04501EB2","apdfllckaahabafndbhieahigkjlhalf":"C5289073F3633C9CD9F5586B9D2DFAD79CB082BA8C0452A796351C2F30AA7EBC","bepbmhgboaologfdajaanbcjmnhjmhfn":"259AB7E476430D6F0C84D8567036E885CC45AC51D82BCE6550FCF31A84F84032","blpcfgokakmgnkcojhhkbfbldkacnbeo":"CCD87D9B434C8135FF3D1EA94A575A855FE0F2555F26953C7ACE80A12401B89A","coobgpohoikkiipiblmjeljniedjpjpf":"720AB954E1D40CA5856A8AEA9FD4CE15568F7B0CDEE2CCC3F4E9CF93CD7A749B","cpnkjeilhjjbfpebfiehmlmnklbibbgf":"34A58FB395C1D4D888FCDEDB9B5DD67D0636C1A854C0210E4EB8D8A77989C8D1","dhdgffkkebhmkfjojejmpbldmpobfkfo":"F22C0E9141583F2C0CF4C472A4D1204ED88C92014AEA1B806233F050280E4D43","eemcgdkfndhakfknompkggombfjjjeno":"C73FF206E3C0E67F995FBB8AB0E3AEE2992B8D203AD31050E0CE59858A31DDE2","ennkphjdgehloodpbhlhldgbnhmacadg":"A3C9F5F65B857E63326A8D1B13AA5ABF8D7AFD5B386C481A4EFD343E98B8B165","gapmfphppackembpmcngainfkjkdplab":"3544044E6CD2D27674B7725D62DE49C3E1C9635B0E431338134C083F703EE762","gbiekjoijknlhijdjbaadobpkdhmoebb":"5EF98DF0021B729A180D8F440C28136A54D4F3B5BE19A8C387667416DDD01D95","gcmhlmapohffdglflokbgknlknnmogbb":"585B3D13FCA914A36BD9F821C64470C734A775FFDA004BDA5CB5D5532A745AF9","gfdkimpbcpahaombhbimeihdjnejgicl":"9020259A5310C251C3ACEE7E21DB686A3734E96B85A5D05C3EEFB538FE047F72","gighmmpiobklfepjocnamgkkbiglidom":"06C8ED01A6464B7B81CCD4642352A717866D4EF3AEC37A228F0B3BE3117FAD6F","gomekmidlodglbbmalcneegieacbdmki":"1FC8DE7FDF642881E8A72D991FF18F2045F5D55F1973F19F65994184040676BA","hagemnkahodlfpchjapbbjfbmigebecf":"83CE28EF527F28E0F0A3503FB49548D87004FB1E22330BDEC833A2146E2423B0","hlefhfghmjooichokalnffmoibdcoahp":"D5F63758836F647C45231CF1EF939B92D77F0B6FEAF79CC0CF1F11743F7A986D","icppfcnhkcmnfdhfhphakoifcfokfdhg":"854F600CFD8A3400FABEC342A65777016999C15529F291752BA55912E20556F0","ioekoebejdcmnlefjiknokhhafglcjdl":"F31D007367B7393C6B0CB5A9B16AE258767C5F22514A6CA2C9E0590CB57CA69F","jojeiedlnfmimoidcicfajibolpkdfki":"70A8D95C37A76BA7AF045172F05DFB9B199C709A1DB192EBCA7773BB6FC5B0A5","kmendfapggjehodndflmmgagdbamhnfd":"8DF9EF01D31C6162312242B503BD7490E4C52A968462F388E816B128447A3EFB","komhbcfkdcgmcdoenjcjheifdiabikfi":"720115EA0DCEA1D9C6F34A6D2A5DD776CDFAAE66062BAC249A58BEA151770D88","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"DBF7DD176680A89435D6987F5594BE154426637024BD1A76968F49832FBA2CBE","lneaknkopdijkpnocmklfnjbeapigfbh":"7024934093926A13929E6FE4B7628B94CCD29672242584BD8E83B8E4BB8D2071","mbgjgmjeegodepankjobjpbkmjljgipd":"09B3EAEC7EB766B810938802D3FB5048F4D6C015D954DBCC3C28EB7AA8CD05A8","mfehgcgbbipciphmccgaenjidiccnmng":"ACB1670A72F42DBE1417B0448C41AD15C40A514EAB32B83AB16921FCAF4E94D7","mfffpogegjflfpflabcdkioaeobkgjik":"B0BC9059B8E74EA3645D136E3DE4B38CB7E815DF1C5162F1E5C4AF36785D93BE","mgndgikekgjfcpckkfioiadnlibdjbkf":"EF3C41565A3F6D6D5675396D9602CBB210A74CC7CBC89E43A63A614ADB8222B0","mhjfbmdgcfjbbpaeojofohoefgiehjai":"D8B0196EAF02B9F18E3D36FE547BBC54E37EB828A2861E8FFFD933224A854755","mkojhhiphdgeliplnclnbmdiofhgnimi":"DD8F4557CB2F6EC486FA0363DF7C76AA1FDD57D24C7572B91F26AF66A4593E19","neajdppkdcdipfabeoofebfddakdcjhd":"248AAF2B9403449FC2637475713DB0A951178DB780E1119806FC8EAC05804768","nkeimhogjdpnpccoofpliimaahmaaome":"0C903B03D0773D5D2280AC691376E2BC54AD25200DC04499B025940347889114","nmmhkkegccagdldgiimedpiccmgmieda":"9FB0F796F5FB95610AF02A217D8C3F2209885BEAE45AFA7622F1D80A3F0B3F3C","nnbjppodhmgmaiopkmpodjkfjiplehim":"C1067C13F84692573EC055CFDF323B5739EE7C10AF7D1BE7A06622A8C1439FB1","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"D16DBE3371F37307DB2A614A60B48B1D849E0C8AD88EA74749A51EB6CDD75F09","pfpeapihoiogbcmdmnibeplnikfnhoge":"6E2B2F0CB5F64FF132800C18118DABB16818EC61C530472A143CD425CBD47F19","pjkljhegncpnkpknbcohdijeoejaedia":"2D63EACC62C8749429508D7DE610CD433636516BAC9619F136319B71BBB21787"}},"google":{"services":{"account_id":"C26F6526038C454E56B919E672F7AD0EC5617FF4EB2D473E058235E8DAD85E3C","last_username":"07A72319BE7DB070449C6DF5AEB6FB0518994A7EEECE91846B180FA0DE546881","username":"8C1D71AA442A2503E76CF6D4AD7E84E23A3A8671