Zoek.exe v5.0.0.0 Updated 04-May-2015 Tool run by Gebruiker on za 11/07/2015 at 13:59:20,75. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Gebruiker\Downloads\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 11/07/2015 14:01:03 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~2\di6BetterMarkIt deleted successfully C:\Program Files\log deleted successfully C:\Users\Gebruiker\AppData\Roaming\PeerNetworking deleted successfully C:\Users\Gebruiker\AppData\Roaming\Systweak deleted successfully C:\Users\Gebruiker\AppData\Local\EmieBrowserModeList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieSiteList deleted successfully C:\Users\Gebruiker\AppData\Local\EmieUserList deleted successfully C:\Users\Gebruiker\AppData\Local\VirtualStore deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.4.0 deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\WtuSystemSupport deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\WtuSystemSupport deleted successfully ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "vProt"=- ==== Deleting Files \ Folders ====================== C:\Program Files (x86)\AVG Web TuneUp deleted C:\Program Files (x86)\Common Files\AVG Secure Search deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\GEBRUI~1\AppData\Local\Temp ==== ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== ====== C:\Windows\Sysnative\drivers ===== 2015-06-26 07:49:10 E3DC1089EDAD57F5279804167E6142E9 293296 ----a-w- C:\Windows\Sysnative\drivers\avgidsdrivera.sys 2015-06-16 13:55:04 0CFB17D66DC1D76214F50E33C41CC8B6 259040 ----a-w- C:\Windows\Sysnative\drivers\avgldx64.sys ====== C:\Windows\Tasks ====== 2015-07-06 15:27:35 C533CBD4504098B3AABA3C6D0AA4854A 3148 ----a-w- C:\Windows\Sysnative\Tasks\ParetoLogic Registration3 2015-07-06 15:27:35 467CCB169D645A3B7081D575F4C1F404 476 ----a-w- C:\Windows\Tasks\ParetoLogic Registration3.job 2015-07-06 15:27:03 CFBC1601BBE9963D0A520A3B4121ECF6 408 ----a-w- C:\Windows\Tasks\PC Health Advisor Defrag.job 2015-07-06 15:27:03 B988A231C4C0366D54C3A58AB6D97BA8 3412 ----a-w- C:\Windows\Sysnative\Tasks\ParetoLogic Update Version3 2015-07-06 15:27:03 5887602DCAE80D7ABF515C8CA6A97446 3286 ----a-w- C:\Windows\Sysnative\Tasks\PC Health Advisor Defrag 2015-07-06 15:27:03 3222D1D2BBD4A35CDFBF4A1E6889E9B8 498 ----a-w- C:\Windows\Tasks\ParetoLogic Update Version3.job 2015-07-06 15:27:02 F14B262A7E3CA93DB4DE467E962349E7 390 ----a-w- C:\Windows\Tasks\PC Health Advisor.job 2015-07-06 15:27:02 762907E1AE6699E7635936CEEAFC9C6F 3318 ----a-w- C:\Windows\Sysnative\Tasks\PC Health Advisor ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-06-14 07:10:21 -------- d-----w- C:\Program Files\Common Files\AV ======= C:\PROGRA~2 ===== 2015-07-06 15:27:01 -------- d-----w- C:\PROGRA~2\COMMON~1\ParetoLogic 2015-07-06 15:27:00 -------- d-----w- C:\PROGRA~2\ParetoLogic 2015-06-21 10:28:32 -------- d-----w- C:\PROGRA~2\Browny02 2015-06-21 10:27:46 -------- d-----w- C:\PROGRA~2\Brother ======= C: ===== 2015-07-06 15:45:17 896DB65F662D4F77BDA1CE120B19592F 65 ----a-w- C:\0.bak ====== C:\Users\Gebruiker\AppData\Roaming ====== 2015-07-06 15:27:13 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\ParetoLogic 2015-07-06 15:27:13 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\DriverCure 2015-07-06 15:27:04 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ParetoLogic 2015-06-21 10:10:13 -------- d-----w- C:\Users\Gebruiker\AppData\Roaming\InstallShield ====== C:\Users\Gebruiker ====== 2015-07-11 10:33:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-07-06 15:27:00 -------- d-----w- C:\ProgramData\ParetoLogic 2015-07-02 07:08:35 900BAFD0953603A55D5A0E4950705216 2077392 ----a-w- C:\Users\Gebruiker\Downloads\IE11-Windows6.1.exe 2015-07-01 13:50:44 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Gebruiker\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853 (1).exe 2015-07-01 13:24:11 FEC2F27B4177267AE6CD92D71A42FCC1 45874680 ----a-w- C:\Users\Gebruiker\Downloads\eID-QuickInstaller-407-7466-signed_tcm227-258853.exe 2015-06-21 10:28:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Brother ====== C: exe-files == 2015-07-11 10:33:41 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\Gebruiker\Downloads\RSITx64.exe 2015-07-08 12:21:48 A6D6A93DD3E580D2FAE1E5ACFC684ECA 12970456 ----a-w- C:\Users\Gebruiker\Downloads\HID-apparaat a6d6a93dd3e580d2fae1e5acfc684eca\HID-apparaat a6d6a93dd3e580d2fae1e5acfc684eca.exe 2015-07-08 05:48:04 23C3ECCDA9F8A49FE7B5ED4518F4463F 2743376 ----a-w- C:\Program Files (x86)\Google\Update\Install\{0BB5E8C6-BD36-49F0-BB37-CA4B77757F7D}\43.0.2357.132_43.0.2357.130_chrome_updater.exe 2015-07-08 05:48:04 23C3ECCDA9F8A49FE7B5ED4518F4463F 2743376 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\43.0.2357.132\43.0.2357.132_43.0.2357.130_chrome_updater.exe 2015-07-05 09:22:09 9D30FB2A23EAB9F2867A6A31D91CD667 327592 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgndisa.exe 2015-07-05 09:20:49 E26E6EDBA1B6AADE1E4A4B605DC3A2D5 25512 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtesta.exe 2015-07-05 09:20:49 CB2EA60574065889A464298651366E29 6822672 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgmfapx.exe 2015-07-05 09:20:49 1190F9FF21FF0DBDF910691CCCE9691A 24488 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avgrdtestx.exe 2015-07-05 09:20:49 05A22E730907F77E77701051FA4BB3CA 71592 ----a-w- C:\Program Files (x86)\AVG\AVG2015\avguirux.exe === C: other files == 2015-07-08 12:32:51 5DF46D55067D8065014B31BF9D63F574 6117667 ----a-w- C:\Users\Gebruiker\Downloads\Synaptics PS2 Port TouchPad 5df46d55067d8065014b31bf9d63f574\Synaptics PS2 Port TouchPad 5df46d55067d8065014b31bf9d63f574.zip 2015-07-08 12:32:37 E4436B10FEEA143A4F585A5D7A68A39B 1094 ----a-w- C:\Users\Gebruiker\Downloads\Samengesteld USB-apparaat e4436b10feea143a4f585a5d7a68a39b\Samengesteld USB-apparaat e4436b10feea143a4f585a5d7a68a39b.zip 2015-07-08 12:29:49 60D173CCE449AB338AC4E1B8E0F942E5 33290743 ----a-w- C:\Users\Gebruiker\Downloads\Intel(R) HD Graphics Family 60d173cce449ab338ac4e1b8e0f942e5\Intel(R) HD Graphics Family 60d173cce449ab338ac4e1b8e0f942e5.zip 2015-07-08 12:22:41 31F3272929CAB6F916255AFF5CFB6943 144109622 ----a-w- C:\Users\Gebruiker\Downloads\USB-invoerapparaat 31f3272929cab6f916255aff5cfb6943\USB-invoerapparaat 31f3272929cab6f916255aff5cfb6943.zip 2015-07-08 12:21:39 28381EEA7A3E99819E68C88DE51163AF 5788258 ----a-w- C:\Users\Gebruiker\Downloads\Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) 28381eea7a3e99819e68c88de51163af\Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20) 28381eea7a3e99819e68c88de51163af.zip 2015-07-08 12:19:27 125773D8E5E369236226A85EC4973F81 52912107 ----a-w- C:\Users\Gebruiker\Downloads\Atheros AR5B97 Wireless Network Adapter 125773d8e5e369236226a85ec4973f81\Atheros AR5B97 Wireless Network Adapter 125773d8e5e369236226a85ec4973f81.zip 2015-07-08 07:04:40 9F93BC4D20CF5016F25E8623797E1667 4833357 ----a-w- C:\Users\Gebruiker\Downloads\nieuwe speler (2).zip 2015-07-08 07:04:39 9F93BC4D20CF5016F25E8623797E1667 4833357 ----a-w- C:\Users\Gebruiker\Downloads\nieuwe speler (1).zip 2015-07-08 07:04:37 9F93BC4D20CF5016F25E8623797E1667 4833357 ----a-w- C:\Users\Gebruiker\Downloads\nieuwe speler.zip 2015-07-07 13:09:31 A98FCFF394617E80237E3AC730531810 150704 ----a-w- C:\ProgramData\AVG2015\IDS\outbox\tmp_b043f704-1ab8-47cd-9c47-d5343d3667c9.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k" "LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe" "AVG_UI"="C:\Program Files (x86)\AVG\AVG2015\avgui.exe /TRAYONLY" "BCSSync"="C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices" "Absolute Notifier"="C:\Program Files (x86)\Absolute Software\Absolute Notifier\AbsoluteNotifier.exe" "BrStsMon00"="C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ccleaner"="C:\Program Files\CCleaner\CCleaner64.exe /AUTO" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "CCleaner Monitoring"="C:\Program Files\CCleaner\CCleaner64.exe /MONITOR" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2011-11-08 12:27:13 1778 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Acer VCM.