
Zoek.exe v5.0.0.0 Updated 28-07-2014
Tool run by Leon on di 29-07-2014 at 14:14:31,18.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Leon\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

29-7-2014 14:17:11 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\a2zLyrics-1 deleted successfully
C:\PROGRA~2\ASIO4ALL v2 deleted successfully
C:\PROGRA~2\Ask.com deleted successfully
C:\PROGRA~2\ContinueToSave deleted successfully
C:\PROGRA~2\SoftQuick deleted successfully
C:\PROGRA~2\SW-Booster deleted successfully
C:\PROGRA~2\uTorrent deleted successfully
C:\PROGRA~2\VST deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\PROGRA~3\Guitar Pro 6 deleted successfully
C:\PROGRA~3\mySongBook Player deleted successfully
C:\Users\Leon\AppData\Roaming\Awesomium deleted successfully
C:\Users\Leon\AppData\Roaming\SupTab deleted successfully
C:\Users\Leon\AppData\Roaming\SynthMaker deleted successfully
C:\Users\Leon\AppData\Roaming\TP deleted successfully
C:\Users\Leon\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Leon\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{01bd49d7-c76b-4310-8beb-14d7e5f322c6} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6DD1FDE2-5BA2-4C8A-B500-787DB29617B8} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2476} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{94DA6B7D-315A-A362-4AAD-93810A2C855B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{94DA6B7D-315A-A362-4AAD-93810A2C855B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94DA6B7D-315A-A362-4AAD-93810A2C855B} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
C:\ProgramData\IePluginServices\PluginService.exe
C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
C:\Users\Leon\AppData\Roaming\Yontoo\YontooDesktop.exe
C:\Users\Leon\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
C:\ProgramData\Premium\Codec\Codec.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
C:\Program Files (x86)\MagicDisc\MagicDisc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\Leon\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Driver Detective deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Driver Detective deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginServices deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginServices deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found
---- Lines GadgetBox removed from prefs.js ----
user_pref("browser.search.order.1", "GadgetBox");
user_pref("browser.search.defaultenginename", "GadgetBox");
user_pref("browser.search.selectedEngine", "GadgetBox");
user_pref("browser.search.order.1,S", "GadgetBox");
user_pref("browser.search.defaultenginename,S", "GadgetBox");
user_pref("browser.search.selectedEngine,S", "GadgetBox");
---- FireFox user.js and prefs.js backups ---- 

prefs_29-07-2014_1450_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0B57CBE8-BA60-D38D-ABBB-C1DE7D2F5059}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{182ABDF8-37DD-517E-DE07-32D8B74F6F32}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4F33DC74-8D1E-6427-E6D6-D3C9372509D8}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6AF2E822-43CC-4B33-F952-D89A1E836E95}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA045504-363F-0CBC-779D-CAE80C82F82B}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{94DA6B7D-315A-A362-4AAD-93810A2C855B}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA045504-363F-0CBC-779D-CAE80C82F82B}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Optimizer Pro"=- 
"Driver Detective"=- 
"Yontoo Desktop"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
"SweetIM"=- 
"Sweetpacks Communicator"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe] 

