
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by fred on wo 26/08/2015 at 13:53:57,27.
Microsoft Windows 7 Professional  6.1.7601 Service Pack 1 x86
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\fred\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2015-08-25-100533.log	26546 bytes
C:\zoek-results2015-08-25-120714.log	381 bytes

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\Program Files\Reimage not found
C:\ProgramData\Reimage Protector not found
C:\Program Files\Reimage not found
C:\rei not found
"C:\Windows\Reimage.ini" not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2015-08-12 17:36:03	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\notepad.exe
2015-08-07 15:03:15	BAA2B3193CD936DCD8A08957847302C8	14135	----a-w-	C:\Windows\diagerr.xml
2015-08-07 15:03:15	692CA5EBC9E0CEF0A8D0BE4DF7400CEE	9528	----a-w-	C:\Windows\diagwrn.xml
====== C:\Users\fred\AppData\Local\Temp ====
2015-08-25 13:36:07	E6794640B6725B5606EEB67D53F03D14	71168	----a-w-	C:\Users\fred\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjluuhu.dll
2015-08-17 10:25:48	4CA2A47139E3F5A3986F117243F8D3C4	22012688	----a-w-	C:\Users\fred\AppData\Local\Temp\tmptun8hr\googledrivesync.exe
====== Java Cache =====
====== C:\Windows\system32 =====
2015-08-21 10:15:03	38E2C00331EC1E158B8702FF7AC8577F	147768	----a-w-	C:\Windows\System32\BgGamingMonitor.dll
2015-08-21 10:14:23	81AAAAA57100F6FDB3B7B447F9CA9833	61992	----a-w-	C:\Windows\System32\BGLsp.dll
2015-08-14 17:20:44	4478348E3942AD9EED9AB263AFE7CD83	12875776	----a-w-	C:\Windows\System32\shell32.dll
2015-08-14 17:20:41	CE21524C53E9671A7108B28FB9B4E474	1251328	----a-w-	C:\Windows\System32\DWrite.dll
2015-08-14 17:20:41	680D463893C9846CC6A1DA6012DD0FE5	299520	----a-w-	C:\Windows\System32\atmfd.dll
2015-08-14 17:20:41	37DE123FE4276D8EC7F3C5B10C236238	909824	----a-w-	C:\Windows\System32\FntCache.dll
2015-08-14 17:20:39	A22126F58B07E937D10F96A506E40107	2384384	----a-w-	C:\Windows\System32\win32k.sys
2015-08-14 17:20:38	965CFC7687F0D188F215DC142FC8F6A1	1987584	----a-w-	C:\Windows\System32\d3d10warp.dll
2015-08-14 17:20:38	60AA427E651E0D97A6666AF6D7391549	26624	----a-w-	C:\Windows\System32\lpk.dll
2015-08-14 17:20:38	520AEC6C64AF2CFD74B469DB98611D4A	10240	----a-w-	C:\Windows\System32\dciman32.dll
2015-08-14 17:20:38	400C20D6967A83EA69D6953EBB8D3FA3	34304	----a-w-	C:\Windows\System32\atmlib.dll
2015-08-14 17:20:37	7983F3481E89B96074FAE9AFCC24079C	70656	----a-w-	C:\Windows\System32\fontsub.dll
2015-08-14 17:20:25	5E7C5DE85AF978495C3A9A0B720B9811	44032	----a-w-	C:\Windows\System32\basesrv.dll
2015-08-14 17:19:57	C989240A97D4E0B4354679CCF7E66389	30720	----a-w-	C:\Windows\System32\iernonce.dll
2015-08-14 17:19:57	C929BFB3FD2460B570553AE7344640BC	60416	----a-w-	C:\Windows\System32\JavaScriptCollectionAgent.dll
2015-08-14 17:19:57	BFD073E2AAA0F4D155EDE021C0138645	685568	----a-w-	C:\Windows\System32\ie4uinit.exe
2015-08-14 17:19:57	BDC048308B74B2146495BBB8D4CD4974	47616	----a-w-	C:\Windows\System32\ieetwproxystub.dll
2015-08-14 17:19:57	8DD94CBAE33F026B4F05AC94D14A4500	102912	----a-w-	C:\Windows\System32\ieetwcollector.exe
2015-08-14 17:19:56	BD3E3A13423C40E8CF4BE531EE68BAF0	1310720	----a-w-	C:\Windows\System32\urlmon.dll
2015-08-14 17:19:56	A010F6EC42AD604418062E6E0E2EFA7B	667648	----a-w-	C:\Windows\System32\MsSpellCheckingFacility.exe
2015-08-14 17:19:56	67DA0EE95026FB2D3577F664F2187F98	342736	----a-w-	C:\Windows\System32\iedkcs32.dll
2015-08-14 17:19:56	358D91656E54B03B8FFE3CF4D535A6C8	504320	----a-w-	C:\Windows\System32\vbscript.dll
2015-08-14 17:19:55	D7FDD5E8B88ADE9107772B4C879FDF94	115712	----a-w-	C:\Windows\System32\ieUnatt.exe
2015-08-14 17:19:55	8B6B89D3FEDB34CA38055B82A790545F	620032	----a-w-	C:\Windows\System32\jscript9diag.dll
2015-08-14 17:19:55	793F71F873D106A611DB79741327038C	418304	----a-w-	C:\Windows\System32\dxtmsft.dll
2015-08-14 17:19:55	728188684708FEF4F18E2CAB46C54DBB	710144	----a-w-	C:\Windows\System32\ieapfltr.dll
