Zoek.exe v5.0.0.0 Updated 27-01-2015 Tool run by Jonathan on do 29/01/2015 at 7:55:19,19. Microsoft Windows 8.1 Pro 6.3.9600 x64 Running in: Normal Mode Internet Access Detected Launched: F:\Gebruikers\Jona\Bureaublad\zoek.exe [Scan all users] [Script inserted] ==== Older Logs ====================== C:\zoek-results2013-11-09-075925.log 25013 bytes ==== Empty Folders Check ====================== C:\PROGRA~2\COMMON~1\Java deleted successfully C:\PROGRA~3\ALM deleted successfully C:\PROGRA~3\Oracle deleted successfully C:\Users\Jonathan\AppData\Roaming\Bitcoin deleted successfully C:\Users\Jonathan\AppData\Roaming\Malwarebytes deleted successfully C:\Users\Jonathan\AppData\Local\PackageStaging deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2485587211-2012132852-1507892515-1001\Software\Mozilla\Firefox\Extensions\{B64D9B05-48E1-4CEB-BF58-E0643994E900} deleted successfully ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== C:\PROGRA~2\Samsung SSD 840 EVO Performance Restoration deleted C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted C:\PROGRA~3\boost_interprocess deleted C:\PROGRA~3\Package Cache deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted C:\WINDOWS\SysNative\config\systemprofile\Searches deleted C:\WINDOWS\SysWow64\AI_RecycleBin deleted C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\91sw8iid.default\jetpack deleted C:\Users\Lana\AppData\Roaming\Mozilla\Firefox\Profiles\gqnaaqm3.default\FVD Toolbar deleted C:\Users\Public\Desktop\AVGO Free Video Downloader.lnk deleted C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\91sw8iid.default\extensions\jid1-4P0kohSJxU1qGg@jetpack deleted ==== Files Recently Created / Modified ====================== ====== C:\WINDOWS ==== 2015-01-05 08:23:02 7A2F194C82A74A63297DBD5179B12066 348160 ----a-w- C:\WINDOWS\eSellerateEngine.dll 2015-01-05 08:22:57 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\WINDOWS\rsoftinfo.dat 2015-01-04 17:04:51 029590622B20384B834E90CCDB3E0FA5 134138 ----a-w- C:\WINDOWS\ColorPic Uninstaller.exe ====== C:\Users\Jonathan\AppData\Local\Temp ==== 2015-01-27 16:48:56 1F11DF40E6BFC512F87F0DA5CA9EE046 14978024 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.434.exe 2015-01-24 09:16:28 753412BE4EA83574B527BA3359FEC55E 14977512 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.390.exe 2015-01-20 20:38:26 F9D9D40A3A68500F330A9AA5E07D3E1D 14971880 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.344.exe 2015-01-18 18:38:30 B9C51E4BA4F8DACD43CA92EC5731A249 14980072 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.326.exe 2015-01-16 06:59:03 50CDDBD0CCBC5971F921E8C58F1A95D9 14979560 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.284.exe ====== Java Cache ===== ====== C:\WINDOWS\SysWOW64 ===== ====== C:\WINDOWS\SysWOW64\drivers ===== ====== C:\WINDOWS\Sysnative ===== ====== C:\WINDOWS\Sysnative\drivers ===== 2015-01-14 08:47:20 F0CB6DB513CAC393D04A0FCE0A59E1BF 75776 ----a-w- C:\WINDOWS\Sysnative\drivers\ahcache.sys 2015-01-14 08:47:20 DB32958F0E704EFBF7F15161A569E39F 140800 ----a-w- C:\WINDOWS\Sysnative\drivers\mrxdav.sys ====== C:\WINDOWS\Tasks ====== 2015-01-16 15:46:42 99FD669DC6003B242E13D5A3C279C3E5 1080 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2015-01-16 15:46:42 8549CB03CC2F0F527C785986889F2A13 1084 ----a-w- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2015-01-16 15:46:42 51A60FC642E93D97C6401D5AE8AD7388 4056 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineUA 2015-01-16 15:46:42 3734DDC67B960C249AEEC3318DC8A074 3820 ----a-w- C:\WINDOWS\Sysnative\Tasks\GoogleUpdateTaskMachineCore ====== C:\WINDOWS\Temp ====== ======= C:\Program Files ===== 2015-01-05 08:22:57 -------- d-----w- C:\Program Files\raptisoft ======= C:\PROGRA~2 ===== 2015-01-04 17:04:50 -------- d-----w- C:\PROGRA~2\ColorPic 4.1 2015-01-01 13:54:41 -------- d-----w- C:\PROGRA~2\AirDroid 2014-12-31 11:15:17 -------- d-----w- C:\PROGRA~2\Sony ======= C: ===== ====== C:\Users\Jonathan\AppData\Roaming ====== 2015-01-27 16:49:12 -------- d-----w- C:\Users\Jonathan\AppData\Local\Hola 2015-01-17 13:04:36 -------- d-----w- C:\Users\lanat_000\AppData\Local\Mozilla 2015-01-05 08:24:26 -------- d-----w- C:\Users\lanat_000\AppData\Roaming\Mozilla 2015-01-02 09:50:43 -------- d-----w- C:\Users\Lana\AppData\Roaming\Sony Corporation 2015-01-01 14:43:16 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Adobe 2015-01-01 10:13:26 -------- d-----w- C:\Users\lanat_000\AppData\Roaming\Sony Corporation 2014-12-31 11:15:28 -------- d-----w- C:\Users\Jonathan\AppData\Roaming\Sony Corporation ====== C:\Users\Jonathan ====== 2015-01-25 17:29:00 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung SSD 840 EVO Performance Restoration 2015-01-16 15:47:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome 2015-01-05 08:22:58 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Raptisoft 2015-01-04 17:04:50 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ColorPic 4.1 2015-01-01 13:54:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AirDroid ====== C: exe-files == 2015-01-28 14:06:44 3D598D59E5BEF60C4D6218A3169880F5 273008 ----a-w- C:\Users\Lana\AppData\Local\Mozilla\updates\E7CF176E110C211B\updates\0\updater.exe 2015-01-27 16:49:14 CC29FDF0E680C0F3531C9F2A834CA2A6 126995 ----a-w- C:\Users\Jonathan\AppData\Local\Hola\firefox\app\vlc\vlc.exe 2015-01-27 16:49:14 6405E86418FB10A25DDA33E02674FF62 7436776 ----a-w- C:\Users\Jonathan\AppData\Local\Hola\firefox\app\hola_plugin.exe 2015-01-27 16:49:14 1F11DF40E6BFC512F87F0DA5CA9EE046 14978024 ----a-w- C:\Users\Jonathan\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.6.434.exe 2015-01-27 16:49:14 1F11DF40E6BFC512F87F0DA5CA9EE046 14978024 ----a-w- C:\Users\Jonathan\AppData\Local\Hola\firefox\app\image\Hola-Setup-x64-1.6.434.1.exe 2015-01-27 16:48:56 1F11DF40E6BFC512F87F0DA5CA9EE046 14978024 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.434.exe 2015-01-27 06:51:31 1B8E55B4F87A30F8074AC8BD4EDC5108 2315344 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\40.0.2214.93\40.0.2214.93_40.0.2214.91_chrome64_updater.exe 2015-01-26 07:07:49 EE99195B8A4B5134D2DF5E07543E1FCF 619008 ----a-w- C:\Users\Jonathan\AppData\Local\Packages\Microsoft.NetworkSpeedTest_8wekyb3d8bbwe\AC\Microsoft\CLR_v4.0\NativeImages\NetworkSpeedTest\50a395cf82fa498ea75a1c57e440f299\NetworkSpeedTest.ni.exe 2015-01-26 07:06:34 ABDA7EFA15E04E579E8B974E2FEA7CC5 7493632 ----a-w- C:\Users\Jonathan\AppData\Local\Packages\9E2F88E3.Twitter_wgeqdkkx372wm\AC\Microsoft\CLR_v4.0\NativeImages\Twitter-Win8\a88f9559eb6ba4300f631dce6a84690a\Twitter-Win8.ni.exe 2015-01-26 07:05:46 7765874AE85FB78E35BABDD5943B503E 11388416 ----a-w- C:\Users\Jonathan\AppData\Local\Packages\4DF9E0F8.Netflix_mcm4njqhnhss8\AC\Microsoft\CLR_v4.0\NativeImages\Netflix\c0a8cbc4371e597748c215c2a05e35d7\Netflix.ni.exe 2015-01-26 07:03:48 8F5513B61450A7B54E85771299885024 719872 ----a-w- C:\Users\Jonathan\AppData\Local\Packages\43266Element26Software.SteamTile_2vng2mrd8a7zg\AC\Microsoft\CLR_v4.0\NativeImages\SteamTile\39ff04f99ef4601bdccbdd33d43ba96e\SteamTile.ni.exe 2015-01-26 07:03:34 9258E017288E2B4AEB57C95F16F5E8E1 748032 ----a-w- C:\Users\Lana\AppData\Local\Packages\Disney.DisneyInfinityAction_6rarf9sa4v8jt\AC\Microsoft\CLR_v4.0_32\NativeImages\Template\a52bd68d4d32c18a384cb2c6642cd2e5\Template.ni.exe 2015-01-24 09:16:28 753412BE4EA83574B527BA3359FEC55E 14977512 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\Hola-Setup-Plugin-x64-1.6.390.exe 2015-01-23 07:02:26 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Windows\Temp\516f5c2f\SettingsManagerSetup.exe 2015-01-22 19:43:05 77C0AE41724E55675C7226B58108A317 1267376 ----a-w- C:\Windows\Temp\{995A20B8-33F1-4D7E-B93A-7CB9BDF1B56F}\InstallFlashPlayer.exe === C: other files == 2015-01-27 16:48:52 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Users\Jonathan\AppData\Local\Temp\avastBCLTMP\kbfnbcaeplbcioakkpcpgfkobkghlhen.