
Zoek.exe v5.0.0.1 Updated 30-09-2015
Tool run by BlackAngel on zo 04/10/2015 at 12:45:48,56.
Microsoft Windows 8.1 Pro met Media Center 6.3.9600  x64
Running in: Normal Mode Internet Access Detected
Launched: F:\DOWNLOADS\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

4/10/2015 12:47:45 Zoek.exe System Restore Point Created Successfully.

==== Torpig Check ======================

HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileSystem {217FC9C0-3AEA-1069-A2DB-08002B30309D} %SystemRoot%\system32\shell32.dll 
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\FileZilla3CopyHook {DB70412E-EEC9-479C-BBA9-BE36BFDDA41B} C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
HKEY_CLASSES_ROOT\Directory\shellex\CopyHookHandlers\Sharing {40dd6e20-7c17-11ce-a804-00aa003ca9f6} %SystemRoot%\system32\ntshrui.dll 


==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp. 
# 
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows. 
# 
# This file contains the mappings of IP addresses to host names. Each 
# entry should be kept on an individual line. The IP address should 
# be placed in the first column followed by the corresponding host name. 
# The IP address and the host name should be separated by at least one 
# space. 
# 
# Additionally, comments (such as these) may be inserted on individual 
# lines or following the machine name denoted by a '#' symbol. 
# 
# For example: 
# 
#      102.54.94.97     rhino.acme.com          # source server 
#       38.25.63.10     x.acme.com              # x client host 
 
127.0.0.1       localhost 

==== Empty Folders Check ======================

C:\PROGRA~2\Amazon deleted successfully
C:\PROGRA~2\AnswerWorks 4.0 deleted successfully
C:\PROGRA~2\DOOM 3 deleted successfully
C:\PROGRA~2\Fotobounce Family deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\CorelDRAW Graphics Suite X6 deleted successfully
C:\PROGRA~3\PCSettings deleted successfully
C:\PROGRA~3\Validity deleted successfully
C:\Users\Administrator\AppData\Roaming\Systweak deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Aquafadas deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Media Player Classic deleted successfully
C:\Users\BlackAngel\AppData\Roaming\rightbackup deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Systweak deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\BlackAngel\AppData\Roaming\Youtube to MP3 Converter deleted successfully
C:\Users\BlackAngel\AppData\Local\calibre-cache deleted successfully
C:\Users\BlackAngel\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\BlackAngel\AppData\Local\EmieSiteList deleted successfully
C:\Users\BlackAngel\AppData\Local\EmieUserList deleted successfully
C:\Users\BlackAngel\AppData\Local\Intel WiDi deleted successfully
C:\Users\BlackAngel\AppData\Local\ms-drivers deleted successfully
C:\Users\BlackAngel\AppData\Local\p632Wb2dsSs deleted successfully
C:\Users\BlackAngel\AppData\Local\PACE Anti-Piracy deleted successfully
C:\Users\BlackAngel\AppData\Local\TB deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\CrashDumps deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-80-4287524181-3401991209-718407576-1481970793-3068686015\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Internet Explorer\SearchScopes\{A29E8868-1021-4A33-B49D-7FE3060935E0} deleted successfully
HKEY_USERS\S-1-5-80-4287524181-3401991209-718407576-1481970793-3068686015\Software\Microsoft\Internet Explorer\SearchScopes\{A29E8868-1021-4A33-B49D-7FE3060935E0} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Internet Explorer\SearchScopes\{AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_USERS\S-1-5-80-4287524181-3401991209-718407576-1481970793-3068686015\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{A29E8868-1021-4A33-B49D-7FE3060935E0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A29E8868-1021-4A33-B49D-7FE3060935E0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\ADMINI~1\AppData\Roaming\Mozilla\Firefox\Profiles\2xyid3h3.default

user.js not found
---- FireFox user.js and prefs.js backups ---- 

prefs_20150410_1303_.backup

ProfilePath: C:\Users\BLACKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default