2015-08-14 17:19:55	1CB9D50EE52BED7DEBF394CEA8A971A5	47104	----a-w-	C:\Windows\System32\jsproxy.dll
2015-08-14 17:19:54	E3762A30F1EC29C30AC85CC2B8CAA3F3	2724864	----a-w-	C:\Windows\System32\mshtml.tlb
2015-08-14 17:19:54	C98AF04E9FC94DBF57B29A9891597664	689152	----a-w-	C:\Windows\System32\msfeeds.dll
2015-08-14 17:19:53	D1D3DB57C68A2A62E03DD973F53CEA18	2052608	----a-w-	C:\Windows\System32\inetcpl.cpl
2015-08-14 17:19:53	445DB8651F05684F8259D4054A15BC50	168960	----a-w-	C:\Windows\System32\msrating.dll
2015-08-14 17:19:53	0E9529DC8BA5AD3C06B99F115D0D804D	62464	----a-w-	C:\Windows\System32\iesetup.dll
2015-08-14 17:19:52	FB1B7D2B2D500E067B96C56EE0B4DDAD	664064	----a-w-	C:\Windows\System32\jscript.dll
2015-08-14 17:19:52	E97F4BE222DF9E297B4915ECD3EAE5BA	4096	----a-w-	C:\Windows\System32\ieetwcollectorres.dll
2015-08-14 17:19:52	0AC8CD2138FD10C4A0E2FF08F892359C	1951232	----a-w-	C:\Windows\System32\wininet.dll
2015-08-14 17:19:51	32664FC06B115923C449DC22D47CD8A6	285696	----a-w-	C:\Windows\System32\dxtrans.dll
2015-08-14 17:19:50	3E168B5E5FEE3D09C2D4E97861B5F4B3	479232	----a-w-	C:\Windows\System32\ieui.dll
2015-08-14 17:19:50	3C74EA1EC43A694060F09B7D754446C6	12856832	----a-w-	C:\Windows\System32\ieframe.dll
2015-08-14 17:19:49	4D036506C8359185FC52EB49DB891743	341504	----a-w-	C:\Windows\System32\html.iec
2015-08-14 17:19:48	FCDCEB29CD1129C6C86AD9700A7E5BD1	76288	----a-w-	C:\Windows\System32\mshtmled.dll
2015-08-14 17:19:48	53DE75BD2C7A3EA29770147EAC8A8D5A	1155072	----a-w-	C:\Windows\System32\mshtmlmedia.dll
2015-08-14 17:19:47	ECF459774AE6A273F0F59D7C072DB3C4	64000	----a-w-	C:\Windows\System32\MshtmlDac.dll
2015-08-14 17:19:46	AB6A3699E478DEF677D48B126B223C54	4520448	----a-w-	C:\Windows\System32\jscript9.dll
2015-08-14 17:19:45	BAAAC903BF7F9CA5F1129C972AEDE6BD	19870208	----a-w-	C:\Windows\System32\mshtml.dll
2015-08-14 17:19:44	A37FEDFC0BC9E96AD3DFFF41D5805F04	2279424	----a-w-	C:\Windows\System32\iertutil.dll
2015-08-14 17:19:39	6B003E11CDBDA3B45A3D16E5A9D3F73B	82432	----a-w-	C:\Windows\System32\davclnt.dll
2015-08-14 17:19:39	55C70654420DBF429604FD567E6F3CD3	206848	----a-w-	C:\Windows\System32\WebClnt.dll
2015-08-14 17:19:33	AF0EC95144F76EA4B40A7ED1DD34616C	856064	----a-w-	C:\Windows\System32\rdvidcrl.dll
2015-08-14 17:19:33	A27593907607A692D0DE105DE29BBC33	53248	----a-w-	C:\Windows\System32\tsgqec.dll
2015-08-14 17:19:32	90E480789256D852FA3EADD39D56FDDA	6131200	----a-w-	C:\Windows\System32\mstscax.dll
2015-08-14 17:19:31	5165FC65AD502CC3408B5DE18E076796	355840	----a-w-	C:\Windows\System32\wksprt.exe
2015-08-14 17:19:27	DC18FFFF3175376ABD38E6D48309F7F9	3934656	----a-w-	C:\Windows\System32\ntoskrnl.exe
2015-08-14 17:19:25	C11ADDE3BD8EF44385ECDAB2D51D8B60	1308160	----a-w-	C:\Windows\System32\ntdll.dll
2015-08-14 17:19:24	6C95D6264810F816E92780E7DB81F7B1	3989952	----a-w-	C:\Windows\System32\ntkrnlpa.exe
2015-08-14 17:19:24	4EE25AC85AFC3FD67D9F57ECDF566FF2	1159168	----a-w-	C:\Windows\System32\sysmain.dll
2015-08-14 17:19:23	A746240E3B4BAC9581FA50D6C4844EFC	1061376	----a-w-	C:\Windows\System32\lsasrv.dll
2015-08-14 17:19:22	FC85BC746818EE9B5181EA0B1C882778	552960	----a-w-	C:\Windows\System32\kerberos.dll
2015-08-14 17:19:22	EF084206DE3F540C219168141FC78421	400896	----a-w-	C:\Windows\System32\srcore.dll
2015-08-14 17:19:22	C7B6B74169B21687A83BE46FC2A34C9D	655360	----a-w-	C:\Windows\System32\rpcrt4.dll
2015-08-14 17:19:22	AE70DD4AF25F193F454231402C6A668A	262656	----a-w-	C:\Windows\System32\rstrui.exe
2015-08-14 17:19:21	FE748FEAA8A5A7677DA1C2C6CE405ADE	248832	----a-w-	C:\Windows\System32\schannel.dll
2015-08-14 17:19:21	E3C99FEA8FF71063AFE3111B7475825B	38912	----a-w-	C:\Windows\System32\csrsrv.dll
2015-08-14 17:19:21	650B603F5C040727788F19AD0B8D09BC	221184	----a-w-	C:\Windows\System32\ncrypt.dll
2015-08-14 17:19:21	2B8B8E5AE54D0EAAE5B84F65C325C3A7	69632	----a-w-	C:\Windows\System32\smss.exe
2015-08-14 17:19:21	15400F593C9023CDC1D144C30BBDA47A	259584	----a-w-	C:\Windows\System32\msv1_0.dll