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Jonathan\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_USERS\S-1-5-21-2485587211-2012132852-1507892515-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000001 /M XP-402 403 405 406 Series" "Copy"="C:\Users\Jonathan\AppData\Roaming\Copy\CopyAgent.exe" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "uTorrent"="C:\Users\Jonathan\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AirDroid 3"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" "GoogleChromeAutoLaunch_67B49362D3A8C1AAF36B88B38FC33840"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run] "Copy"="C:\Users\Jonathan\AppData\Roaming\Copy\CopyAgent.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "KiesTrayAgent"="C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "Aimersoft Helper Compact.exe"="C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "RzWizard"="C:\Program Files (x86)\Razer\RzWizard\RzWizard.exe" "iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe" "RoccatIskuFX"="C:\Program Files (x86)\ROCCAT\Isku FX Keyboard\IskuFXMonitor.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Steam"="C:\Program Files (x86)\Steam\steam.exe -silent" "KiesPreload"="C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload" "EPLTarget\P0000000000000001"="C:\WINDOWS\system32\spool\DRIVERS\x64\3\E_IATIIJE.EXE /EPT EPLTarget\P0000000000000001 /M XP-402 403 405 406 Series" "Copy"="C:\Users\Jonathan\AppData\Roaming\Copy\CopyAgent.exe" "msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background" "uTorrent"="C:\Users\Jonathan\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" "AirDroid 3"="C:\Program Files (x86)\AirDroid\AirDroid.exe /start" "GoogleChromeAutoLaunch_67B49362D3A8C1AAF36B88B38FC33840"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s" "Nvtmru"="C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" "AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" "IgfxTray"="C:\WINDOWS\system32\igfxtray.exe" "HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" "Persistence"="C:\WINDOWS\system32\igfxpers.exe" "ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe " ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdAndroidSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\BstHdLogRotatorSvc] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\bthserv] ==== Startup Folders ====================== 2013-09-03 15:51:42 1173 ----a-w- C:\Users\Jonathan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk 2014-02-12 20:05:08 1133 ----a-w- C:\Users\Lana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk 2014-12-31 11:15:18 2175 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Assistent content manager voor PlayStation(R).lnk ==== Task Scheduler Jobs ====================== C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [24/01/2015 23:43] C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/01/2015 16:46] C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [16/01/2015 16:46] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2485587211-2012132852-1507892515-1005Core.job --a-------- C:\Users\Lana\AppData\Local\Google\Update\GoogleUpdate.exe [14/02/2014 13:25] C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2485587211-2012132852-1507892515-1005UA.job --a-------- C:\Users\Lana\AppData\Local\Google\Update\GoogleUpdate.exe [14/02/2014 13:25] ==== Other Scheduled Tasks ====================== "C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\WINDOWS\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"] "C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\WINDOWS\SysNative\tasks\DeviceDetector" [C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2485587211-2012132852-1507892515-1005Core" [C:\Users\Lana\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-2485587211-2012132852-1507892515-1005UA" [C:\Users\Lana\AppData\Local\Google\Update\GoogleUpdate.exe] "C:\WINDOWS\SysNative\tasks\SAgent" ["%ProgramFiles%\Samsung\S Agent\CommonAgent.exe"] "C:\WINDOWS\SysNative\tasks\SamsungMagician" ["C:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe"] "C:\WINDOWS\SysNative\tasks\Settings" ["C:\Program Files (x86)\Samsung\Settings\sSettings.exe"] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1BEB6C78-3EF8-4B7B-A319-0C22390C7E39}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{1D5F0DDA-CFB4-435D-AFF6-0EC6B2EC3F86}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{9DB04F98-DA69-4D9B-9EAB-7F585DDB0809}" [C:\WINDOWS\system32\msfeedssync.exe] "C:\WINDOWS\SysNative\tasks\WLANStartup" ["%programfiles(x86)%\Samsung\Easy