---- Lines delta removed from prefs.js ----
user_pref("avg.install.userHPSettings", "http://www.delta-search.com/?affID=119988&tt=040413_9114&babsrc=HP_ss&mntrId=0A56A0B3CC4831FA");
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.bbDpng", "20");
user_pref("extensions.delta.cntry", "BE");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.hdrMd5", "");
user_pref("extensions.delta.id", "0a56e22b000000000000a0b3cc4831fa");
user_pref("extensions.delta.instlDay", "15845");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.lastVrsnTs", "1.8.16.1611:31:45");
user_pref("extensions.delta.newTab", false);
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.sg", "czb");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1611:31:45");
user_pref("extensions.delta.vrsni", "1.8.16.16");
---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");
user_pref("extensions.delta.id", "0a56e22b000000000000a0b3cc4831fa");
user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");
user_pref("extensions.delta.instlDay", "15845");
user_pref("extensions.delta.vrsn", "1.8.16.16");
user_pref("extensions.delta.vrsni", "1.8.16.16");
user_pref("extensions.delta.vrsnTs", "1.8.16.1611:31:45");
user_pref("extensions.delta.prtnrId", "delta");
user_pref("extensions.delta.prdct", "delta");
user_pref("extensions.delta.aflt", "babsst");
user_pref("extensions.delta.smplGrp", "none");
user_pref("extensions.delta.tlbrId", "base");
user_pref("extensions.delta.instlRef", "sst");
user_pref("extensions.delta.dfltLng", "en");
user_pref("extensions.delta.excTlbr", false);
user_pref("extensions.delta.ffxUnstlRst", true);
user_pref("extensions.delta.admin", false);
user_pref("extensions.delta.autoRvrt", "false");
user_pref("extensions.delta.rvrt", "false");
user_pref("extensions.delta.newTab", false);

---- FireFox user.js and prefs.js backups ---- 

user_20150410_1303_.backup
prefs_20150410_1303_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce] 
"Adobe Speed Launcher"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\Amazon not found
C:\PROGRA~2\AnswerWorks 4.0 not found
C:\PROGRA~2\DOOM 3 not found
C:\PROGRA~2\Fotobounce Family not found
C:\PROGRA~2\Origin Games not found
"C:\Windows\Installer\18fe1a7.msi" not found
"C:\Windows\Installer\18fe193.msi" not found
C:\Users\BlackAngel\AppData\Roaming\calibre deleted
C:\Users\BlackAngel\AppData\Roaming\IMVUClient deleted
C:\Windows\AutoKMS deleted
C:\Users\BlackAngel\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default\extensions\bingsearch.full@microsoft.com deleted
C:\Users\BlackAngel\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default\searchplugins\safesearch.xml deleted
C:\windows\SysNative\Tasks\HP Photo Creations Communicator deleted
C:\Users\Administrator\AppData\LocalLow\Conduit deleted
C:\Users\BlackAngel\AppData\LocalLow\Conduit deleted
C:\PROGRA~2\Connected Music powered by Universal Music Group deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\TB deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Acrofix.exe deleted
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Roaming\Systweak deleted
C:\PROGRA~3\SMRResults501.dat deleted
C:\PROGRA~3\Microsoft\Windows\Start Menu\Programs\INTERNET TOOLS\GoforFiles deleted
C:\PROGRA~3\{65AB91D4-DDD0-48D4-804D-C24E1FC90D44} deleted
C:\PROGRA~3\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\BlackAngel\AppData\Local\cache deleted
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SCHIJF- en ISO APPS deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\GroupPolicy\gpt.ini deleted
C:\WINDOWS\Syswow64\SET13BE.tmp deleted
C:\WINDOWS\Syswow64\SET1B35.tmp deleted
C:\WINDOWS\Syswow64\SET3CBA.tmp deleted
C:\WINDOWS\Syswow64\SET3DB6.tmp deleted
C:\WINDOWS\Syswow64\SET4D8A.tmp deleted
C:\WINDOWS\SysWow64\searchplugins deleted
C:\WINDOWS\SysWow64\Extensions deleted
C:\Users\BLACKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default\Invalidprefs.js deleted
C:\WINDOWS\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted
C:\WINDOWS\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} deleted
"C:\WINDOWS\tasks\AutoKMS.job" deleted
"C:\Windows\Installer\52b3df2.msi" deleted
"C:\Windows\Installer\5b56313.msi" deleted
"C:\Users\BlackAngel\AppData\Roaming\AACS\KEYDB.cfg" deleted
"C:\Users\BlackAngel\AppData\Roaming\AACS" deleted