2015-08-14 17:19:20	E70054ADA6AAB84659AB20D137747ACF	43008	----a-w-	C:\Windows\System32\srclient.dll
2015-08-14 17:19:20	A2C5FAE51BC43B29525AAA5BF0B31259	50176	----a-w-	C:\Windows\System32\auditpol.exe
2015-08-14 17:19:20	87E79A9E584AF26A3A5AF6FA059DAAB2	100352	----a-w-	C:\Windows\System32\sspicli.dll
2015-08-14 17:19:20	51C161D5638465251857B2207BD535CB	172032	----a-w-	C:\Windows\System32\wdigest.dll
2015-08-14 17:19:20	4C2D57F3DDBC07D3CC59160CDC400AC0	65536	----a-w-	C:\Windows\System32\TSpkg.dll
2015-08-14 17:19:20	3AD57B7A84035A05079226D1DE47E771	22528	----a-w-	C:\Windows\System32\lsass.exe
2015-08-14 17:19:19	75706C0F199BC7658A98BEE452964587	36864	----a-w-	C:\Windows\System32\cryptbase.dll
2015-08-14 17:19:19	3982911B4C4F42B156D7347C1543CF9F	22016	----a-w-	C:\Windows\System32\secur32.dll
2015-08-14 17:19:18	8A82C9C4A205266DC22BB1C8F2E1AB2D	17408	----a-w-	C:\Windows\System32\credssp.dll
2015-08-14 17:19:18	7C4DA8744933EB6B39D07F2DD15E3161	10752	----a-w-	C:\Windows\System32\msmmsp.dll
2015-08-14 17:19:18	2633FEE743529A901B2C1569865CA38C	15872	----a-w-	C:\Windows\System32\sspisrv.dll
2015-08-14 17:19:16	D5F9C627C221A3B4B6944EDBE90D642C	60416	----a-w-	C:\Windows\System32\msobjs.dll
2015-08-14 17:19:16	C899E7E3A4F42B802DA1E97F9908BD26	6656	----a-w-	C:\Windows\System32\apisetschema.dll
2015-08-14 17:19:16	1EA1328207A915C9EB10AA1D102C0B52	686080	----a-w-	C:\Windows\System32\adtschema.dll
2015-08-14 17:19:16	008BDC16E15B3B6EFB6E8B6684022F36	146432	----a-w-	C:\Windows\System32\msaudite.dll
2015-08-14 17:18:48	EA1BE72A8CD5CEA7B6E6649D1FD78BA1	1241088	----a-w-	C:\Windows\System32\msxml3.dll
2015-08-14 17:18:48	B6F9E4CDA3069B03F654B650A5379E60	2048	----a-w-	C:\Windows\System32\msxml3r.dll
2015-08-14 17:18:48	127EE7F36CEA127ECCA55BECBC230398	2048	----a-w-	C:\Windows\System32\msxml6r.dll
2015-08-14 17:18:48	121E2E789BE080EB86DA71F95B611DF2	1390592	----a-w-	C:\Windows\System32\msxml6.dll
2015-08-12 17:59:11	4FA66A573E9A45D05AD5A25B1E76A35D	103120	----a-w-	C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 17:36:03	A4F6DF0E33E644E802C8798ED94D80EA	179712	----a-w-	C:\Windows\System32\notepad.exe
====== C:\Windows\system32\drivers =====
2015-08-19 14:35:29	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\38103298.sys
2015-08-17 10:23:43	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\31CE55A2.sys
2015-08-17 10:21:57	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\254E5445.sys
2015-08-14 17:19:24	BAD9C0366134BA181514E9263C8CE606	78784	----a-w-	C:\Windows\System32\drivers\mountmgr.sys
2015-08-14 17:19:22	48732BFA0C692BEC15DBBFE754E594C6	67520	----a-w-	C:\Windows\System32\drivers\ksecdd.sys
2015-08-14 17:19:21	46B1F590C06AF25BCADCCAE0148C2074	137664	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2015-08-14 17:19:17	FEDAAB6716B44DE8B9EFC14DD9A26215	124416	----a-w-	C:\Windows\System32\drivers\mrxsmb.sys
2015-08-14 17:19:17	77DD652AB8708CDB55FDB7073B868784	225792	----a-w-	C:\Windows\System32\drivers\mrxsmb10.sys
2015-08-14 17:19:16	4ACDB6414918D8920875B00B286E1FBC	98304	----a-w-	C:\Windows\System32\drivers\mrxsmb20.sys
====== C:\Windows\Tasks ======
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C: =====
2015-08-07 15:13:57	93B885ADFE0DA089CDF634904FD59F71	1	--sha-w-	C:\BOOTNXT
====== C:\Users\fred\AppData\Roaming ======
2015-08-25 10:05:37	--------	d-----w-	C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp
2015-08-25 10:05:37	--------	d-----w-	C:\Users\Public\AppData\Local\temp
2015-08-25 10:05:35	--------	d-----w-	C:\Users\Default\AppData\Local\temp
2015-08-25 10:05:35	--------	d-----w-	C:\Users\Default User\AppData\Local\temp
2015-08-16 09:45:07	--------	d-----w-	C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2015-08-07 17:58:03	--------	d-s---w-	C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft
====== C:\Users\fred ======
2015-08-15 09:22:14	B586A8C3E055964B69419223D866E4BF	2249472	----a-w-	C:\Users\fred\Desktop\HWVendorDetection.exe