==== Deleting Files \ Folders ======================

C:\Users\Leon\AppData\Roaming\SupTab not found
C:\Program Files (x86)\SW-Booster not found
c:\programdata\trusted publisher deleted
c:\programdata\blueocean deleted
C:\ProgramData\BlockkUaTubEAD deleted
C:\Program Files (x86)\sAvee on deleted
C:\ProgramData\DDownSSave deleted
C:\ProgramData\DiiscouanntExTEnSI deleted
C:\ProgramData\CheaPMe deleted
C:\Program Files (x86)\Settings Manager deleted
C:\ProgramData\systemk deleted
C:\ProgramData\IePluginServices deleted
C:\Program Files (x86)\SupTab deleted
C:\ProgramData\sAvee on deleted
C:\ProgramData\DigiCoupon deleted
C:\ProgramData\Codec-V deleted
C:\ProgramData\SAvoerEXttEinSiion deleted
C:\ProgramData\SavaeLoTs deleted
C:\ProgramData\hmojekoicljpbllcfchgcamlljolbjcj deleted
C:\ProgramData\ngahoianpbocdpchnfoehjlcgeplfopn deleted
C:\ProgramData\AllSSavveR deleted
C:\Program Files (x86)\GadgetBox deleted
C:\Program Files (x86)\1ClickDownload deleted
C:\Users\Leon\AppData\LocalLow\{0B57CBE8-BA60-D38D-ABBB-C1DE7D2F5059} deleted
C:\Users\Leon\AppData\LocalLow\{182ABDF8-37DD-517E-DE07-32D8B74F6F32} deleted
C:\Users\Leon\AppData\LocalLow\{20770444-E238-272F-C7A9-AD465E2244E9} deleted
C:\Users\Leon\AppData\LocalLow\{4F33DC74-8D1E-6427-E6D6-D3C9372509D8} deleted
C:\Users\Leon\AppData\LocalLow\{6AF2E822-43CC-4B33-F952-D89A1E836E95} deleted
C:\Users\Leon\AppData\LocalLow\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted
C:\Users\Leon\AppData\LocalLow\{94DA6B7D-315A-A362-4AAD-93810A2C855B} deleted
C:\Users\Leon\AppData\LocalLow\{AA045504-363F-0CBC-779D-CAE80C82F82B} deleted
C:\Users\Leon\AppData\LocalLow\{E456D51C-2D25-B175-193A-B2C69F4F21A5} deleted
C:\Users\Leon\AppData\LocalLow\{F1267E04-BB11-BEAD-F4E4-A56AB3C21BB9} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{20770444-E238-272F-C7A9-AD465E2244E9} deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\{F1267E04-BB11-BEAD-F4E4-A56AB3C21BB9} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{0B57CBE8-BA60-D38D-ABBB-C1DE7D2F5059} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{182ABDF8-37DD-517E-DE07-32D8B74F6F32} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{4F33DC74-8D1E-6427-E6D6-D3C9372509D8} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{6AF2E822-43CC-4B33-F952-D89A1E836E95} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{6B108D8E-25C1-02C7-BA2C-F814E1F9C872} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{94DA6B7D-315A-A362-4AAD-93810A2C855B} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{AA045504-363F-0CBC-779D-CAE80C82F82B} deleted
C:\Users\Leon\AppData\Local\Packages\windows_ie_ac_001\AC\{E456D51C-2D25-B175-193A-B2C69F4F21A5} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{20770444-E238-272F-C7A9-AD465E2244E9} deleted
C:\Windows\SysNative\config\systemprofile\AppData\Local\Packages\windows_ie_ac_001\AC\{F1267E04-BB11-BEAD-F4E4-A56AB3C21BB9} deleted
C:\PROGRA~3\Browser Enhancer deleted
C:\PROGRA~3\2160b473007af84a deleted
C:\PROGRA~3\SoftSafe deleted
C:\PROGRA~3\WinterSoft deleted
C:\PROGRA~3\WoW Worldwide Software LTD deleted
C:\PROGRA~3\Adblocker deleted
C:\PROGRA~2\Adblocker deleted
C:\PROGRA~2\Mozilla Firefox\user.js deleted
C:\PROGRA~2\SearchNewTab deleted
C:\PROGRA~2\BitAccelerator deleted
C:\PROGRA~2\Yontoo deleted
C:\PROGRA~2\Incredibar.com deleted
C:\Program Files\IB Updater deleted
C:\found.000 deleted
C:\Users\Leon\AppData\Roaming\PCCUStubInstaller deleted
C:\Users\Leon\AppData\Roaming\Optimizer Pro deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\Partner deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\SearchNewTab deleted
C:\PROGRA~3\continuetosave deleted
C:\PROGRA~3\SweetIM deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Tarma Installer deleted
C:\Users\Leon\AppData\Local\DirectDownloader deleted
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codec-V deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\continuetosave deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro deleted
C:\Users\Leon\Searches deleted
C:\Users\Leon\Downloads\SoftonicDownloader_voor_vlc-media-player.exe deleted
C:\Users\Leon\AppData\LocalLow\SweetIM deleted
C:\Users\Leon\AppData\LocalLow\continuetosave deleted
C:\Users\Leon\AppData\LocalLow\Incredibar.com deleted
C:\Windows\tasks\Upd Inst-S-5029066965.job deleted
C:\windows\SysNative\tasks\CodecUpdaterTask{44438126-AD76-45E1-AAC7-E01CC0802223} deleted
C:\windows\SysNative\tasks\ContinueToSaveUpdaterTask{60B0426F-031D-4097-B4D3-CA0F9D5E9F4C} deleted
C:\Windows\tasks\CodecUpdaterTask{44438126-AD76-45E1-AAC7-E01CC0802223}.job deleted
C:\Windows\tasks\ContinueToSaveUpdaterTask{60B0426F-031D-4097-B4D3-CA0F9D5E9F4C}.job deleted
C:\user.js deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Windows\Syswow64\sho1F66.tmp deleted
C:\Windows\Syswow64\sho920A.tmp deleted
C:\Windows\Syswow64\SearchProtect deleted
C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\WebSearch.xml deleted
C:\Windows\Installer\{7683B745-6060-41FD-AA75-0BBB383FEAD4} deleted
C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\OneClickDownload@OneClickDownload.com deleted
"C:\Windows\tasks\SW-Booster-S-792098896.job" deleted