==== Files Recently Created / Modified ======================

====== C:\WINDOWS ====
====== C:\Users\BLACKA~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\WINDOWS\SysWOW64 =====
2015-09-22 17:12:37	D5B3690D367EC7EF2AC7FC48B854D1CC	178152	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-09-22 17:12:37	5BACD68B116CAA67B71F4F9DB500A47B	812008	----a-w-	C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
====== C:\WINDOWS\SysWOW64\drivers =====
====== C:\WINDOWS\Sysnative =====
====== C:\WINDOWS\Sysnative\drivers =====
2015-09-09 16:29:08	2C32E08A6DCE799EADECECD0C60E233B	689152	----a-w-	C:\WINDOWS\Sysnative\drivers\vmswitch.sys
2015-09-09 16:26:56	FEA8FC81431AD93F44D5FBFBBF096AA7	118272	-c--a-w-	C:\WINDOWS\Sysnative\drivers\bthpan.sys
====== C:\WINDOWS\Tasks ======
2015-10-03 14:36:45	43060D88FC6326F9A12DDF57C7D0D31B	3476	----a-w-	C:\WINDOWS\Sysnative\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2015-10-03 14:36:44	57F6CB0B49FE0D4ACF6B89B919EDDC85	3722	----a-w-	C:\WINDOWS\Sysnative\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2015-10-01 15:54:14	F65313EDECB8AF3CFF2C10359B9FC84C	3830	----a-w-	C:\WINDOWS\Sysnative\Tasks\Opera scheduled Autoupdate 1435487350
2015-09-17 16:28:52	A4FD5DB3320096829DCA9D8F0F9E5241	1078	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-17 16:28:52	93B534665A258EC134433B51443F8A47	1082	----a-w-	C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-15 16:45:58	86E1CCB1C929B6D37954CFB9FD020B65	3554	----a-w-	C:\WINDOWS\Sysnative\Tasks\GarminUpdaterTask
====== C:\WINDOWS\Temp ======
======= C:\Program Files =====
2015-10-03 16:07:26	--------	d-----w-	C:\Program Files\trend micro
2015-09-23 17:12:32	--------	d-----w-	C:\Program Files\USB Disk Storage Format Tool
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\BlackAngel\AppData\Roaming ======
2015-09-17 18:49:42	1C9A45B6736339EEEC1B891FCE847B79	8139256	----a-w-	C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\FontCache3.0.0.0.dat
2015-09-04 16:28:12	--------	d-----w-	C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\CrashDumps
====== C:\Users\BlackAngel ======
2015-10-03 11:43:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2015-09-23 18:06:09	0808E5C8534C964E1B3FBDF8F3DAE7AD	764	--sha-r-	C:\ProgramData\ntuser.pol
2015-09-23 17:12:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\USB Disk Storage Format Tool 5.1
2015-09-15 16:46:17	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2015-09-12 16:34:08	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2015-09-12 16:29:37	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2005

====== C: exe-files ==
2015-10-03 16:07:28	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\BlackAngel.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"BingSvc"="C:\Users\BlackAngel\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"Sdrive startup"="C:\Program Files (x86)\Seagate\Sdrive\Sdrive.exe"
"Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"SkyDrive"="C:\Users\BlackAngel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"SansaDispatch"="C:\Users\BlackAngel\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"
"icq"="C:\Users\BlackAngel\AppData\Roaming\ICQM\icq.exe -CU"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
"OpenDNS Updater"="C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe /autostart"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Run]
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"

[HKEY_USERS\S-1-5-80-4287524181-3401991209-718407576-1481970793-3068686015\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"WAB Migrate"="%ProgramFiles%\Windows Mail\wab.exe /Upgrade"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"Acrobat Assistant 8.0"="C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SSDMonitor"="C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
"PowerDVD14Agent"="C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD14Agent.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"DBAgent"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\DBAgent.exe /WinStart"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"UnlockerAssistant"="C:\Program Files (x86)\Unlocker\UnlockerAssistant.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe"
"AdobeCS6ServiceManager"="C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe -launchedbylogin"
"Reader Application Helper"="C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"SwitchBoard"="C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"CLVirtualDrive"="C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe /R"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"GoogleDriveSync"="C:\Program Files (x86)\Google\Drive\googledrivesync.exe /autostart"
"BingSvc"="C:\Users\BlackAngel\AppData\Local\Microsoft\BingSvc\BingSvc.exe"
"Sdrive startup"="C:\Program Files (x86)\Seagate\Sdrive\Sdrive.exe"
"Uploader"="C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe"
"DAEMON Tools Lite"="C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe -autorun"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"SkyDrive"="C:\Users\BlackAngel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe /background"
"SansaDispatch"="C:\Users\BlackAngel\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe"
"Autodesk Sync"="C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe"
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"NokiaSuite.exe"="C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe -tray"
"icq"="C:\Users\BlackAngel\AppData\Roaming\ICQM\icq.exe -CU"
"GarminExpressTrayApp"="C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
"Sony PC Companion"="C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe /Background"
"OpenDNS Updater"="C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe /autostart"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\WINDOWS\\SysWOW64\\nvinit.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE"
"RtsCM"="RTSCM64.EXE"
"NvBackend"="C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"ShadowPlay"="C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart"
"RtsCM"="RTSCM64.EXE"
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\\Windows\\system32\\nvinitx.dll, C:\\WINDOWS\\system32\\nvinitx.dll"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\AdobeARMservice]


==== Startup Folders ======================

2014-08-17 13:54:33	1960	----a-w-	C:\Users\BlackAngel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Inktwaarschuwingen controleren - HP Photosmart 5520 series (netwerk).lnk

