Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by jan on wo 26/08/2015 at 20:59:26,18. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\jan\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2013-09-29-171736.log 26160 bytes C:\zoek-results2013-10-02-182307.log 28164 bytes C:\zoek-results2013-10-02-183411.log 39010 bytes C:\zoek-results2014-05-30-204754.log 23756 bytes ==== Empty Folders Check ====================== C:\Program Files\Malwarebytes' Anti-Malware deleted successfully C:\Program Files\ParetoLogic deleted successfully C:\Program Files\TweakBit deleted successfully C:\PROGRA~2\APN deleted successfully C:\Users\administrator001\AppData\Roaming\Google deleted successfully C:\Users\jan\AppData\Roaming\Malwarebytes deleted successfully C:\Users\jan\AppData\Roaming\Systweak deleted successfully C:\Users\administrator001\AppData\Local\VirtualStore deleted successfully C:\Users\hilde\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2578272341-3324075177-2043743870-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_USERS\S-1-5-21-2578272341-3324075177-2043743870-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_CLASSES_ROOT\CLSID\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Bonjour Service deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Bonjour Service deleted successfully ==== Deleting Files \ Folders ====================== C:\Program Files\ParetoLogic not found C:\Program Files\TweakBit not found C:\Program Files\ParetoLogic not found C:\Program Files\Common Files\ParetoLogic deleted C:\Users\jan\AppData\Roaming\ParetoLogic deleted C:\Users\jan\AppData\Roaming\DriverCure deleted C:\ProgramData\ParetoLogic deleted C:\ProgramData\TweakBit deleted C:\Program Files\Warner Bros. Interactive Entertainment deleted C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic deleted C:\Windows\tasks\ParetoLogic Registration3.job deleted C:\Windows\tasks\ParetoLogic Update Version3.job deleted C:\Windows\system32\tasks\ParetoLogic Registration3 deleted C:\Windows\system32\tasks\ParetoLogic Update Version3 deleted C:\Windows\tasks\PC Health Advisor Defrag.job deleted C:\Windows\tasks\PC Health Advisor.job deleted C:\Windows\system32\tasks\PC Health Advisor deleted C:\Windows\system32\tasks\PC Health Advisor Defrag deleted C:\Windows\system32\config\systemprofile\Searches deleted C:\Windows\system32\roboot.exe deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\jan\AppData\Local\Temp ==== 2015-08-26 17:25:51 00B74A1D7EC6F1BEC852FF1347E29E81 585824 ----a-w- C:\Users\jan\AppData\Local\Temp\jre-8u60-windows-au.exe 2015-08-26 14:02:41 E6794640B6725B5606EEB67D53F03D14 71168 ----a-w- C:\Users\jan\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpetw_pr.dll 2015-08-20 21:31:23 C1A9CAFB63831DB7C752E3E34798D713 345600 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\WimProvider.dll 2015-08-20 21:31:23 A399514D3B28C9A3453A486BBAAFF1C7 189952 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\wdscore.dll 2015-08-20 21:31:22 F7B53B4BD50C13D17F5C54F82CDE7836 82944 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DismHost.exe 2015-08-20 21:31:22 E8204977BC6E3688C230997A3439D9C9 50688 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DismCorePS.dll 2015-08-20 21:31:22 E2F5147A72BFAD06DD4FCAA87B0D5E19 347648 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\TransmogProvider.dll 2015-08-20 21:31:22 D63E6549994AA674244DF0D865CB3E18 230912 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DismCore.dll 2015-08-20 21:31:22 D4325A0D58442D54E9EC1AFDAEFE42A7 242688 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\UnattendProvider.dll 2015-08-20 21:31:22 CC0BDDF6D62624EDA518314145085E0A 318464 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DmiProvider.dll 2015-08-20 21:31:22 BC72ACDF946DCEBF708F2CE12E2E2F68 159744 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\MsiProvider.dll 2015-08-20 21:31:22 9A792DF9EC185DB78926625D538138FF 49152 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\FolderProvider.dll 2015-08-20 21:31:22 8DEA6A74055FCBC2130F870B2A13ACE8 141312 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DismProv.dll 2015-08-20 21:31:22 7E3CB248FAB83B591F4E94E8CEB0093E 141312 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\CompatProvider.dll 2015-08-20 21:31:22 6FC7A015931E5AB3E588E9811CDACAF5 89600 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\LogProvider.dll 2015-08-20 21:31:22 66CD52C26F0EEA6FC4B6610BC271DA2C 541184 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\CbsProvider.dll 2015-08-20 21:31:22 65F53BBA060110B4D914CCBA59601A97 220160 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\SmiProvider.dll 2015-08-20 21:31:22 48FCFB47484EA1C24C32D24DEA1A64E4 250880 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\IntlProvider.dll 2015-08-20 21:31:22 4270B20EDB0BB5C22530F55912A3AF08 102912 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\OSProvider.dll 