"C:\Windows\Installer\9a7fc08.msi" deleted
"C:\Windows\Installer\9a7fc0e.msi" deleted
"C:\Windows\Installer\9a7fc02.msi" deleted
"C:\Users\Leon\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\searchplugins\GadgetBox.xml" deleted
"C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\PROGRA~2\Optimizer Pro\OptProReminder.exe" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\YontooDesktop.exe" deleted
"C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll" deleted
"C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll" deleted
"C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll" deleted
"C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll" deleted
"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" deleted
"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Agent.Common.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Agent.Communication.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Agent.Communication.XmlSerializers.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Common.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\ExceptionLogging.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\ICSharpCode.SharpZipLib.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Interop.WUApiLib.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.ApplicationBlocks.Updater.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.Practices.EnterpriseLibrary.Common.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll" not deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.Practices.ObjectBuilder.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.Win32.TaskScheduler.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\RuleEngine.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\ThemePack.Default.dll" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\XPBurnComponent.dll" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\ProgramData\Premium\Codec\Codec.exe" deleted
"C:\ProgramData\Premium\ContinueToSave\ContinueToSave.exe" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\PROGRA~2\SweetIM\Communicator\mgcommon.dll" deleted
"C:\PROGRA~2\SweetIM\Communicator\mgcommunication.dll" deleted
"C:\PROGRA~2\SweetIM\Communicator\mgsimcommon.dll" deleted
"C:\PROGRA~2\SweetIM\Communicator\mgxml_wrapper.dll" deleted
"C:\PROGRA~2\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgAdaptersProxy.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgcommon.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgcommunication.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgconfig.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mghooking.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgsimcommon.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgUpdateSupport.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\mgxml_wrapper.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\msvcp71.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\msvcr71.dll" deleted
"C:\PROGRA~2\SweetIM\Messenger\SweetIM.exe" deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat\Desktop.OS.Plugin.dll" deleted
"C:\PROGRA~3\Premium\Codec\Codec.exe" deleted
"C:\PROGRA~3\Premium\ContinueToSave\ContinueToSave.exe" deleted
"C:\Program Files (x86)\SweetIM" not deleted
"C:\Program Files (x86)\Optimizer Pro" deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo" deleted
"C:\ProgramData\Premium" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo" deleted
"C:\PROGRA~2\Optimizer Pro" deleted
"C:\PROGRA~2\SweetIM" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo" deleted
"C:\PROGRA~3\Premium" not deleted
"C:\Program Files (x86)\SweetIM\Communicator" not deleted
"C:\Program Files (x86)\SweetIM\Messenger" not deleted
"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat" deleted
"C:\ProgramData\Premium\Codec" not deleted
"C:\ProgramData\Premium\ContinueToSave" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat" deleted
"C:\PROGRA~2\SweetIM\Communicator" not deleted
"C:\PROGRA~2\SweetIM\Messenger" not deleted
"C:\Users\Leon\AppData\Roaming\Yontoo\dat" deleted
"C:\PROGRA~3\Premium\Codec" not deleted
"C:\PROGRA~3\Premium\ContinueToSave" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4001 MB
CPU Info: Intel(R) Pentium(R) CPU B940 @ 2.00GHz
CPU Speed: 2008,2 MHz
Sound Card: Speakers (Realtek High Definiti | 
Display Adapters: Intel(R) HD Graphics Family | Intel(R) HD Graphics Family | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Generic PnP Monitor | 
Screen Resolution: 1024 X 768 - 32 bit
Network: Network Present
Network Adapters: Atheros AR9285 Wireless Network Adapter | Atheros AR8151 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
CD / DVD Drives: 3x (D: | E: | F: | ) D: MATSHITADVD-RAM UJ8A0ASW | E: DTSOFT  BDROM            | F: MagicISOVirtual DVD-ROM
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 3 Button Wheel Mouse Present
Hard Disks: C:  273,1GB | Q:  0,0MB
Hard Disks - Free: C:  137,5GB | Q:  0,0MB
Manufacturer *: American Megatrends Inc.
BIOS Info: AT/AT COMPATIBLE | 09/26/11 | _ASUS_ - 6222004
Time Zone: West-Europa (standaardtijd)
Motherboard *: ASUSTeK Computer Inc. K54L
Country: Nederland 
Language: NLD 