Settings\WLANStartup.exe"] "C:\WINDOWS\SysNative\tasks\Nero\Nero Info" [C:\Program Files (x86)\Common Files\Nero\Nero Info\NeroInfo.exe] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\Lana\AppData\Roaming\Mozilla\Firefox\Profiles\gqnaaqm3.default user_pref("browser.newtab.url", "chrome://fvd.speeddial/content/fvd_about_blank.html"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [06/08/2014 19:26] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Lana\AppData\Roaming\Mozilla\Firefox\Profiles\gqnaaqm3.default - Undetermined - pavel.sherbakov@gmail.com - Speed Dial [FVD] - New Tab Page Sync... - %ProfilePath%\extensions\pavel.sherbakov@gmail.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Jonathan\AppData\Roaming\Mozilla\Firefox\Profiles\91sw8iid.default 2411966CEE2702015AC8C53A41071A94 - C:\Users\Jonathan\AppData\Local\Hola\firefox\app\vlc\npvlc.dll - Hola VLC Web Plugin 0FC325593893749364EC4A733E7D9100 - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_296.dll - Shockwave Flash 2549375E682A65FA624D52F3AD27FC48 - C:\Users\Jonathan\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.93 (Up to date, latest Stable version: 40.0.2214.93) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[06/08/2014 19:26] Cloud To Butt Plus - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apmlngnhgbnjpajelfkmabhkfapgnoai TV - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh GeoGebra - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee selector is not a valid CSS selector - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Telegram - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\clhhggbfdinjmjhajaheehoeibfljjno NoFollow - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\dfogidghaigoomjdeacndafapdijmiid Assassin's Creed III - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\geadmffjboclimmeiaimcafapjaefnfn AdBlock - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom Avast Online Security - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki bol-part - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jkgenemciogcgmpcahfbfcdamgcjfbpp Grammarly Spell Checker & Grammar Checker - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen Booktrack - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\kidknbkmfcapkiepmhchinffchkjglog WeVideo Next - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\limlkeaboocfcfncjkkghclkjidbedem MailTrack for Gmail - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndnaehgpjlnokgebbaldlmgkapkpjkkb Email Backgrounds Email Stationery - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nepmejfbdnfgkkeklbhejggabembdfmo Google Wallet - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Pub Toolbar - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc App Launcher Customizer for Google™ - Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ponjkmladgjfjgllmhnkhgbgocdigcjm Google Docs - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo panda dumpling - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\caaclfkfmcnlppkambfehbfhlekhpenf Google Search - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Google Wallet - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Lana\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Google Docs - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo selector is not a valid CSS selector - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb Google Search - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Pin It Button - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic Nuvi Collection - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbjcghmcibkemiabpnofapahcpjjpefe Google Wallet - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - lanat_000\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Fix ====================== C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully C:\Users\lanat_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage deleted successfully C:\Users\lanat_000\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.metrolyrics.com_0.localstorage-journal deleted successfully C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gadwin-printscreen.nl.softonic.com_0.localstorage deleted successfully C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_gadwin-printscreen.