2015-08-19 21:02:02 E0601892310C0340B1677DF8733EB195 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_PCSupportBar\GASender.exe 2015-08-19 21:02:02 6BE2D22B9BE53A13CF5EE6D4C66D6667 728520 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_PCSupportBar\GoogleAnalyticsHelper.dll 2015-08-19 21:00:08 D8D73378C09FCA91502B186CE019DD5B 6250296 ----a-w- C:\Users\jan\AppData\Local\Temp\pc-support-bar-setup.exe 2015-08-19 20:57:41 E0601892310C0340B1677DF8733EB195 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del__iu14D2N\GASender.exe 2015-08-19 20:57:41 6BE2D22B9BE53A13CF5EE6D4C66D6667 728520 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del__iu14D2N\GoogleAnalyticsHelper.dll 2015-08-19 20:57:24 FC71D51ECAC99EECDA669EB70ECDB3CB 457672 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_FixMyPC\GASender.exe 2015-08-19 20:57:24 C9B7071740CDB11F80647B81CBF3C25E 734152 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_FixMyPC\GoogleAnalyticsHelper.dll 2015-08-19 20:46:16 5C3A6D4B54AD990ED8E00AF89C36C0FA 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_pc-cleaner-setup\GASender.exe 2015-08-19 20:46:16 127234A104FD4059B82AA117FF77AC00 789448 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_pc-cleaner-setup\GoogleAnalyticsHelper.dll 2015-08-19 20:45:43 FC71D51ECAC99EECDA669EB70ECDB3CB 457672 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_fix-my-pc-setup\GASender.exe 2015-08-19 20:45:43 C9B7071740CDB11F80647B81CBF3C25E 734152 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_fix-my-pc-setup\GoogleAnalyticsHelper.dll 2015-08-19 20:45:43 51976EECD8A3398356AC2D9B8B8E7D52 8043720 ----a-w- C:\Users\jan\AppData\Local\Temp\pc-cleaner-setup.exe 2015-08-12 20:02:10 B3EA21CB13192CAB63584035989C70F0 457672 ----a-w- C:\Users\administrator001\AppData\Local\temp\_Del_pc-cleaner-setup\GASender.exe 2015-08-12 20:02:10 7051FDE7478F893B43F0A5913BCC8670 734152 ----a-w- C:\Users\administrator001\AppData\Local\temp\_Del_pc-cleaner-setup\GoogleAnalyticsHelper.dll 2015-08-12 20:01:48 B1D003F426BEC5492E815C37165A407E 733128 ----a-w- C:\Users\administrator001\AppData\Local\temp\_Del_2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup\GoogleAnalyticsHelper.dll 2015-08-12 20:01:48 3F1C0DA7F9F729D7CAF37F3C86E8616B 457672 ----a-w- C:\Users\administrator001\AppData\Local\temp\_Del_2AC02BED-480E-4564-9122-78206DF1326C_fixmypc_setup\GASender.exe 2015-08-12 20:01:37 F8FAFB120B8EFAF3B96E9C7390B34464 23496 ----a-w- C:\Users\administrator001\AppData\Local\temp\is-E5KNL.tmp\downloader.exe ====== Java Cache ===== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== 2015-08-12 20:01:45 -------- d-----w- C:\Windows\system32\Tasks\TweakBit ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-08-26 17:28:20 -------- d-----w- C:\Program Files\Common Files\Java 2015-08-02 09:12:01 -------- d-----w- C:\Program Files\Microsoft Windows 7 Upgrade Advisor ======= C: ===== ====== C:\Users\jan\AppData\Roaming ====== 2015-08-26 17:27:42 -------- d-----w- C:\Users\jan\AppData\Roaming\Sun 2015-08-26 17:25:58 -------- d-----w- C:\Users\jan\AppData\Locallow\Oracle 2015-08-15 07:16:39 -------- d-----w- C:\Users\jan\AppData\Local\Microsoft Corporation 2015-08-12 20:01:35 -------- d-----w- C:\Users\administrator001\AppData\Local\Programs 2015-08-11 18:04:52 -------- d-----w- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox 2015-08-02 10:23:25 -------- d-----w- C:\Users\administrator001\AppData\Local\Diagnostics 2015-08-02 09:58:45 -------- d-----w- C:\Users\administrator001\AppData\Local\Microsoft Corporation ====== C:\Users\jan ====== 2015-08-26 17:27:42 -------- d-----w- C:\Users\jan\.oracle_jre_usage 2015-08-12 20:01:42 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TweakBit 2015-08-12 20:01:06 E50933A9E022D3F96787F3DE4ACFF330 411792 ----a-w- C:\Users\administrator001\Downloads\fix_Windows Update-setup.exe ====== C: exe-files == 2015-08-26 18:54:21 C0B2E6A07A354CA536E8DABD938DE9F4 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2578272341-3324075177-2043743870-1001\$I66TL3R.exe 2015-08-26 17:26:41 BDFF5086FC1F20E631A070EEF43A7BEC 16480 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\tnameserv.exe 2015-08-26 17:26:41 B804A4E31F4BAD4D5BA05FE684756BA2 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\servertool.exe 2015-08-26 17:26:41 7A0DE452F677EF2971C7B75B0267B6ED 50784 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\ssvagent.exe 2015-08-26 17:26:41 6A5A2FDB6D09E02A3283C55237DA10F6 159328 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\unpack200.exe 2015-08-26 17:26:41 5A503CFE5B553A9721A469FCC9CE8562 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\rmiregistry.exe 2015-08-26 17:26:41 3292748E640429C2682484BD23D43F6B 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\rmid.exe 2015-08-26 17:26:40 E408E46C5DD2D03A7474AA12BAABEFEE 