====== C: exe-files ==
2015-08-25 14:15:13	51CF04C8E98E443859493929554FA55E	544	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2745406066-188088592-2588830699-1001\$I3B3ZDG.exe
2015-08-24 10:43:55	8685FAF50C04F9A9C2F56FF64B0B7ACB	1107968	----a-w-	C:\$RECYCLE.BIN\S-1-5-21-2745406066-188088592-2588830699-1001\$R3B3ZDG.exe
2015-08-24 10:06:36	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files\Google\Update\Install\{631C26A0-CBFA-4595-822A-088F0A4A401F}\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-24 10:06:36	E2AB465A4F48E9E64FE028374249B881	981584	----a-w-	C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.157\44.0.2403.157_44.0.2403.155_chrome_updater.exe
2015-08-21 10:15:05	55AD51CE0B02D2057654CD87A4494BFA	312872	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgDirSize.exe
2015-08-21 10:15:04	B2158A56A7F91115675D65D9404A99AE	137256	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgBootMonitor.exe
2015-08-21 10:15:04	5B8515F640A04B1B381A0F2A1BA67EC1	82984	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgDelayStartup.exe
2015-08-21 10:14:30	92DB3211EFA1413E3821F421461AF874	336424	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BackupShellTransfer.exe
2015-08-21 10:14:27	76D2E4631018681442CF57A26B105097	251944	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BackupRun.exe
2015-08-21 10:14:13	222C8FB1C65F3A8804FEFD1E81203C82	238120	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardScanner.exe
2015-08-21 10:14:12	BA38E552A99F2D0B171F9DC6C2E5ECD4	552488	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardBhvScanner.exe
2015-08-21 10:14:08	480195EAEC80BD94F9AB13A95725824A	235048	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BsMailProxy\BgCertUtil32.exe
2015-08-21 10:14:07	A710B85D2FE113DD3C0CCBAD9060129E	198184	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgSecErase.exe
2015-08-21 10:14:05	5E2A286023A8C9214FB336B949DC0F4E	296488	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgLogViewer.exe
2015-08-21 10:14:05	2DA01E0A3F6609BE3CCA39D70B551916	398376	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgScan.exe
2015-08-21 10:14:04	400F4968A90A7843F38402964E4AE120	117800	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\UpdatePatcher.exe
2015-08-21 10:14:03	0F16D53D816FEA880DF3767C64A226FF	1139752	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\ManualUpdate.exe
2015-08-21 10:14:01	F7CA0D35A8D27648792B29AE2B5C63F6	2081832	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate2.exe
2015-08-21 10:14:00	60ECC31D11880BDB6D5B3CFC64B3ADD8	623112	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Uninst.exe
2015-08-21 10:13:53	C36E97E3E48130F04D872F7451BDA8A4	272696	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\Instalator.exe
2015-08-21 10:13:50	42A1185DD3CD12E82E7B4CA25636DC55	1079336	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuard.exe
2015-08-21 10:13:49	F6C641F35A2555DEBF3F665B2577A15B	159272	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgProbe.exe
2015-08-21 10:13:49	59574ACA95B1EF709FCEA1F3E8EA5B77	132136	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgNag.exe
2015-08-21 10:13:49	02EF9C5D7326317D70D2E4B551010EAE	74792	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgRegister.exe
2015-08-21 10:13:48	7B75AA5E70CA258291CF7BB938CE3E33	69672	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BgLauncher.exe
2015-08-21 10:13:39	B2158A56A7F91115675D65D9404A99AE	137256	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgBootMonitor.exe
2015-08-21 10:13:39	A710B85D2FE113DD3C0CCBAD9060129E	198184	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgSecErase.exe
2015-08-21 10:13:39	7B75AA5E70CA258291CF7BB938CE3E33	69672	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgLauncher.exe
2015-08-21 10:13:39	400F4968A90A7843F38402964E4AE120	117800	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\UpdatePatcher.exe
2015-08-21 10:13:39	02EF9C5D7326317D70D2E4B551010EAE	74792	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgRegister.exe
2015-08-21 10:13:38	F7CA0D35A8D27648792B29AE2B5C63F6	2081832	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BullGuardUpdate2.exe
2015-08-21 10:13:38	F6C641F35A2555DEBF3F665B2577A15B	159272	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgProbe.exe
2015-08-21 10:13:38	5B8515F640A04B1B381A0F2A1BA67EC1	82984	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgDelayStartup.exe
2015-08-21 10:13:38	59574ACA95B1EF709FCEA1F3E8EA5B77	132136	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgNag.exe
2015-08-21 10:13:38	2DA01E0A3F6609BE3CCA39D70B551916	398376	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgScan.exe
2015-08-21 10:13:38	0F16D53D816FEA880DF3767C64A226FF	1139752	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\ManualUpdate.exe
2015-08-21 10:13:37	76D2E4631018681442CF57A26B105097	251944	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BackupRun.exe
2015-08-21 10:13:37	480195EAEC80BD94F9AB13A95725824A	235048	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BsMailProxy\BgCertUtil32.exe
2015-08-21 10:13:37	222C8FB1C65F3A8804FEFD1E81203C82	238120	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BullGuardScanner.exe
2015-08-21 10:13:36	F3D57D4CBFC801F464D45664EE925ABA	552488	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BullGuardBhvScanner.exe
2015-08-21 10:12:53	5E2A286023A8C9214FB336B949DC0F4E	296488	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgLogViewer.exe
2015-08-21 10:12:52	92DB3211EFA1413E3821F421461AF874	336424	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BackupShellTransfer.exe
2015-08-21 10:12:45	55AD51CE0B02D2057654CD87A4494BFA	312872	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BgDirSize.exe
2015-08-21 10:12:45	42A1185DD3CD12E82E7B4CA25636DC55	1079336	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BullGuard.exe
2015-08-21 10:12:43	C36E97E3E48130F04D872F7451BDA8A4	272696	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\Instalator.exe