==== System Specs (Software) ======================

Anti-Virus: Trend Micro Titanium Internet Security On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Trend Micro Titanium Internet Security disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Default Browser: Google Chrome	31.0.1650.63
Internet Explorer Version: 11.0.9600.17207 
Google Chrome version: 31.0.1650.63
Sun Java version: 1.7.0_17 (32-bit) 
Shockwave Player version: 11.6.6r636

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-07-28 12:35:29	357CEBBCD99C8928A2D1A61A6CACC168	43152	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Leon\AppData\Local\Temp ====
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-07-28 12:35:33	B46B41CE922CE5B7B055A28226DE2D79	307344	----a-w-	C:\Windows\Sysnative\aswBoot.exe
====== C:\Windows\Sysnative\drivers =====
2014-07-28 12:35:43	B8FDEDE963B82CFD23B3A53A3084666D	1041168	----a-w-	C:\Windows\Sysnative\drivers\aswSnx.sys
2014-07-28 12:35:43	48DED912CDE54FC0923B9858512366E1	92008	----a-w-	C:\Windows\Sysnative\drivers\aswStm.sys
2014-07-28 12:35:43	471A311745848B80339436688A8286E6	224896	----a-w-	C:\Windows\Sysnative\drivers\aswVmm.sys
2014-07-28 12:35:43	0DEDC041DF594AEC2C3BD00417CFAF60	427360	----a-w-	C:\Windows\Sysnative\drivers\aswsp.sys
2014-07-28 12:35:42	FF1E537A3632CBB9A0BF72B9FD0878D5	79184	----a-w-	C:\Windows\Sysnative\drivers\aswMonFlt.sys
2014-07-28 12:35:42	D95E64416A4A3ED6986E0F474DA934BD	29208	----a-w-	C:\Windows\Sysnative\drivers\aswHwid.sys
2014-07-28 12:35:42	645D97385F3F284FB5604F9B970F4D24	65776	----a-w-	C:\Windows\Sysnative\drivers\aswRvrt.sys
2014-07-28 12:35:41	A5757DE5F9C83AB40667A53D5126EA40	93568	----a-w-	C:\Windows\Sysnative\drivers\aswRdr2.sys
2014-07-10 11:22:26	FA886682CFC5D36718D3E436AACF10B9	497152	----a-w-	C:\Windows\Sysnative\drivers\afd.sys
====== C:\Windows\Tasks ======
2014-07-28 12:36:15	4DA951DD51D335F82002BDC5674120A3	4182	----a-w-	C:\Windows\Sysnative\Tasks\avast! Emergency Update
====== C:\Windows\Temp ======
======= C:\Program Files =====
======= C:\PROGRA~2 =====
2014-07-15 20:28:20	--------	d-----w-	C:\PROGRA~2\VideoLAN
2014-07-01 14:26:30	--------	d-----w-	C:\PROGRA~2\EZDownloader
2014-07-01 14:17:59	--------	d-----w-	C:\PROGRA~2\FWsim Pro
======= C: =====
====== C:\Users\Leon\AppData\Roaming ======
2014-07-15 20:29:05	--------	d-----w-	C:\Users\Leon\AppData\Roaming\vlc
2014-07-15 20:29:05	--------	d-----w-	C:\Users\Leon\AppData\Local\Linkey
2014-07-01 14:25:32	--------	d-----w-	C:\Users\Leon\AppData\Local\Chromatic Browser
2014-07-01 14:25:32	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-01 14:25:32	--------	d-----w-	C:\Users\Gast\AppData\Local\Chromatic Browser
2014-07-01 14:25:32	--------	d-----w-	C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-01 14:25:31	--------	d-----w-	C:\Users\Leon\AppData\Local\Torch
2014-07-01 14:25:31	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-01 14:25:31	--------	d-----w-	C:\Users\Gast\AppData\Local\Torch
2014-07-01 14:25:31	--------	d-----w-	C:\Users\Administrator\AppData\Local\Torch
2014-07-01 14:25:30	--------	d-----w-	C:\Users\Leon\AppData\Local\Comodo
2014-07-01 14:25:30	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-01 14:25:30	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-01 14:25:30	--------	d-----w-	C:\Users\Gast\AppData\Local\Google
2014-07-01 14:25:30	--------	d-----w-	C:\Users\Gast\AppData\Local\Comodo
2014-07-01 14:25:30	--------	d-----w-	C:\Users\Administrator\AppData\Local\Comodo
2014-07-01 14:25:29	--------	d-----w-	C:\Users\Administrator\AppData\Local\Google
====== C:\Users\Leon ======
2014-07-29 11:28:44	9A1F9D127E02C49E9D04FF778A8A64DF	1134832	----a-w-	C:\Users\Leon\Downloads\Player_Setup.exe
2014-07-29 10:07:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Leon\Downloads\RSITx64 (1).exe
2014-07-29 09:51:01	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Leon\Downloads\RSITx64.exe
2014-07-28 17:44:20	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Leon\Downloads\ccsetup416 (1).exe
2014-07-28 17:44:16	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Leon\Downloads\ccsetup416.exe
2014-07-28 12:36:42	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-28 12:35:52	F21B936A43B39C22C929271661A1E598	36818984	----a-w-	C:\Users\Public\Desktop\DropboxInstallerAvast.exe
2014-07-28 12:30:23	4AF4D1D156DF61FC7364D1193862A068	4862664	----a-w-	C:\Users\Leon\Downloads\avast_free_antivirus_setup_online.exe
2014-07-15 20:28:47	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-07-15 20:27:17	DF463B4C69C1531D1DA7DA3E30E7F8B5	24677393	----a-w-	C:\Users\Leon\Desktop\vlc-2-1-3-win32.exe
2014-07-01 14:25:30	--------	d-----w-	C:\Users\HomeGroupUser$\AppData
2014-07-01 14:25:29	--------	d-----w-	C:\Users\Gast\AppData
2014-07-01 14:25:29	--------	d-----w-	C:\Users\Administrator\AppData
2014-07-01 14:18:01	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FWsim Pro