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\klist.exe 2015-08-26 17:26:40 D94C31E9C9C9A1273CC67DC6FFAF9984 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\policytool.exe 2015-08-26 17:26:40 606A24A64E164B345A79F8F22A5DAC6F 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\pack200.exe 2015-08-26 17:26:40 30387BE3E5D04FE969B731441C89D2D8 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\ktab.exe 2015-08-26 17:26:40 08427EADE480F21412696582170B1167 16480 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\orbd.exe 2015-08-26 17:26:39 B9DE149653ED8B9C5C6CB68131AB66D2 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\jjs.exe 2015-08-26 17:26:39 21B5D297A9191E4D833BB39456CEDAD0 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\kinit.exe 2015-08-26 17:26:39 0FCF9F3D9518B90FB58CC950FA33998C 76896 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\jp2launcher.exe 2015-08-26 17:26:39 0F6E0DD1263ACB2A1AC559BB7742B54D 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\keytool.exe 2015-08-26 17:26:38 8C6BDB56CD4DEED1AF2790D37B54CFE9 68192 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\javacpl.exe 2015-08-26 17:26:38 7080B965215703EA1340C3C4903C7D73 274016 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\javaws.exe 2015-08-26 17:26:38 5DC0128E8A2017E82289191820C736A5 191584 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\javaw.exe 2015-08-26 17:26:37 BC949C957CEB9FAFDF0F3949CDDF1A72 191584 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\java.exe 2015-08-26 17:26:37 86CC77A8189758834CF83F7F2FEA5162 15968 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\java-rmi.exe 2015-08-26 17:26:37 262BBCE84B9C8784CC5A5E1975898022 30304 ----a-w- C:\Program Files\Java\jre1.8.0_60\bin\jabswitch.exe 2015-08-26 17:25:51 00B74A1D7EC6F1BEC852FF1347E29E81 585824 ----a-w- C:\Users\jan\AppData\Local\Temp\jre-8u60-windows-au.exe 2015-08-21 18:40:49 E2AB465A4F48E9E64FE028374249B881 981584 ----a-w- C:\Program Files\Google\Update\Install\{63C876C6-2B74-4BE2-8A26-24AD7D2BFE3B}\44.0.2403.157_44.0.2403.155_chrome_updater.exe 2015-08-21 18:40:48 E2AB465A4F48E9E64FE028374249B881 981584 ----a-w- C:\Program Files\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\44.0.2403.157\44.0.2403.157_44.0.2403.155_chrome_updater.exe 2015-08-20 21:31:22 F7B53B4BD50C13D17F5C54F82CDE7836 82944 ----a-w- C:\Users\jan\AppData\Local\Temp\AC53F994-D4AE-48D6-932C-25B942397061\DismHost.exe 2015-08-19 21:02:02 E0601892310C0340B1677DF8733EB195 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_PCSupportBar\GASender.exe 2015-08-19 21:00:08 D8D73378C09FCA91502B186CE019DD5B 6250296 ----a-w- C:\Users\jan\AppData\Local\Temp\pc-support-bar-setup.exe 2015-08-19 20:57:41 E0601892310C0340B1677DF8733EB195 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del__iu14D2N\GASender.exe 2015-08-19 20:57:24 FC71D51ECAC99EECDA669EB70ECDB3CB 457672 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_FixMyPC\GASender.exe 2015-08-19 20:46:16 5C3A6D4B54AD990ED8E00AF89C36C0FA 512456 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_pc-cleaner-setup\GASender.exe 2015-08-19 20:45:43 FC71D51ECAC99EECDA669EB70ECDB3CB 457672 ----a-w- C:\Users\jan\AppData\Local\Temp\_Del_fix-my-pc-setup\GASender.exe 2015-08-19 20:45:43 51976EECD8A3398356AC2D9B8B8E7D52 8043720 ----a-w- C:\Users\jan\AppData\Local\Temp\pc-cleaner-setup.exe 2015-08-19 20:44:33 42C0A20ED45897A1621663E93566D9E2 8376008 ----a-w- C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\29RSQE3F\fix-my-pc-setup.exe === C: other files == 2015-08-26 18:55:47 E06BEE9BEA28E7927F4CD8BA9AA57427 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2578272341-3324075177-2043743870-1001\$ISKQM2X.zip 2015-08-26 18:54:17 E3D5FBD8AE0423100B3501AE3EE5E288 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2578272341-3324075177-2043743870-1001\$ITJJ0EW.com 2015-08-26 17:26:42 4E221C69F3B103481534D1B6CB6A90DD 14130 ----a-w- C:\Program Files\Java\jre1.8.0_60\lib\deploy\ffjcext.zip 2015-08-24 18:31:38 2972FD71BCD541109441D07A1E11FDA1 19465083 ----a-w- C:\Users\jan\AppData\Local\ElevatedDiagnostics\2560293460\2015082418.000\DataStoreAndWULogFiles.zip 2015-08-24 17:50:08 7E8F45654602A914C911B2A889FC3132 19439878 ----a-w- C:\Users\jan\AppData\Local\ElevatedDiagnostics\2560293460\2015082417.000\DataStoreAndWULogFiles.zip 2015-08-19 20:24:34 F74277618700E40B5D80072DCDAA0921 18039802 ----a-w- C:\Users\jan\AppData\Local\ElevatedDiagnostics\2560293460\2015081920.000\DataStoreAndWULogFiles.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2578272341-3324075177-2043743870-1001\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Dropbox Update"="C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "CLMLServer"="C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe" "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s" "BrMfcWnd"="C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN" "ControlCenter3"="C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun" "StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey" "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime" "SunJavaUpdateSched"="C:\Program Files\Common Files\Java\Java Update\jusched.