2015-08-21 10:12:34	60ECC31D11880BDB6D5B3CFC64B3ADD8	623112	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\Uninst.exe
2015-08-19 14:39:16	749D371B4FDAE88EE2683A3EE9D7B005	339496	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\BullGuardUpdate.exe
2015-08-19 14:39:16	749D371B4FDAE88EE2683A3EE9D7B005	339496	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuardUpdate.exe
=== C: other files ==
2015-08-25 13:35:45	DE0983FE4B830699312D35A990B3AE1B	1945	----a-w-	C:\Users\fred\AppData\Local\Temp\_MEI52562\resources\chrome_ext\nknebiagdodnminbdpflhpkgfpeijdbf_live.crx
2015-08-25 13:35:45	82F5C942549405F61A8808D0EA0FA9E2	25575	----a-w-	C:\Users\fred\AppData\Local\Temp\_MEI52562\resources\chrome_ext\apdfllckaahabafndbhieahigkjlhalf_live.crx
2015-08-21 10:14:26	B3ED3395EDD1A0AA41D427EF03C5D2D8	465072	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\fwengine\afw\x64\VistaRelease\DriverPackage\afwcore.sys
2015-08-21 10:14:26	20A097D973450A0947F5A20AAF017C4B	52904	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\fwengine\afw\x64\VistaRelease\DriverPackage\afw.sys
2015-08-21 10:14:25	1DA2678F21EBE748E4B8D7538009DDE5	338608	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\fwengine\afw\Win32\VistaRelease\DriverPackage\afwcore.sys
2015-08-21 10:14:25	155CFD67260DD33A6EF439C234DB5E83	44720	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\fwengine\afw\Win32\VistaRelease\DriverPackage\afw.sys
2015-08-21 10:14:24	91C11B6FBE29791A5666E08D5D54DFC8	6033	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\fwengine\afw\on_pre_install.vbs
2015-08-21 10:14:21	4CEFA7C8187E27984E47C23ED8C20359	20216	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\xp\x86\NSNetmon.sys
2015-08-21 10:14:20	D7806FA5D999D18F83C950B452C1BB58	822456	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\xp\x86\NSKernel.sys
2015-08-21 10:14:19	E60390ADD73010C5605732CC6301A8DA	224480	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win8\x86\NSKernel.sys
2015-08-21 10:14:19	B6FDBC38510EB7B6C5EEEE7C29A98CCF	275888	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win8\x64\NSKernel.sys
2015-08-21 10:14:18	30136B20B04AFDED6200EA32FAB6431C	21600	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win7\x86\NSNetmon.sys
2015-08-21 10:14:17	A3BCC40A1C3A4566BDAABE09A2AD6F73	264688	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win7\x86\NSKernel.sys
2015-08-21 10:14:17	7F8920F108E4454A0B252C5C26B73A1B	26776	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win7\x64\NSNetmon.sys
2015-08-21 10:14:17	4BC76AC961C2AE75F8494BB6E31A0330	325488	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\win7\x64\NSKernel.sys
2015-08-21 10:14:16	11F4204BD386F515A69590629B8573D7	21088	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\vista\x86\NSNetmon.sys
2015-08-21 10:14:15	93835EA544A8B47E8155D71186D4E804	285824	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\vista\x64\NSKernel.sys
2015-08-21 10:14:15	6249F8BC900BD9033607C75BEBFBBF88	26264	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\vista\x64\NSNetmon.sys
2015-08-21 10:14:15	36F6B36CA025769650426242668411E8	241528	----a-w-	C:\Program Files\BullGuard Ltd\BullGuard Antivirus\NovaShield\driver\vista\x86\NSKernel.sys
2015-08-21 10:13:40	20A097D973450A0947F5A20AAF017C4B	52904	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\fwengine\afw\x64\VistaRelease\DriverPackage\afw.sys
2015-08-21 10:13:39	B3ED3395EDD1A0AA41D427EF03C5D2D8	465072	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\fwengine\afw\x64\VistaRelease\DriverPackage\afwcore.sys
2015-08-21 10:13:39	91C11B6FBE29791A5666E08D5D54DFC8	6033	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\fwengine\afw\on_pre_install.vbs
2015-08-21 10:13:39	1DA2678F21EBE748E4B8D7538009DDE5	338608	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\fwengine\afw\Win32\VistaRelease\DriverPackage\afwcore.sys
2015-08-21 10:13:39	155CFD67260DD33A6EF439C234DB5E83	44720	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\fwengine\afw\Win32\VistaRelease\DriverPackage\afw.sys
2015-08-21 10:13:02	4CEFA7C8187E27984E47C23ED8C20359	20216	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\xp\x86\NSNetmon.sys
2015-08-21 10:13:01	11F4204BD386F515A69590629B8573D7	21088	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x86\NSNetmon.sys
2015-08-21 10:13:00	30136B20B04AFDED6200EA32FAB6431C	21600	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x86\NSNetmon.sys
2015-08-21 10:12:56	6249F8BC900BD9033607C75BEBFBBF88	26264	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x64\NSNetmon.sys
2015-08-21 10:12:55	7F8920F108E4454A0B252C5C26B73A1B	26776	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x64\NSNetmon.sys
2015-08-21 10:12:47	D7806FA5D999D18F83C950B452C1BB58	822456	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\xp\x86\NSKernel.sys
2015-08-21 10:12:46	E60390ADD73010C5605732CC6301A8DA	224480	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win8\x86\NSKernel.sys
2015-08-21 10:12:46	B6FDBC38510EB7B6C5EEEE7C29A98CCF	275888	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win8\x64\NSKernel.sys
2015-08-21 10:12:46	A3BCC40A1C3A4566BDAABE09A2AD6F73	264688	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x86\NSKernel.sys
2015-08-21 10:12:46	4BC76AC961C2AE75F8494BB6E31A0330	325488	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\win7\x64\NSKernel.sys
2015-08-21 10:12:44	93835EA544A8B47E8155D71186D4E804	285824	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x64\NSKernel.sys
2015-08-21 10:12:44	36F6B36CA025769650426242668411E8	241528	----a-w-	C:\ProgramData\BullGuard\Update\Download\APPDIR\NovaShield\driver\vista\x86\NSKernel.sys
2015-08-19 14:35:29	739164A8B8FB2F1B50A498F20AF7B21E	98520	----a-w-	C:\Windows\System32\drivers\38103298.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Copy"="C:\Users\fred\AppData\Roaming\Copy\CopyAgent.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