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [Undetermined Task] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/12/2012 14:35] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [22/12/2012 14:35] C:\Windows\tasks\ParetoLogic Registration3.job --a------ C:\Windows\system32\rundll32GC:\Program Files (x86)\C:ommon Files\ParetoLogiC:\UUS3\UUS3.dll [] C:\Windows\tasks\ParetoLogic Update Version3.job --a------ C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [30/03/2011 01:51] C:\Windows\tasks\PC Health Advisor Defrag.job --a------ C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [30/03/2011 01:17] C:\Windows\tasks\PC Health Advisor.job --a------ [Undetermined Task] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Acrobat Update Task" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe] "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\ParetoLogic Registration3" [C:\Windows\system32\rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns] "C:\Windows\SysNative\tasks\ParetoLogic Update Version3" [C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe] "C:\Windows\SysNative\tasks\PC Health Advisor" [C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe] "C:\Windows\SysNative\tasks\PC Health Advisor Defrag" [C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4D16375F-DC24-44AE-B5E0-BD3E6616B9BE}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "zulagames@ZulaGames.com"="C:\Users\Gebruiker\AppData\Roaming\Mozilla\Extensions\zulagames@ZulaGames.com" [] [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{64F83971-486E-0F31-140E-EAE44DBF0E9C}"="C:\Program Files (x86)\di6BetterMarkIt\175.xpi" [] ==== Chromium Look ====================== Google Chrome Version: 43.0.2357.132 AVG Web TuneUp - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\chfdnecihphmhljaaejmgoiahnihplgn Allin1Convert - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\enhdkleldahgplgplciiapcbladjelbe MapsGalaxy - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\flcpildhclihlpljpfpojindpglggkpd Google Wallet - Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda ==== Chromium Startpages ====================== C:\Users\Gebruiker\AppData\Local\Google\Chrome\User Data\Default\Preferences last_used":1436536220.129614,"setting":1},"http://www.wittegids.be:80,http://www.wittegids.be:80":{"setting":1},"https://www.delijn.be:443,https://www.delijn.be:443":{"setting":2},"https://www.myedenred.be:443,https://www.myedenred.be:443":{"last_used":1435235000,"setting":1}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"http://www.hbvl.be:80,http://www.hbvl.be:80":{"fullscreen":1,"geolocation":1,"last_used":{"geolocation":1431704000}},"http://www.wittegids.be:80,http://www.wittegids.be:80":{"geolocation":1,"last_used":{"geolocation":1429971000}},"https://www.delijn.be:443,https://www.delijn.be:443":{"geolocation":2},"https://www.myedenred.be:443,https://www.myedenred.be:443":{"geolocation":1,"last_used":{"geolocation":1431951000}},"https://www.youtube.com:443,http://www.hbvl.be:80":{"fullscreen":1},"https://www.youtube.com:443,https://www.facebook.com:443":{"fullscreen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Persoon 