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Dropbox Update"="C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe /c" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Facebook Update] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="Facebook Update" "hkey"="HKCU" "command"="\"C:\\Users\\jan\\AppData\\Local\\Facebook\\Update\\FacebookUpdate.exe\" /c /nocrashserver" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IndexSearch] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="IndexSearch" "hkey"="HKLM" "command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\IndexSearch.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\OpwareSE4] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="OpwareSE4" "hkey"="HKLM" "command"="\"C:\\Program Files\\ScanSoft\\OmniPageSE4.0\\OpwareSE4.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PaperPort PTD] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PaperPort PTD" "hkey"="HKLM" "command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\pptd40nt.exe\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\PPort11reminder] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="PPort11reminder" "hkey"="HKLM" "command"="\"C:\\Program Files\\ScanSoft\\PaperPort\\Ereg\\Ereg.exe\" -r \"C:\\ProgramData\\ScanSoft\\PaperPort\\11\\Config\\Ereg\\Ereg.ini\"" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^Users^jan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk] "path"="C:\\Users\\jan\\AppData\\Roaming\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\Dropbox.lnk" "backup"="C:\\Windows\\pss\\Dropbox.lnk.Startup" "backupExtension"=".Startup" "command"="C:\\Users\\jan\\AppData\\Roaming\\Dropbox\\bin\\Dropbox.exe /systemstartup" "item"="Dropbox" [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "QuickTime Task"="\"C:\\Program Files\\QuickTime\\QTTask.exe\" -atboottime" "SSBkgdUpdate"="\"C:\\Program Files\\Common Files\\Scansoft Shared\\SSBkgdUpdate\\SSBkgdupdate.exe\" -Embedding -boot" "Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Folders ====================== 2015-05-08 05:28:38 1134 ----a-w- C:\Users\jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core.job --a------ [Undetermined Task] C:\Windows\tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA.job --a------ [Undetermined Task] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core.job --a------ C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 14:29] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27/10/2014 22:01] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [27/10/2014 22:01] ==== Other Scheduled Tasks ====================== "C:\Windows\system32\tasks\Adobe Acrobat Update Task" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\system32\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core" [C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\DropboxUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA" [C:\Users\jan\AppData\Local\Dropbox\Update\DropboxUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001Core" [C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-2578272341-3324075177-2043743870-1001UA" [C:\Users\jan\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe] "C:\Windows\system32\tasks\Norton Security Scan for jan" [C:\PROGRA~1\NORTON~2\Engine\352~1.10\Nss.exe] "C:\Windows\system32\tasks\ScanSoft Background Update" [C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{6D282154-2A5B-4435-81FF-0FAEA326F924}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\User_Feed_Synchronization-{B59E2255-73D3-47D7-9A9F-2311BAB7EAC2}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\system32\tasks\{2C0DE3B4-15AA-4337-AF09-C31431A84B9D}" [C:\Program Files\Microsoft Office\Office14\EXCEL.EXE] "C:\Windows\system32\tasks\{8BCFB761-3EF0-44BE-96CC-3EC038C5A943}" [C:\Program Files\Microsoft Office\Office14\EXCEL.EXE] "C:\Windows\system32\tasks\{C2D2C80C-650F-4860-B0E3-CCA95CEE8B0A}" [C:\Program Files\Microsoft Office\Office14\EXCEL.EXE] "C:\Windows\system32\tasks\{CDCA2640-39CE-48F0-AB99-26B6D83200E7}" [C:\Program Files\Nikon\PictureProject\NkbPProj.exe] "C:\Windows\system32\tasks\{EF262CD6-44AA-4FE0-87A0-0A2926A08AB4}" [C:\Program Files\Microsoft Office\Office14\EXCEL.EXE] "C:\Windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\Windows\system32\tasks\TweakBit\FixMyPC\Start FixMyPC automatic scanning" [C:\Program Files\TweakBit\FixMyPC\FixMyPC.exe] "C:\Windows\system32\tasks\TweakBit\PCCleaner\Start PCCleaner ?n logon" [C:\Program Files\TweakBit\PCCleaner\PCCleaner.