[HKEY_USERS\S-1-5-21-2745406066-188088592-2588830699-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\fred\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Dropbox Update"="C:\Users\fred\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"Copy"="C:\Users\fred\AppData\Roaming\Copy\CopyAgent.exe"
"Bitdefender Wallet Agent"="C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"
"Bitdefender Wallet"="C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe --hidden --nowizard"
"Bitdefender Wallet Application Agent"="C:\Program Files\Bitdefender\Bitdefender\bdapppassmgr.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s"
"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"
"LManager"="C:\Program Files\Launch Manager\LManager.EXE"
"BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"BullGuard"="C:\Program Files\BullGuard Ltd\BullGuard Antivirus\BullGuard.exe -boot"
"BullGuardUpdate2"="c:\program files\bullguard ltd\bullguard antivirus\BullGuardUpdate2.exe"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"="C:\Users\fred\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe /autostart"
"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"
"Dropbox Update"="C:\Users\fred\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c"
"ISUSPM"="C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe -scheduler"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BingSvc]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="BingSvc"
"hkey"="HKCU"
"command"="C:\\Users\\fred\\AppData\\Local\\Microsoft\\BingSvc\\BingSvc.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CCleaner Monitoring]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="CCleaner Monitoring"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\CCleaner\\CCleaner.exe\" /MONITOR"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\MusicManager]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="MusicManager"
"hkey"="HKCU"
"command"="\"C:\\Users\\fred\\AppData\\Local\\Programs\\Google\\MusicManager\\MusicManager.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OneDrive]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="OneDrive"
"hkey"="HKCU"
"command"="\"C:\\Users\\fred\\AppData\\Local\\Microsoft\\OneDrive\\OneDrive.exe\" /background"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PMBVolumeWatcher]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="PMBVolumeWatcher"
"hkey"="HKLM"
"command"="C:\\Program Files\\Sony\\PlayMemories Home\\PMBVolumeWatcher.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify"
"hkey"="HKCU"
"command"="\"C:\\Users\\fred\\AppData\\Roaming\\Spotify\\Spotify.exe\" /uri spotify:autostart"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Spotify Web Helper]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Spotify Web Helper"
"hkey"="HKCU"
"command"="\"C:\\Users\\fred\\AppData\\Roaming\\Spotify\\Data\\SpotifyWebHelper.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="swg"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\WordWeb]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="WordWeb"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\WordWeb\\wweb32.exe\" -startup"