BCB67F961BB39205D416D861"}},"homepage":"891BCCA247D7877A906E07E9EB99139C966DB6A4D1A8ECADB17C6705D4E5EE77","homepage_is_newtabpage":"4041E5A658DBF203B30EE8C8EC7B0B4B54BF7566D2CFD753267DF8DCAFB5C6A0","pinned_tabs":"102E79BF20AB26B0B86722BA684C95F9484FAF243A1606422B36E1D0AB86F0C0","prefs":{"preference_reset_time":"F1AC417660CD7133D637EADF9AD6CA6271377527FC35C136D5AC42B81404E58E"},"profile":{"reset_prompt_memento":"3162C1174CEAD8DA16D9673FEEDAB5DE66B18615FB710176BF35C46775531441"},"safebrowsing":{"incidents_sent":"5F38D3049E763CBCA3B4A615D626D174B1D1D50852A0869D986660818FD97F2C"},"search_provider_overrides":"E195C0C06FFE70585AC77C528C052D0F985B6F7F19908CFF009F7F362F4CD510","session":{"restore_on_startup":"1371830344C640801EFC6BEE9DBF5FF8EC3FC063D84AB209FEDBF734BBBD40AE","startup_urls":"161D23F9AA9644134078797363CBCD4CA6006CD344E341A4C0EA87868DF1916C"},"software_reporter":{"prompt_reason":"93BF4A38FF2B5F113EC33278FF59EA978BB2DE5FABD8EC97EFD748CE65251A0B","prompt_seed":"3E63960C0904D3F2AEC6A85BA986BF269DF4E4ECC7DA0548CF94A7F895F20408","prompt_version":"D69EDC583BA9EF2528E46869FB1E8D4C39CA8C7FCC5BD2F2180005FBE71A914A"},"sync":{"remaining_rollback_tries":"81FB7E6C4F2A9A2D97AF46EC5433AB7C142EB1C8CB9E25EAAB34A54879EED1E8"}},"super_mac":"1457F3866A3EFE77978D320445DF7EBF1FF6EB3A8F5F5E187EADFE958916A4C3"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.be/"]},"sync":{"remaining_rollback_tries":0}} ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://webmail.tucrail.be/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.tucrail.be%2fowa%2f%3fae%3dItem%26a%3dNew%26t%3dIPM.Note%26cc%3dMTQuMi4zNDcuMCxubC1CRSw0Mjk0OTY3Mjk1LEhUTUwsMCww%26pspid%3d_1383795953992_447769572" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://webmail.tucrail.be/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fwebmail.tucrail.be%2fowa%2f%3fae%3dItem%26a%3dNew%26t%3dIPM.Note%26cc%3dMTQuMi4zNDcuMCxubC1CRSw0Mjk0OTY3Mjk1LEhUTUwsMCww%26pspid%3d_1383795953992_447769572" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="about:newtab" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal will be reset at reboot ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\fe_12.0@nokia.com deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\5392EF0065BF0144BAF56D7EC071172D deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\81C5BE9622211F14C857965B5FF53412 deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{69EB5C18-1222-41F1-8C75-69B5F55F4321} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{00FE2935-FB56-4410-AB5F-D6E70C1771D2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\5392EF0065BF0144BAF56D7EC071172D deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\81C5BE9622211F14C857965B5FF53412 deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Facebook Update deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn GUI deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Viber deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Users\Wimpie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Wimpie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache will be emptied at reboot ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=132 folders=63 122597933 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\Wimpie\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Wimpie\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Web Data" not found "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Wimpie\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache\data_0" deleted "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache\data_1" deleted "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache\data_2" deleted "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache\data_3" deleted "C:\Users\Wimpie\AppData\Local\Google\Chrome\User Data\Default\Cache\index" deleted "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on di 18/08/2015 at 10:49:03,57 ======================