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\krl48z5a.default user_pref("browser.startup.homepage", "https://addons.mozilla.org/nl/firefox/extensions/bookmarks/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", ""); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions] "belgiumeid@eid.belgium.be"="C:\Program Files\Mozilla Firefox\extensions\belgiumeid@eid.belgium.be" [27/06/2015 21:51] ==== Firefox Extensions ====================== ProfilePath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\krl48z5a.default - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be ==== Firefox Plugins ====================== Profilepath: C:\Users\jan\AppData\Roaming\Mozilla\Firefox\Profiles\krl48z5a.default A9E98D1FCB614713E87149FCBE8459F2 - C:\Program Files\Adobe\Reader 11.0\Reader\browser\nppdf32.dll - Adobe Acrobat 0FFC7C7A12BD7B0465D97E7745287370 - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 3CD19649B2C3023D65E67C056457A2BC - C:\Users\jan\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 0205ADAFFDDF04F0F69200E5CFB5FFD9 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin C517E5EA7CEE783F3681F62D2A362E5B - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live? Photo Gallery F98B0B2789436E072D7ED979C4E44D07 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 59DA7ECD71D9B9E85656A99E0D6EE6FB - C:\Program Files\QuickTime\Plugins\npqtplugin8.dll - QuickTime Plug-in 7.6.6 F96C44B35DAF43FB70F9A1DC9ED2333E - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.6.6 48E7704C8C547788AD3168F1AD13E88A - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.6.6 3ED3BC40D58F215CEAD09A2F6BA7FADD - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.6.6 5B933ABE2BBF2612AD24125FCFEE3744 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.6.6 018D3C5042DBA42B2BE3822AD2463C14 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.6.6 CC18457E0649070E3A27BA798F94DC5D - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.6.6 E7F041980207E7A136B9258D9163E8E4 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.6.6 24E990B1E6D55428001843CF7217DD81 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox 87132527E2256CF6683A18C4EB34DD3B - C:\Windows\system32\Wat\npWatWeb.dll - Windows Activation Technologies ==== Chromium Look ====================== Google Chrome Version: 44.0.2403.157 Chrome Web Store Payments - administrator001\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Voice Search Hotword (Beta) - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn Google Wallet - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Docs - hilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - hilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - hilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - hilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Gmail - hilde\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Drive - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Chrome Web Store Payments - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\administrator001\AppData\Local\Google\Chrome\User Data\Default\Preferences com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13082983719476806","lastpingday":"13083836401647351","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"nl","default_locale":"en","description":"Betalingen via Chrome Web Store","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Betalingen via Chrome Web Store","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wallet-web.sandbox.google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.2.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.2.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13082983707480005","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/gcm","https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleapis.com/gcm/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files\\Google\\Chrome\\Application\\44.0.2403.125\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true}}},"homepage":"http://www.google.com/","homepage_is_newtabpage":false,"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"D9E880CD1A29FA41DEEBF18FA26F1DDA88DF60F09E0FF869A994B135106B7986"},"default_search_provider":{"keyword":"A4289FE32F7F774DD0E4F6E5D93FC5D77272313E9E5E011DA2310B479B83113F","name":"140225E0F626ACCD005E8B12FE748C496C1166CFCFF9F306CC226E20A9795102","search_url":"C731C21FF99A2378670E4A4789C70A8B2280DDF677DC60B503EBFC1DCE1A9FCE"},"default_search_provider_data":{"template_url_data":"B2490EA15E8040E480EBD6F5C00122718D20291DCB06081102E8D8E8317407F0"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"C5A204DAFBB1D5A0A86B544CE2C39E1D4D1578FDEAD7AA3E4C3183B8FF5D6165","aohghmighlieiainnegkcijnfilokake":"2DEB57A301DF965A4691F214A4A83F4491420BE4A9B930B6353AFF9185CC5FD1","apdfllckaahabafndbhieahigkjlhalf":"2ED884942335EF3CEC048C49832FC7951219D2CB01B4AE120094A851703C9EE5","bepbmhgboaologfdajaanbcjmnhjmhfn":"F7289CFE6BCABF74676594CD4F03D13CFE84ED4714BD66D0A54556287E9AD0AB","blpcfgokakmgnkcojhhkbfbldkacnbeo":