[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]
"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""


==== Startup Folders ======================

2015-08-16 09:43:41	1134	----a-w-	C:\Users\fred\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001Core.job --a------ [Undetermined Task]
C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001UA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001Core.job --a------ [Undetermined Task]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001UA.job --a------ [Undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001Core" [C:\Users\fred\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001UA" [C:\Users\fred\AppData\Local\Dropbox\Update\DropboxUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001Core" [C:\Users\fred\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\GoogleUpdateTaskUserS-1-5-21-2745406066-188088592-2588830699-1001UA" [C:\Users\fred\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\system32\tasks\iSCSIAgentAutoStartup" ["C:\Program Files\QNAP\Qfinder\iSCSIAgent.exe"]
"C:\Windows\system32\tasks\NetBak-freddy-fred-AutoStartup" ["C:\Program Files\QNAP\NetBak\NetBak.exe"]
"C:\Windows\system32\tasks\{4D6C9A93-34E8-43CA-866F-9D71FD8A6E98}" [C:\Program Files\QNAP\NetBak\NetBak.exe]
"C:\Windows\system32\tasks\Sony Corporation\Sony Home Network Library\SOHLib SOHDms" [C:\Program Files\Common Files\Sony Shared\SOHLib\SOHDms.exe]

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\fred\AppData\Roaming\Mozilla\Firefox\Profiles\p1l2hsr7.default
user_pref("browser.startup.homepage", "http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=nl-be");
user_pref("browser.search.defaultenginename", "Bing ");
user_pref("browser.search.selectedEngine", "Bing ");
user_pref("keyword.URL", "http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [28/04/2015 17:57]

==== Firefox Extensions ======================

ProfilePath: C:\Users\fred\AppData\Roaming\Mozilla\Firefox\Profiles\p1l2hsr7.default
- Undetermined - C:\Program Files\IObit Apps Toolbar\FF

ProfilePath: C:\Users\fred\AppData\Roaming\TomTom\HOME\Profiles\i9noli0l.default
- Map status indicator - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.8.415.1240@tomtom.com
- Emulator - %ProfilePath%\extensions\Navcore.9.510.1234792@tomtom.com

AppDir: C:\Program Files\Mozilla Firefox
- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

==== Firefox Plugins ======================

Profilepath: C:\Users\fred\AppData\Roaming\Mozilla\Firefox\Profiles\p1l2hsr7.default
6BEAD7859E8A087BE04556AB5A78855C	- C:\Users\fred\AppData\Roaming\Mozilla\plugins\npo1d.dll -	Google Talk Plugin Video Renderer
49D429EBF5305FC9ADD7545B7C914333	- C:\Users\fred\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll -	Google Talk Plugin
0FFC7C7A12BD7B0465D97E7745287370	- C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll -	Adobe Acrobat
A9E98D1FCB614713E87149FCBE8459F2	- C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll -	Adobe Acrobat
3B00376AE69AC2E815425E54DEBFF750	- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll -	Photo Gallery
15E298B5EC5B89C5994A59863969D9FF	- C:\Windows\system32\npmproxy.dll -	Microsoft� Windows� Operating System


==== Chromium Look ======================

Google Chrome Version: 44.0.2403.157

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
fcfenmboojpjinhpgggodefccipikbpd - No path found[]
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

Google Slides - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek
Google Docs - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail Offline - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk
Show mini player - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi
Google Sheets - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap
AdBlock - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Google Calendar by Google - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbgaklkmjakoegficnlkhebmhkjfich
Google Play Music - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg
Google Drive App Launcher - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh
Chrome Web Store Payments - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - fred\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Startpages ======================