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Extensions\omioeahgfecgfpfldejlnideemfidnkc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Bar"="http://www.bing.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" ==== Reset Google Chrome ====================== C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\lanat_000\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\Users\Jonathan\AppData\Local\Google\Chrome\User Data\Default\Web Data will be reset at reboot C:\Users\Lana\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\Users\lanat_000\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== shortcuts on Users Desktops ====================== C:\Users\Jonathan\Desktop\ColorPic.lnk - C:\Program Files (x86)\ColorPic 4.1\ColorPic.exe C:\Users\Jonathan\Desktop\Duckduckcoin-Qt.lnk - C:\Users\Jonathan\AppData\Roaming\Duckduckcoin\duckduckcoin-qt.exe C:\Users\Jonathan\Desktop\Tweak Battle.lnk - C:\Program Files (x86)\Tweak Battle\Battle.exe C:\Users\Lana\Desktop\ColorPic.lnk - C:\Program Files (x86)\ColorPic 4.1\ColorPic.exe C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \pasfotojean - Snelkoppeling.lnk - C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \rekenen syllabus definitief - Snelkoppeling.lnk - C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \SD - Snelkoppeling.lnk - C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \img005 - Snelkoppeling.lnk - C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \img006 - Snelkoppeling.lnk - C:\Users\Lana\Desktop\MAMA STOP VAN MIJN BUREUBLAD \Scans tess\MT005 - Snelkoppeling.lnk - C:\Users\Lana\Desktop\Scan fotos\Top - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top.bmp C:\Users\Lana\Desktop\Scan fotos\Top-1 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-1.bmp C:\Users\Lana\Desktop\Scan fotos\Top-2 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-2.bmp C:\Users\Lana\Desktop\Scan fotos\Top-3 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-3.bmp C:\Users\Lana\Desktop\Scan fotos\Top-4 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-4.bmp C:\Users\Lana\Desktop\Scan fotos\Top-5 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-5.bmp C:\Users\Lana\Desktop\Scan fotos\Top-6 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-6.bmp C:\Users\Lana\Desktop\Scan fotos\Top-7 - Snelkoppeling.lnk - F:\EMTEC Stick\De Rest\scannetje\scannetje\Top-7.bmp C:\Users\Lana\Desktop\verkuising buroblad\10338831_735608856489869_644107496_n - Snelkoppeling.lnk - C:\Users\Lana\Desktop\verkuising buroblad\Nieuwe map\10338831_735608856489869_644107496_n.jpg C:\Users\Lana\Desktop\verkuising buroblad\9442887-traject-van-de-bloedstroom-door-het-hart-eps8 - Snelkoppeling (2).lnk - F:\Downloads Jeanneke\9442887-traject-van-de-bloedstroom-door-het-hart-eps8.jpg C:\Users\Lana\Desktop\verkuising buroblad\9442887-traject-van-de-bloedstroom-door-het-hart-eps8 - Snelkoppeling.lnk - F:\Downloads Jeanneke\9442887-traject-van-de-bloedstroom-door-het-hart-eps8.jpg C:\Users\Lana\Desktop\verkuising buroblad\Bij Nadine & Co Jan 2014 (2).lnk - C:\Users\Lana\Desktop\verkuising buroblad\Foto's Jan 2014\Bij Nadine & Co Jan 2014 C:\Users\Lana\Desktop\verkuising buroblad\Bij Nadine & Co Jan 2014 - Snelkoppeling.lnk - C:\Users\Lana\Desktop\verkuising buroblad\Foto's Jan 2014\Bij Nadine & Co Jan 2014 C:\Users\Lana\Desktop\verkuising buroblad\Bij Nadine & Co Jan 2014.lnk - C:\Users\Lana\Desktop\verkuising buroblad\Foto's Jan 2014\Bij Nadine & Co Jan 2014 C:\Users\Lana\Desktop\verkuising buroblad\New - Snelkoppeling.lnk - F:\Foto's 2013\New C:\Users\Lana\Desktop\verkuising buroblad\EXIFtool\t\images\LNK.lnk - F:\Gebruikers\Jona\Bureaublad\exiftool(-k).exe -d %Y%m%d-%H%M%S.%%e "-filename