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{},"selectfile":{"last_directory":"C:\\rsit"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13072171883771924"},"translate_accepted_count":{"en":0},"translate_blocked_languages":["nl"],"translate_denied_count":{"en":2},"translate_last_denied_time":1.428498e+12,"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}} ions":{"api":["identity","webview"],"explicit_host":["https://wallet-web.sandbox.google.com/*","https://wallet.google.com/*","https://www.google.com/*","https://www.googleapis.com/*"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13075999706453805","lastpingday":"13081071597847782","location":10,"manifest":{"app":{"background":{"scripts":["craw_background.js"]}},"current_locale":"nl","default_locale":"en","description":"Google Wallet voor digitale producten","display_in_launcher":false,"display_in_new_tab_page":false,"icons":{"128":"images/icon_128.png","16":"images/icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrKfMnLqViEyokd1wk57FxJtW2XXpGXzIHBzv9vQI/01UsuP0IV5/lj0wx7zJ/xcibUgDeIxobvv9XD+zO1MdjMWuqJFcKuSS4Suqkje6u+pMrTSGOSHq1bmBVh0kpToN8YoJs/P/yrRd7FEtAXTaFTGxQL4C385MeXSjaQfiRiQIDAQAB","manifest_version":2,"minimum_chrome_version":"29","name":"Google Wallet","oauth2":{"auto_approve":true,"client_id":"203784468217.apps.googleusercontent.com","scopes":["https://www.googleapis.com/auth/sierra","https://www.googleapis.com/auth/sierrasandbox","https://www.googleapis.com/auth/chromewebstore","https://www.googleapis.com/auth/chromewebstore.readonly"]},"permissions":["identity","webview","https://wallet.google.com/","https://wallet-web.sandbox.google.com/","https://www.google.com/","https://www.googleapis.com/*"],"update_url":"https://clients2.google.com/service/update2/crx","version":"0.1.1.0"},"path":"nmmhkkegccagdldgiimedpiccmgmieda\\0.1.1.0_0","preferences":{},"regular_only_preferences":{},"running":false,"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"pafkbggdmjlpgkdkcbjmhmfcdpncadgh":{"active_permissions":{"api":["alarms","gcm","identity","metricsPrivate","notifications","storage","tabs","webstorePrivate"],"explicit_host":["*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/*","https://*.googleusercontent.com/*"],"manifest_permissions":[]},"commands":{},"content_settings":[],"creation_flags":1,"events":["alarms.onAlarm","gcm.onMessage","identity.onSignInChanged","notifications.onButtonClicked","notifications.onClicked","notifications.onClosed","notifications.onPermissionLevelChanged","notifications.onShowSettings","pushMessaging.onMessage","runtime.onInstalled","runtime.onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13058648633000187","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","*://*.google.com/*","*://*.gstatic.com/*","https://*.googleapis.com/chromenow/v1/*","https://*.googleusercontent.com/*"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\38.0.2125.104\\resources\\google_now","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"8590C5864B9C7F80C338EB317C5438EFFBE5BE0B6B4AB49EFAB6F5A78FD5535A"},"default_search_provider":{"keyword":"D44C20A3AA0D129BF4F6A2D4D6E1ABF3FBBBDB5AC354B28105FF8D5A9CA0C09C","name":"75B110D604D0CE71808C6DB250BAF5AE5741367DE1AAD985DADDBDAAC45B7030","search_url":"60306FB0508EF77B8CE25C587F724240D893B5C54DF176CAF00ADB0899A80731"},"default_search_provider_data":{"template_url_data":"247694905766A4C46CD6BCCB90E448936C2C41321BB4861B00954CF5F509A209"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"CCBDB0FD5FD41647C62603D225FB43964DF9E858A0116C587C9AEB5311650540","bepbmhgboaologfdajaanbcjmnhjmhfn":"425ECA45BBF5C83C330FCA5A4CB6A33056C396A6D1B94C449ED61B78FE46158F","chfdnecihphmhljaaejmgoiahnihplgn":"729F0C8A88CD6027A65BA417EEBE33B39F2D224E3FE174B94009CD1BEB61DDFB","eemcgdkfndhakfknompkggombfjjjeno":"4D34D67605FE4529434882DD9A4B9E927ABC294995429C6380812A5BD29DE61C","enhdkleldahgplgplciiapcbladjelbe":"B1FA74C7EE07999CF8259B6D3B07D474E71BF1F4D3412FC904AF826A3CE5E553","ennkphjdgehloodpbhlhldgbnhmacadg":"9B7C9A45B59E31A6E9A6BD355232067F6266AF198E4AF84126A567EDFF642A0F","fcfenmboojpjinhpgggodefccipikbpd":"B48C4D3639A37E492FA3145C2EA8A17BFF61BAB875ACC999AF42E75B120DD58E","flcpildhclihlpljpfpojindpglggkpd":"6F8BA58FFE78C8C0BA3E1F6E17E6090EA5B2A529F20F2D31E1608B5AE9287686","gfdkimpbcpahaombhbimeihdjnejgicl":"C7009792AD58D760E9160043B5438FED151E0CDA8B61E46D7E585FF7F33A4B33","kmendfapggjehodndflmmgagdbamhnfd":"DB2A4A4A72E49C4BA97D5E7AFF7582BA452204686EE6FB4D6DD41B6E774ABC6F","mfehgcgbbipciphmccgaenjidiccnmng":"191A8848BA9F56187E92D9B6C8961A047FBBFDCB80E16C59CE19690A2FAA52DD","mfffpogegjflfpflabcdkioaeobkgjik":"52BD102C3456C08312BAD9B5ED7A6B32003B1172C58E812B430CF60714D52DCF","mgndgikekgjfcpckkfioiadnlibdjbkf":"B9465DE352131BD84C8BC3620853D53698173D3DD34C76BFA8C8D1E2218D6FD8","mhjfbmdgcfjbbpaeojofohoefgiehjai":"18B5DDF8C9004B5AD5C5BB47FEC7FA838BF694E42B67849901901549747FE490","neajdppkdcdipfabeoofebfddakdcjhd":"2307DB885FC2E6E7C03AD1C4BDE79A6831CFB09BA332240D90B500A6FB219A97","nkeimhogjdpnpccoofpliimaahmaaome":"5CE41BA2747A65D8FDEAE3DEF8424EFD3FA01CE8BE0A6DEF3344C2B4BA281C7A","nmmhkkegccagdldgiimedpiccmgmieda":"B44AA98DE35DAAE5C3FA099E49EA26DC4BD4A5C690FEB02C89D332B18E7867E7","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"FB6359AB7B7019C425A7F485E3EB0AEE463C7DD45992A0D163F05FFBD073CCD5"}},"google":{"services":{"last_username":"77EB4A22F87292AC614F12A385488F3FD87BDA6C1E5A6B3F1032C67B00C969F2","username":"AAA18059DEF5430F7F4D4293E9070FB85C920D55CFD039E531F9EC7B2F643843"}},"homepage":"27815E0B821E72D40E83B6707B8BAB8FF0D19F4E700FCFD96A562D3CE410CDE8","homepage_is_newtabpage":"36A6B47BB21B06B83DE6EE7FD8034225BAE2D8552DD10264DDE6C9EA14E44508","pinned_tabs":"1681AB7EDB6D3C8EB747DE13E6E1222652CF4E83E972FC106E99BD2E0C4224A9","prefs":{"preference_reset_time":"843EB07E7279BD68AD604722E5F238F8296341D6C40A2D2AC9192A32EECD7AA1"},"profile":{"reset_prompt_memento":"D4D0F10248EE097B25904E5FD4BFB36B7E84C688E110317C7FA0969AB1E2B5D2"},"safebrowsing":{"incidents_sent":"98E74B954FF6D5707F4E42BFD241D03BD036046BF62CA7187155BCF98AADD011"},"search_provider_overrides":"FA0D0CF2B5854EB34D73881C86B7D0B3639C838B6FA1D080E9530D41329ADBE7","session":{"restore_on_startup":"8382905A47AC2F3C391E2DB6F334CE35C826C66798831D40BB29C0E3468F3E31","startup_urls":"1E67786B5A5CD172D92BE16DB422C811CC8E0212382571DD86090839353F5B3E"},"software_reporter":{"prompt_reason":"C9F00B851AD7952E535678BAE521A99EB27AB19187CEC04C39816F649DB3C862","prompt_seed":"B013CDA1B949DE05D014C9B1A73DEA5352E9E78E63ABECF9A793888428453BDA","prompt_version":"CE9ACC8B6EF1A50478F97403A2B7AF2FC56DE2E36FFD4C5E964DB274151A6B93"},"sync":{"remaining_rollback_tries":"B59ECD2C5D133D61441B15AEF328919DBDDBB722C32150738885CB0A5F2DEDEF"}},"super_mac":"D0F1E9C2883D6EFB88B7E3FC9D7766AC14BEFB25BD7506069FEBA7443BC9BA8C"},"session":{"restore_on_startup":4,"startup_urls":["https://app.cubigo.com/"]},"sync":{"remaining_rollback_tries":0}} ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Mozilla\Firefox\Extensions\speedanalysis02@SpeedAnalysis.com deleted successfully HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Mozilla\Firefox\Extensions\zulagames@ZulaGames.com deleted successfully HKEY_USERS\S-1-5-21-2445655787-1003745041-3190520748-1000\Software\Mozilla\Firefox\Extensions\{64F83971-486E-0F31-140E-EAE44DBF0E9C} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{d4da7309-b89a-45ec-8ebb-cfb2ae13618b} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{4ED1F68A-5463-4931-9384-8FFF5ED91D92} deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\speedanalysis02@SpeedAnalysis.com deleted successfully HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\zulagames@ZulaGames.com deleted successfully ==== Reset IE Proxy ====================== Value(s) before fix: "ProxyServer"="http=127.0.0.1:14186;https=127.0.0.1:14186" "ProxyEnable"=dword:00000000 Value(s) after fix: "ProxyEnable"=dword:00000000 ==== C:\zoek_backup content ====================== C:\zoek_backup (files=178 folders=48 85732071 bytes) ==== EOF on za 11/07/2015 at 14:08:01,54 ======================