C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Preferences
cpPromoDismissed\":false,\"selectedDestinationId\":\"Save as PDF\",\"selectedDestinationOrigin\":\"local\",\"selectedDestinationAccount\":\"\",\"selectedDestinationCapabilities\":null,\"selectedDestinationName\":\"Opslaan als pdf\",\"selectedDestinationExtensionId\":\"\",\"selectedDestinationExtensionName\":\"\",\"mediaSize\":{\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"width_microns\":210000,\"custom_display_name\":\"A4\"},\"customMargins\":null,\"vendorOptions\":{},\"marginsType\":0}","savePath":"C:\\Users\\fred\\Desktop"}},"profile":{"avatar_bubble_tutorial_shown":2,"avatar_index":0,"block_third_party_cookies":true,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"https://[*.]mail.google.com:443,*":{"setting":1}},"cookies":{},"fullscreen":{"https://[*.]plus.google.com:443,*":{"setting":1},"https://[*.]www.youtube.com:443,*":{"setting":1}},"geolocation":{"https://plus.google.com:443,https://plus.google.com:443":{"setting":1}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{"https://mail.google.com:443,*":{"setting":1}},"plugins":{"*,*":{"per_resource":{"npsitesafety.dll":1,"silverlight":1}},"[*.]java.com,*":{"setting":1},"[*.]www.voxopop.com,*":{"setting":1}},"popups":{"[*.]www.mobistar.be,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1,"silverlight":1}},"[*.]java.com,*":{"plugins":1},"[*.]www.mobistar.be,*":{"popups":1},"[*.]www.voxopop.com,*":{"plugins":1},"https://[*.]mail.google.com:443,*":{"multiple-automatic-downloads":1},"https://[*.]plus.google.com:443,*":{"fullscreen":1},"https://[*.]www.youtube.com:443,*":{"fullscreen":1},"https://mail.google.com:443,*":{"notifications":1},"https://plus.google.com:443,https://plus.google.com:443":{"geolocation":1}},"plugin_whitelist":{"adobe-flash-player":false,"npsitesafety":{"dll":true},"silverlight":true},"pref_version":1},"created_by_version":"41.0.2272.89","exit_type":"Normal","exited_cleanly":true,"gaia_info_picture_url":"https://lh6.googleusercontent.com/-KBwNKP0-YXM/AAAAAAAAAAI/AAAAAAAAB_s/mKq_2M7kZjM/s256-c/photo.jpg","gaia_info_update_time":"13084977434346040","icon_version":3,"managed_user_id":"","managed_users":{},"migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","password_manager_enabled":false,"per_host_zoom_levels":{}},"protection":{"macs":{}},"reverse_autologin":{"enabled":false},"savefile":{"default_directory":"C:\\Users\\fred\\Desktop"},"selectfile":{"last_directory":"C:\\Users\\fred\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13070569862007133"},"signin":{"signedin_time":"13072796624865858"},"spellcheck":{"dictionary":"en-GB"},"sync":{"acknowledged_types":["Bookmarks","Preferences","Passwords","Autofill Profiles","Autofill","Themes","Typed URLs","Extensions","Search Engines","Sessions","Apps","App settings","Extension settings","History Delete Directives","Dictionary","Favicon Images","Favicon Tracking","Device Info","Priority Preferences","Managed User Settings","Managed Users","Managed User Shared Settings","Articles","App List","WiFi Credentials","Managed User Whitelists","Tabs","Encryption keys"],"app_list":true,"app_settings":true,"apps":true,"autofill":true,"autofill_profile":true,"autofill_wallet":true,"bookmarks":true,"dictionary":true,"encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGAp+nMp+YEeUb2/Fq9NWrQAAAAACAAAAAAAQZgAAAAEAACAAAADBtzGLaF5eSnC+Tusmey0vuKxNqQQkAvoZcrWfwlTDsQAAAAAOgAAAAAIAACAAAAAKP6vszF1zHHTrklxvtOJUF7quBlGRR8WFp7NqCpZkgkAAAACsetKv5deJBroiL/DJnp3R8jPI5ZbGKbTIxbwodj8LSZIFLWw7C+a3KBTgIgNtwfGsSm5oavZ90u2a/3Nsn3ZWQAAAALt1itNyYg4oAwmcsFCvGIIMsM2/qNI51mk+y2l9JKQPjRnVSF2WaDsx4okpmPgnjxdzuw2l1Ora448mzGpntS0=","extension_settings":true,"extensions":true,"favicon_images":true,"favicon_tracking":true,"first_sync_time":"13072796627648858","has_setup_completed":true,"history_delete_directives":true,"keep_everything_synced":true,"keystore_encryption_bootstrap_token":"AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAGAp+nMp+YEeUb2/Fq9NWrQAAAAACAAAAAAAQZgAAAAEAACAAAABEnVd8anJO72Cfty8mi+R3+Mhy3b4Zw7wgLIQCQ81IvwAAAAAOgAAAAAIAACAAAAAZ+6HYqdVMfEftneONUr576GXyxRUbbkVKGR3eOF5X7VAAAAATBV2eXcI+JLDBzEChIFS435x2S3VlhShG3UUDstgZSdtj6XQKiQ/q3RRAoz4D0PY0z27W/DPhtp3l/3yoHve738dZiM128VqEvTIEytL5REAAAAB6bTPMMVYKYuQZ+i/Lh9GImd3Gj8yx8gUbYCfKrzH5nk0GP69jEh/mNMce7tPL+bvU9hN+TJoUtmKkeisaMiql","last_synced_time":"13085063750187041","managed_user_settings":true,"managed_user_shared_settings":true,"managed_user_whitelists":true,"managed_users":true,"memory_warning_count":7,"passwords":true,"preferences":true,"priority_preferences":true,"search_engines":true,"session_sync_guid":"session_syncN1bILSRTEZKhAciCStuoqA==","sessions":true,"shutdown_cleanly":true,"suppress_start":false,"tabs":true,"themes":true,"typed_urls":true},"sync_promo":{"user_skipped":true},"translate":{"enabled":true},"translate_accepted_count":{"be":0,"de":0,"en":1,"fr":0,"ru":0,"sk":2,"zh-TW":0},"translate_blocked_languages":["de","en","nl"],"translate_denied_count":{"be":2,"de":1,"en":0,"fr":7,"ru":1,"sk":0,"zh-TW":1},"translate_language_blacklist":["en"],"translate_last_denied_time":1.426165e+12,"translate_site_blacklist":["uk.groups.yahoo.com","uk.mg41.mail.yahoo.com","www.voxopop.com"],"translate_too_often_denied":true,"translate_whitelists":{"pl":"nl"},"zerosuggest":{"cachedresults":""}}


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.standaard.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.standaard.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{DE0A7B1E-E506-493E-814D-791E948C0259}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox"
{DE0A7B1E-E506-493E-814D-791E948C0259} Google  Url="http://www.google.be/search?hl=nl&q={searchTerms}&sourceid=ie8&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}&rlz=1I7GGHP_nlBE519"

==== Empty IE Cache ======================

C:\Users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\fred\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\fred\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\fred\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=97 folders=46 50315416 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\fred\AppData\Local\Temp will be emptied at reboot
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\fred\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on wo 26/08/2015 at 15:28:57,90 ======================