====== C: exe-files ==
2014-07-29 11:28:44	9A1F9D127E02C49E9D04FF778A8A64DF	1134832	----a-w-	C:\Users\Leon\Downloads\Player_Setup.exe
2014-07-29 10:07:08	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Leon\Downloads\RSITx64 (1).exe
2014-07-29 09:51:36	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\Trend Micro\Leon.exe
2014-07-29 09:51:01	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Leon\Downloads\RSITx64.exe
2014-07-28 17:44:20	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Leon\Downloads\ccsetup416 (1).exe
2014-07-28 17:44:16	4128AE55522EFFB4CE9611E8E62B779A	4813544	----a-w-	C:\Users\Leon\Downloads\ccsetup416.exe
2014-07-28 12:30:23	4AF4D1D156DF61FC7364D1193862A068	4862664	----a-w-	C:\Users\Leon\Downloads\avast_free_antivirus_setup_online.exe
2014-07-22 17:12:32	A02762F944EE4E86655CFCAB84FA6BD7	1329744	----a-w-	C:\Users\Leon\AppData\Roaming\uTorrent\updates\3.4.2_32239.exe
=== C: other files ==
2014-07-28 12:35:43	B8FDEDE963B82CFD23B3A53A3084666D	1041168	----a-w-	C:\Windows\System32\drivers\aswSnx.sys
2014-07-28 12:35:43	48DED912CDE54FC0923B9858512366E1	92008	----a-w-	C:\Windows\System32\drivers\aswStm.sys
2014-07-28 12:35:43	471A311745848B80339436688A8286E6	224896	----a-w-	C:\Windows\System32\drivers\aswVmm.sys
2014-07-28 12:35:43	0DEDC041DF594AEC2C3BD00417CFAF60	427360	----a-w-	C:\Windows\System32\drivers\aswsp.sys
2014-07-28 12:35:42	FF1E537A3632CBB9A0BF72B9FD0878D5	79184	----a-w-	C:\Windows\System32\drivers\aswMonFlt.sys
2014-07-28 12:35:42	D95E64416A4A3ED6986E0F474DA934BD	29208	----a-w-	C:\Windows\System32\drivers\aswHwid.sys
2014-07-28 12:35:42	645D97385F3F284FB5604F9B970F4D24	65776	----a-w-	C:\Windows\System32\drivers\aswRvrt.sys
2014-07-28 12:35:41	A5757DE5F9C83AB40667A53D5126EA40	93568	----a-w-	C:\Windows\System32\drivers\aswRdr2.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Leon\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Remote Control Server"="C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Nuance PDF Reader-reminder"="C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe -r C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
"ASUSPRP"="C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
"ASUSWebStorage"="C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S"
"SonicMasterTray"="C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe"
"ATKOSD2"="C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe"
"ATKMEDIA"="C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe"
"HControlUser"="C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe"
"Wireless Console 3"="C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe"
"UpdateLBPShortCut"="C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\LabelPrint UpdateWithCreateOnce Software\CyberLink\LabelPrint\2.5"
"UpdateP2GoShortCut"="C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\CyberLink\Power2Go UpdateWithCreateOnce SOFTWARE\CyberLink\Power2Go\6.0"
"SweetIM"="C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"
"Sweetpacks Communicator"="C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
"Spotify"="C:\Users\Leon\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"Remote Control Server"="C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\PROGRA~2\\SupTab\\SEARCH~1.DLL"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"VizorHtmlDialog.exe"="C:\Program Files\Trend Micro\Titanium\UIFramework\VizorHtmlDialog.exe DEF EULA C:\Program Files\Trend Micro\Titanium\UI\Installer.cmpt\resources\preinstall_01_welcome_trial.html DEF DEF DEF"
"Trend Micro Client Framework"="C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe"
"Trend Micro Titanium"="C:\Program Files\Trend Micro\Titanium\VizorShortCut.exe -ReFlush none none"
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"RtHDVBg"="C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe /SF3 "
"AtherosBtStack"="C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
"AthBtTray"="C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
"ETDCtrl"="%ProgramFiles%\Elantech\ETDCtrl.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ASUS Screen Saver Protector]
"command"="C:\\Windows\\AsScrPro.exe"
"hkey"="HKLM"
"item"="ASUS Screen Saver Protector"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\CLMLServer]
"command"="\"C:\\Program Files (x86)\\CyberLink\\Power2Go\\CLMLSvc.exe\""
"hkey"="HKLM"
"item"="CLMLServer"
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\RtHDVCpl]
"command"="C:\\Program Files\\Realtek\\Audio\\HDA\\RAVCpl64.exe -s"
"hkey"="HKLM"
"item"="RtHDVCpl"
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"