"5E1DCFFC0D33B005BB3D4CB3A80AF054C3850AFC27397E836400514F8F6BE4E1","coobgpohoikkiipiblmjeljniedjpjpf":"AA31D2E6D9C3139601F246BFB6C87B6F0C75AF6FA9E1E34C00B1710E32C45C8E","eemcgdkfndhakfknompkggombfjjjeno":"FC95B7C622840AC88E6E3C340DE646E60D57AF389341C344B218EF767CD2E805","ennkphjdgehloodpbhlhldgbnhmacadg":"22C44EBDFEA11F44E8DA8858B2B94738AF29623A993A472E91E4F40C03133E4B","gfdkimpbcpahaombhbimeihdjnejgicl":"BA039B827927B0C70F04C04B9DBE8111830EB1223202356054B8F91FC77152BE","kmendfapggjehodndflmmgagdbamhnfd":"A9742462111DDB50BE4E8708EFD14072D7572B255EC824E4D5EECD5C70D36D46","mfehgcgbbipciphmccgaenjidiccnmng":"677AE2F725E05E33AC9E18355FB7110B18A5EE18EC787C8193CF39690205DA64","mgndgikekgjfcpckkfioiadnlibdjbkf":"E6C8221EE9943D400D420BB9E316F1BAA947F42BA8F22CF504F45689A978D7F6","mhjfbmdgcfjbbpaeojofohoefgiehjai":"BBB150AF228885382764DC51CFD1D24B8283A0144B91487F8C2A5BC4BBA7441B","neajdppkdcdipfabeoofebfddakdcjhd":"F734F96D78EE9374CF72D991A0632FD00049ACCB816B99151B3080E99942D432","nkeimhogjdpnpccoofpliimaahmaaome":"EBA068BD7891644D8CE46C2B6BE1AE10504D2BD70ECF056660F2D9131EAA5A42","nmmhkkegccagdldgiimedpiccmgmieda":"186F64A66128683A11A59EFD000813B88D65C3A9D2C3690204F8ABB68281FBEA","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"7519C853416DF503A99849E2740D454AE71AEA1A3D1C7A20ACC19F151559F9B3","pjkljhegncpnkpknbcohdijeoejaedia":"92CA1BD0ADB9B649673485E34DD5CA8A93F6EB59871F285848F1CBC8EEE5370C"}},"google":{"services":{"account_id":"DBBB62C939A0250F2ACE52B049BFED18E92E7498244FB498C0B07DE69866B3EA","last_username":"D6CDE56C3302BEB75595A79E26B49282E0FB1E2859E075FE3DC9326FD9F512E7","username":"64CD474E044AAAC46F8D7A6B974673206801E0615EF5DA514DA77F89215B70A1"}},"homepage":"5EED38F123A73DAF6E377845FB6303DA79C82D0872B20B82BC18243FE9A97FBE","homepage_is_newtabpage":"5226044FBFEE532E8FE2CCDED931C83D4D3FFCD5F70C252F1CF07D185CD9E47E","pinned_tabs":"A5FFC64E5DE3F54159A2D3839DA09802F396F1DAB8118D16F2FF41233601D4D0","prefs":{"preference_reset_time":"AE7BE35D89F56D68ABBAF04FFF1EFE2A2B8BEB04151CD5EF58CFE97A5CA2E076"},"profile":{"reset_prompt_memento":"529CC16E73421BAC5BC4DD311042F670E808033880BA977C4F21CC277F06B960"},"safebrowsing":{"incidents_sent":"776609169AB0732238CB18CC7314803FCDF80C0389290379E801CB585170EB9A"},"search_provider_overrides":"903FF4295DAB6CFA08E9F36F1F75B190064F2FB01D5DA89F82010584EA35214A","session":{"restore_on_startup":"1AF1C6F2ED8964A580AFE116E6F4FB37A317684420CE589BAC7DFC2C0D1FC511","startup_urls":"5348AB00AD979969FDA1D4D6CBED09E9E8F9F71A97C3AC5ABC30F0774412B5CC"},"software_reporter":{"prompt_reason":"74C05CDFE8872F8C3781DE201F278177A5F9B7885C991CC186523DDE4CD3C8B4","prompt_seed":"9C6CAF0C06286F3EE3C93C0F07703CBE41EBDB560A36C7BB6448C9A6D0A8FFF6","prompt_version":"76E5DC95441C264E3A404D4AE0EA46516AE230F5F5F2F0EE186DCD60D49E4858"},"sync":{"remaining_rollback_tries":"C283EA89AA2DB1A40BBE249BDF908E6F7EF413CF3F2764790A6A9E3DAC1BECCA"}},"super_mac":"751A5448CD628EB5C5FF64CDC8F221F4411FBE62A5BE7C6A2821C7D61593F0F7"},"session":{"restore_on_startup":4,"startup_urls":["http://www.google.com/"]}} C:\Users\hilde\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com/", C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Preferences ,\"name\":\"JPN_YOU4\",\"vendor_id\":\"91\",\"width_microns\":105000},{\"custom_display_name\":\"A3 (Borderless / Long Grain)\",\"height_microns\":428900,\"vendor_id\":\"283\",\"width_microns\":305900},{\"custom_display_name\":\"JIS B4 (Borderless / Long Grain)\",\"height_microns\":372900,\"vendor_id\":\"284\",\"width_microns\":266000},{\"custom_display_name\":\"Ledger (Borderless / Long Grain)\",\"height_microns\":440700,\"vendor_id\":\"285\",\"width_microns\":288300},{\"custom_display_name\":\"A4 (Borderless)\",\"height_microns\":305900,\"vendor_id\":\"274\",\"width_microns\":219000},{\"custom_display_name\":\"Letter (Borderless)\",\"height_microns\":288300,\"vendor_id\":\"275\",\"width_microns\":224800},{\"custom_display_name\":\"A6 (Borderless)\",\"height_microns\":156900,\"vendor_id\":\"276\",\"width_microns\":113900},{\"custom_display_name\":\"Postcard 1 (Borderless)\",\"height_microns\":156900,\"vendor_id\":\"277\",\"width_microns\":109000},{\"custom_display_name\":\"Photo L (Borderless)\",\"height_microns\":135900,\"vendor_id\":\"278\",\"width_microns\":98000},{\"custom_display_name\":\"Photo 2L (Borderless)\",\"height_microns\":186900,\"vendor_id\":\"279\",\"width_microns\":135900},{\"custom_display_name\":\"Photo (Borderless)\",\"height_microns\":161300,\"vendor_id\":\"280\",\"width_microns\":110500},{\"custom_display_name\":\"Index Card (Borderless)\",\"height_microns\":212100,\"vendor_id\":\"281\",\"width_microns\":135900}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":297000,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":210000},\"marginsType\":0,\"customMargins\":null,\"isLandscapeEnabled\":true,\"selectedDestinationExtensionId\":\"\",\"selectedDestinationExtensionName\":\"\",\"isCssBackgroundEnabled\":false}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"clear_on_exit_migrated":true,"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{"[*.]www.microsoft.com,*":{"setting":1}},"cookies":{},"fullscreen":{"http://www.standaard.be:80,http://www.standaard.be:80":{"setting":1},"https://[*.]docs.google.com:443,*":{"setting":1},"https://[*.]drive.google.com:443,*":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{"http://catalogue.auchan.fr:80,http://catalogue.auchan.fr:80":{"setting":1},"https://www.delijn.be:443,https://www.delijn.be:443":{"setting":2}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{"*,*":{"per_resource":{"npsitesafety.dll":1}}},"popups":{"https://[*.]www.myworkandme.com:443,*":{"setting":1}},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"*,*":{"per_plugin":{"npsitesafety.dll":1}},"[*.]www.microsoft.com,*":{"multiple-automatic-downloads":1},"http://catalogue.auchan.fr:80,http://catalogue.auchan.fr:80":{"geolocation":1,"last_used":{"geolocation":1431592709.271423}},"http://www.standaard.be:80,http://www.standaard.be:80":{"fullscreen":1},"https://[*.]docs.google.com:443,*":{"fullscreen":1},"https://[*.]drive.google.com:443,*":{"fullscreen":1},"https://[*.]www.myworkandme.com:443,*":{"popups":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"plugin_whitelist":{"npsitesafety":{"dll":true}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Eerste gebruiker","password_manager_groups_for_domains":[4,null,null,null,null,null,8],"per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Users\\jan\\Dropbox\\Downloads","type":1},"selectfile":{"last_directory":"C:\\Users\\jan\\Documents\\Scanned Documents\\2015-08-18"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13034506632889501"},"sync_promo":{"show_on_first_run_allowed":false},"translate_accepted_count":{"de":0,"en":0,"fr":0,"it":0,"ru":0,"und":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":23,"fr":28,"it":1,"und":1},"translate_denied_count_for_language":{"de":2,"en":2,"fr":2,"it":1,"ru":1},"translate_last_denied_time":1413822552465.309,"translate_last_denied_time_for_language":{"de":1438107303837.891,"en":1437982532095.932,"fr":1438088217817.22,"it":1438119274360.505,"ru":1438691127438.893},"translate_too_often_denied":true,"translate_too_often_denied_for_language":{"de":true,"en":true,"fr":true},"translate_whitelists":{},"zerosuggest":{"cachedresults":""}} mgmieda\\0.1.2.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13047509935813049","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"pjkljhegncpnkpknbcohdijeoejaedia":{"ack_external":true,"active_permissions":{"api":["notifications"],"manifest_permissions":[]},"app_launcher_ordinal":"x","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["notifications"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13073212749120161","lastpingday":"13084614004811969","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"https://mail.google.com/mail/ca"},"urls":["*://mail.google.com/mail/ca"]},"current_locale":"nl","default_locale":"en","description":"Een snelle, doorzoekbare e-mailfunctie met minder spam.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCuGglK43iAz3J9BEYK/Mz6ZhloIMMDqQSAaf3vJt4eHbTbSDsu4WdQ9dQDRcKlg8nwQdePBt0C3PSUBtiSNSS37Z3qEGfS7LCju3h6pI1Yr9MQtxw+jUa7kXXIS09VV73pEFUT/F7c6Qe8L5ZxgAcBvXBh1Fie63qb02I9XQ/CQIDAQAB","manifest_version":2,"name":"Gmail","options_page":"https://mail.google.com/mail/ca/#settings","permissions":["notifications"],"update_url":"http://clients2.google.com/service/update2/crx","version":"8.1"},"page_ordinal":"n","path":"pjkljhegncpnkpknbcohdijeoejaedia\\8.1_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false}}},"homepage":"http://mysearch.avg.com?cid={ACBA594B-9FCE-4846-8C8C-8661BFE672C1}&mid=87bd2691b58c47d3ae599128c071fba5-feefdfda96443144598996ab0edd5da84dc5d715&lang=nl&ds=AVG&coid=avgtbavg&cmpid=&pr=fr&d=2014-05-02 19:49:44&v=18.1.5.512&pid=safeguard&sg=&sap=hp","homepage_is_newtabpage":false,"pinned_tabs":[],"profile":{},"protection":{"macs":{"browser":{"show_home_button":"E7870905EB4BAA3B8293D9F6C5423D70DA581DBB47C4A97441FD716AE863F27B"},"default_search_provider":{"keyword":"A4289FE32F7F774DD0E4F6E5D93FC5D77272313E9E5E011DA2310B479B83113F","name":"140225E0F626ACCD005E8B12FE748C496C1166CFCFF9F306CC226E20A9795102","search_url":"C731C21FF99A2378670E4A4789C70A8B2280DDF677DC60B503EBFC1DCE1A9FCE"},"default_search_provider_data":{"template_url_data":"F5148E66BEE8F6238818FC6DD26A877C50BC5E13921AAF66140B81926F90A3B4"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"33158C1724C4A0CF88FA032BF9644FF4045F70E0391AB22704FAA05E13794B91","apdfllckaahabafndbhieahigkjlhalf":"A16604E026483413BA180EAD87881940838325AF246046035BFE0B8F2BAAA9DC","bepbmhgboaologfdajaanbcjmnhjmhfn":"F7289CFE6BCABF74676594CD4F03D13CFE84ED4714BD66D0A54556287E9AD0AB","blpcfgokakmgnkcojhhkbfbldkacnbeo":"F06BC955C2ED74374E66D89D262FE95AB0935C747B056AD8E075D1A12F0B2AD6","coobgpohoikkiipiblmjeljniedjpjpf":"DB77519238E8005F1BBD8CDD3B0BA3F8167B718E286FB7A82C10C0B0BE9FD01B","eemcgdkfndhakfknompkggombfjjjeno":"6764F67CD8BB150AD6E84F2965F34E673CE2E8D6273BD68497A8C69438FC0957","ennkphjdgehloodpbhlhldgbnhmacadg":"BB358F5B2B24406AB7112042E14E699CA77F28CCA97AC1162BFF20C1299873BF","gfdkimpbcpahaombhbimeihdjnejgicl":"F8DE52E8984C83B82F79A86A579BCF73EC56AEC34C44CB5B9E56B3FC20C6984F","gomekmidlodglbbmalcneegieacbdmki":"62C2D569D20D02E73615D8C9521763734CB1B575C7212AFC30A5C37D91A0BAD2","kmendfapggjehodndflmmgagdbamhnfd":"112485CDD7C9A78E8455536C92E6B311D80FB2ECC645C86584A932EC1E54E049","mfehgcgbbipciphmccgaenjidiccnmng":"7A996F294825DBEC29FB5BA4FBA1C4845C9A3D0FBF527957090EAE603E653F42","mgndgikekgjfcpckkfioiadnlibdjbkf":"9AE19DD4DECF25C1F3F7578FC300A20645D9D5450F48258BDF3DCD4DAE9CD6FC","mhjfbmdgcfjbbpaeojofohoefgiehjai":"D4443F6B3DE44704389F8205DC51E000BCEA675D1F30ADAE0B59E70C289B513B","neajdppkdcdipfabeoofebfddakdcjhd":"EC16080402B26E734DE97D5F8131C84534386F4E2F72DE94D140C10E99398D5B","nkeimhogjdpnpccoofpliimaahmaaome":"9E1ABD247947DEF32BFDAC5FCFB4365F2E6C200F3769D15ADFDB835F5815B12D","nmmhkkegccagdldgiimedpiccmgmieda":"E39BC5B496CFC3E6EC0AE18E0CF5615133FD26D31E8F2623CFEF52DE34D4E370","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"E46434B967F72116120AF0F277EA92DA3529BD6C6BE2D2EA6CE7D3C73F99370F","pjkljhegncpnkpknbcohdijeoejaedia":"479D566D07A470219832BD58B364ABA5AD3350E7601EBBD1A3DC1841066151BF"}},"google":{"services":{"account_id":"DBBB62C939A0250F2ACE52B049BFED18E92E7498244FB498C0B07DE69866B3EA","last_username":"D6CDE56C3302BEB75595A79E26B49282E0FB1E2859E075FE3DC9326FD9F512E7","username":"64CD474E044AAAC46F8D7A6B974673206801E0615EF5DA514DA77F89215B70A1"}},"homepage":"4B796AAB1F6C985507B9678B504A7C02D1F21C961E147A873B0F5BDE2DBA6E8D","homepage_is_newtabpage":"5226044FBFEE532E8FE2CCDED931C83D4D3FFCD5F70C252F1CF07D185CD9E47E","pinned_tabs":"A5FFC64E5DE3F54159A2D3839DA09802F396F1DAB8118D16F2FF41233601D4D0","prefs":{"preference_reset_time":"AE7BE35D89F56D68ABBAF04FFF1EFE2A2B8BEB04151CD5EF58CFE97A5CA2E076"},"profile":{"reset_prompt_memento":"529CC16E73421BAC5BC4DD311042F670E808033880BA977C4F21CC277F06B960"},"safebrowsing":{"incidents_sent":"776609169AB0732238CB18CC7314803FCDF80C0389290379E801CB585170EB9A"},"search_provider_overrides":"903FF4295DAB6CFA08E9F36F1F75B190064F2FB01D5DA89F82010584EA35214A","session":{"restore_on_startup":"1AF1C6F2ED8964A580AFE116E6F4FB37A317684420CE589BAC7DFC2C0D1FC511","startup_urls":"A3DAA3C3235DDACA9649EC5C9A8A22DCE0C6ED777C8B04C759707103B2DFABDE"},"software_reporter":{"prompt_reason":"74C05CDFE8872F8C3781DE201F278177A5F9B7885C991CC186523DDE4CD3C8B4","prompt_seed":"9C6CAF0C06286F3EE3C93C0F07703CBE41EBDB560A36C7BB6448C9A6D0A8FFF6","prompt_version":"76E5DC95441C264E3A404D4AE0EA46516AE230F5F5F2F0EE186DCD60D49E4858"},"sync":{"remaining_rollback_tries":"0571DD7D9F7D02E87153D3EA64A8865304A23B99F2D7AB80009B15B65F6F86C3"}},"super_mac":"1A729C2BB1486BEA7060E181A12633C49C7F45B9B5870F639B6B930E6DB0A14F"},"session":{"restore_on_startup":4,"startup_urls":["chrome://newtab/"]},"sync":{"remaining_rollback_tries":0}} ==== Chromium Fix ====================== C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_toolbar.avg.com_0.localstorage-journal deleted successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_shoppingcart.aliexpress.com_0.localstorage-journal deleted successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_static.olark.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.be/" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Empty IE Cache ====================== C:\Users\administrator001\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hilde\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\jan\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\jan\AppData\Local\Mozilla\Firefox\Profiles\krl48z5a.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\administrator001\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\hilde\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\jan\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=338 folders=50 4438485828 bytes) ==== Empty Temp Folders ====================== C:\Users\administrator001\AppData\Local\temp emptied successfully C:\Users\Charlotte\AppData\Local\temp emptied successfully C:\Users\Default\AppData\Local\temp emptied successfully C:\Users\Default User\AppData\Local\temp emptied successfully C:\Users\hilde\AppData\Local\temp emptied successfully C:\Users\jan\AppData\Local\Temp will be emptied at reboot C:\Users\Public\AppData\Local\temp emptied successfully C:\Users\TEMP\AppData\Local\temp emptied successfully C:\Windows\system32\config\systemprofile\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\jan\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on wo 26/08/2015 at 21:36:48,42 ======================