==== Startup Folders ======================

2012-09-12 07:31:56	991	----a-w-	C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
2012-09-24 18:37:13	1237	----a-w-	C:\Users\Leon\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
2011-04-13 02:49:43	2062	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AsusVibeLauncher.lnk
2012-08-06 21:43:28	2617	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [C:\Program Files (x86)\Google\Chrome\Application\chrome.exe]
"C:\Windows\SysNative\tasks\ACMON" [C:\Program Files (x86)\ASUS\Splendid\ACMON.exe]
"C:\Windows\SysNative\tasks\ASUS P4G" [C:\Program Files\P4G\BatteryLife.exe]
"C:\Windows\SysNative\tasks\ASUS SmartLogon Console Sensor" [C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe]
"C:\Windows\SysNative\tasks\ATKOSD2" [C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\Driver Detective-RTMRules" [C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe]
"C:\Windows\SysNative\tasks\Driver Detective-RTMScan" [C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe]
"C:\Windows\SysNative\tasks\Driver Detective-RTMUpdater" [C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\DriversHQ.DriverDetective.Client.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{563353A6-3A5F-481A-A047-8BD13ECF2AA3}" [C:\Users\Leon\Downloads\UR80_WinXPDrv201\Setup.exe]
"C:\Windows\SysNative\tasks\{58CC13F6-19FD-4A19-A7E1-6E71CCBE7F57}" [C:\Users\Leon\Downloads\UR80_WinXPDrv201\Setup.exe]
"C:\Windows\SysNative\tasks\{9FFA7DE5-158D-4FF5-97F3-8263076E0D46}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{B9908CEC-C83A-458C-806D-F99D35B6028C}" [C:\Program Files (x86)\Electronic Arts\De Sims 3\Game\Bin\Sims3Launcher.exe]
"C:\Windows\SysNative\tasks\{BE2DD466-D1EE-4B6C-95C8-7F87EA0BD036}" [C:\Users\Leon\Downloads\UR80_WinXPDrv201\Setup.exe]
"C:\Windows\SysNative\tasks\{CDF878E0-7F6D-4C16-8BB9-7F81EE315974}" [C:\Program Files\Native Instruments\Guitar Rig 5\Guitar Rig 5.exe]
"C:\Windows\SysNative\tasks\{F82A949D-3013-4EAE-A2E5-178F9E39F176}" [C:\Users\Leon\Desktop\UR-80_win_vista\Setup.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}"="C:\Program Files\IB Updater\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"wrc@avast.com"="C:\Program Files\AVAST Software\Avast\WebRep\FF" [28-07-2014 14:35]

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[28-07-2014 14:35]
jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]
ndbbbnjdaeemkgcopdgflfdidpfekhaf - C:\ProgramData\Codec-V\ndbbbnjdaeemkgcopdgflfdidpfekhaf.crx[]
niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]
pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader11.crx[]

Save Best - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Administrator\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Gast\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Gast\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Leon\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Leon\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Leon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Leon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Google Docs - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Last updated at time on date - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Google Search - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Tab Manager - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coonecdghnepgiblpccbbihiahajndda
Save Best - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
Renren Album Downloader - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmkdplopmpkfnlefdldpkbcmihgcdec
DDownSSave - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\giodcgkeoeoclglocjhailikpdkglojg
RAndoomPricE - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmkeoikigjmonhdkolijfkfabopchplb
Free Slots - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncgkjfgbkncmgekiidabkngldhokoio
avast Online Security - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
BlockkUaTubEAD - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmojekoicljpbllcfchgcamlljolbjcj
SavaeLoTs - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogdhnpecenngaggocihdkfhmngibcgm
Facebook Color Changer Enhancer - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbdkclmnkbjelpeddibimjmgofgkdagn
DiscounntExTensI - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledegekgpinpjdnaaeffflcgbhoeaepn
sAvee on - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Google Wallet - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
The Key for YouTube - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmnfpmhdanicbahccgohnanecaphfmb
Gmail - Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
Save Best - Leon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Leon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj
Save Best - Leon\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm
sAvee on - Leon\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj

==== Chrome Fix ======================

C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\hmojekoicljpbllcfchgcamlljolbjcj deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_hmojekoicljpbllcfchgcamlljolbjcj_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\giodcgkeoeoclglocjhailikpdkglojg deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_giodcgkeoeoclglocjhailikpdkglojg_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\iogdhnpecenngaggocihdkfhmngibcgm deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_iogdhnpecenngaggocihdkfhmngibcgm_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Leon\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Leon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Leon\AppData\Local\Torch\User Data\Default\Extensions\mdpmebehhdbjmefnakkdbdhdikkojkbj deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Torch\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\coonecdghnepgiblpccbbihiahajndda deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\enmkdplopmpkfnlefdldpkbcmihgcdec deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_enmkdplopmpkfnlefdldpkbcmihgcdec_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmkeoikigjmonhdkolijfkfabopchplb deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gmkeoikigjmonhdkolijfkfabopchplb_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\gncgkjfgbkncmgekiidabkngldhokoio deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\kbdkclmnkbjelpeddibimjmgofgkdagn deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kbdkclmnkbjelpeddibimjmgofgkdagn_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\ledegekgpinpjdnaaeffflcgbhoeaepn deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ledegekgpinpjdnaaeffflcgbhoeaepn_0.localstorage deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgmnfpmhdanicbahccgohnanecaphfmb deleted successfully
C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pgmnfpmhdanicbahccgohnanecaphfmb_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.msn.com/?pc=AV01"
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.msn.com/?pc=AV01"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{632F07F3-19A1-4d16-A23F-E6CE9486BAB5}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} Microsoft (Bing) Url="http://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Unknown  Url="Not_Found"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F4016282-746B-5303-6F76-6CA8406A4A88} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F4016282-746B-5303-6F76-6CA8406A4A88} deleted successfully
HKEY_USERS\S-1-5-21-869774881-950611705-1935986000-1000\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F4016282-746B-5303-6F76-6CA8406A4A88} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\547B38670606DF14AA57B0BB83F3AE4D deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Codec deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ContinueToSave deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{19355D02-0E24-4300-B23F-EC963C772066} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{98BBF58F-8572-4C1F-AEF4-CD504358D779} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BDAA5976-FF54-D3B9-A216-58475128EE3F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E762DE7B-DE18-4B36-A9DD-963A3C81FC8D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\29397fe7-51b4-455f-a7d9-320f03d1b19c deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{41A30526-74B2-D441-F6BE-1C6A1D6F822E} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B909F805-7F40-4B31-A5F0-C37493B1CA94} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C980C820-F1AA-958A-81DD-DA5787C59275} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndbbbnjdaeemkgcopdgflfdidpfekhaf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\S-5029066965 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\GadgetBox deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CB59E2C0-06A6-D3B1-5C99-240E857075D2} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{993EA8F6-6E55-7E4E-39DE-5796E3226DB9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{35E13884-BAC3-5F4A-799B-05F882E0BD9F} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{AF992111-52BE-832B-5882-8477E4A3C99A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{B138259A-351E-33FA-2726-8D71704F1DA9} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{274E3C5C-178E-EAE2-A52F-2863C0EECD46} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F5853CDF-2C63-6D1D-B286-CBB1CD5DFD62} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{F6C44C71-2CFE-8176-3A4D-CBD0DCE5AEFA} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{CE94DD89-7404-B4B9-E713-E55CC0AB6C3B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{5717af3d} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5F189DF5-2D05-472B-9091-84D9848AE48B}{1a34a8e0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{7683B745-6060-41FD-AA75-0BBB383FEAD4} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\547B38670606DF14AA57B0BB83F3AE4D deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [Nuance PDF Reader-reminder] "C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Reader\Ereg\Ereg.ini"
O4 - HKLM\..\Run: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
O4 - HKLM\..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.84.161\AsusWSPanel.exe /S
O4 - HKLM\..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\Sonic Focus\SonicFocusTray.exe
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [SweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [Sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Leon\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKCU\..\Run: [Spotify] "C:\Users\Leon\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Remote Control Server] C:\Program Files (x86)\Remote Control Server\Remote Control Server.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MagicDisc.lnk = C:\Program Files (x86)\MagicDisc\MagicDisc.exe
O4 - Startup: OpenOffice.org 3.4.1.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
O4 - Global Startup: AsusVibeLauncher.lnk = C:\Program Files (x86)\ASUS\AsusVibe\AsusVibeLauncher.exe
O4 - Global Startup: FancyStart daemon.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: (no name) - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra 'Tools' menuitem: Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\Module\20002\6.5.1234\6.5.1234\TmBpIe32.dll
O18 - Protocol: tmpx - {0E526CB5-7446-41D1-A403-19BFE95E8C23} - C:\Program Files\Trend Micro\AMSP\Module\20004\1.5.1381\6.5.1234\TmIEPlg32.dll
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O20 - AppInit_DLLs: C:\PROGRA~2\SupTab\SEARCH~1.DLL
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Trend Micro Solution Platform (Amsp) - Trend Micro Inc. - C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: Atheros Bt&Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
O23 - Service: AtherosSvc - Atheros Commnucations - C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Hi-Rez Studios Authenticate and Update Service (HiPatchService) - Hi-Rez Studios - C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NIHardwareService - Native Instruments GmbH - C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
O23 - Service: Norton PC Checkup Application Launcher - Symantec Corporation - C:\Program Files (x86)\Norton PC Checkup 3.0\SymcPCCULaunchSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: TeamViewer 8 (TeamViewer8) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
O23 - Service: TiMiniService - Trend Micro Inc. - C:\Program Files\Trend Micro\Titanium\TiMiniService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Leon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QEHX2L6 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Leon\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=2306 folders=510 212737950 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Leon\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Leon\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\PC Drivers HeadQuarters\Driver Detective\Microsoft.Practices.EnterpriseLibrary.Security.Cryptography.dll"  not found
"C:\Program Files (x86)\SweetIM"  not found
"C:\Program Files (x86)\PC Drivers HeadQuarters"  not found
"C:\ProgramData\Premium"  not found
"C:\PROGRA~2\SweetIM"  not found
"C:\PROGRA~3\Premium"  not found
"C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm" not found
"C:\Users\Leon\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7QEHX2L6" not found

==== EOF on di 29-07-2014 at 17:32:19,77 ======================