==== Task Scheduler Jobs ======================

C:\WINDOWS\tasks\Adobe Flash Player Updater.job --a-------- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21/09/2015 21:54]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 00:23]
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [30/08/2015 00:23]
C:\WINDOWS\tasks\HP Photo Creations Communicator.job --a-------- C:\ProgramData\HP Photo Creations\Communicator.exe [08/12/2012 21:03]
C:\WINDOWS\tasks\PTAutoUpdate.job --a-------- C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe [24/08/2012 11:21]
C:\WINDOWS\tasks\PTSchedule.job --a-------- C:\Program FilC:s x86\PC Tools\PC Tools UtilitiC:s\pt.C:xC:SSARDHUINNA\BlackAngC:l0 []
C:\WINDOWS\tasks\Synaptics TouchPad Enhancements.job --a-------- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [05/09/2014 17:39]

==== Other Scheduled Tasks ======================

"C:\WINDOWS\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\WINDOWS\SysNative\tasks\Advanced System Optimizer" [C:\Program Files (x86)\Advanced System Optimizer 3\ASO3.exe]
"C:\WINDOWS\SysNative\tasks\BlackAngel" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe]
"C:\WINDOWS\SysNative\tasks\BlackAngel Merge" ["C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\NBCore.exe"]
"C:\WINDOWS\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\WINDOWS\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]
"C:\WINDOWS\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]
"C:\WINDOWS\SysNative\tasks\GarminUpdaterTask" [C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\WINDOWS\SysNative\tasks\HPCustParticipation HP Photosmart 5520 series" ["C:\Program Files\HP\HP Photosmart 5520 series\Bin\HPCustPartic.exe"]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon" ["C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe"]
"C:\WINDOWS\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\WINDOWS\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\WSCStub.exe"]
"C:\WINDOWS\SysNative\tasks\Opera scheduled Autoupdate 1435487350" [C:\Program Files (x86)\Opera\launcher.exe]
"C:\WINDOWS\SysNative\tasks\PTAutoUpdate" [C:\Program Files (x86)\PC Tools\PC Tools Utilities\SULauncher.exe]
"C:\WINDOWS\SysNative\tasks\PTSchedule" [C:\Program Files (x86)\PC Tools\PC Tools Utilities\pt.exe]
"C:\WINDOWS\SysNative\tasks\Seagate_Install_Launch" [C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Dashboard.exe]
"C:\WINDOWS\SysNative\tasks\User_Feed_Synchronization-{87AD4169-ABB5-470F-92D3-B916F2216DD1}" [C:\WINDOWS\system32\msfeedssync.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Critical Actions Pending" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\WINDOWS\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\SymErr.exe]
"C:\WINDOWS\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Folders in C:\PROGRA~3 0-6 Months Old ======================

2015-06-27 18:50:49	--------	d-----w-	C:\PROGRA~3\VS Revo Group
2015-06-27 19:30:52	--------	d-----w-	C:\PROGRA~3\PC Tools
2015-06-27 20:16:07	--------	d-----w-	C:\PROGRA~3\boost_interprocess
2015-06-27 21:17:37	--------	d-----w-	C:\PROGRA~3\SUPPORTDIR
2015-06-27 21:18:59	--------	d-----w-	C:\PROGRA~3\PDVD
2015-06-29 20:27:29	--------	d-----w-	C:\PROGRA~3\SUPERAntiSpyware.com
2015-06-30 20:09:45	--------	d-----w-	C:\PROGRA~3\MediaMonkey
2015-07-15 18:47:11	--------	d-----w-	C:\PROGRA~3\Seagate
2015-07-16 21:18:53	--------	d-----w-	C:\PROGRA~3\Nero

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn" [17/09/2015 20:53]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"MFVersion"="MF38.0.5 (x86 nl)" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\BLACKA~1\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default
- Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
- Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_22.5.0.124\coFFPlgn
- Dojo Firebug Extension - %ProfilePath%\extensions\dojo@silvergate.ar.ibm.com.xpi
- EventBug - %ProfilePath%\extensions\eventbug@getfirebug.com.xpi
- FBTest - %ProfilePath%\extensions\fbtest@mozilla.com.xpi
- FBTrace - %ProfilePath%\extensions\fbtrace@getfirebug.com.xpi
- Firebug - %ProfilePath%\extensions\firebug@software.joehewitt.com.xpi
- FireDiff - %ProfilePath%\extensions\firediff@johnjbarton.com.xpi
- FirePHP - %ProfilePath%\extensions\FirePHPExtension-Build@firephp.org.xpi
- cssUpdater - %ProfilePath%\extensions\info@cssUpdater.com.xpi
- NetExport - %ProfilePath%\extensions\netexport@getfirebug.com.xpi
- Illuminations for Developers - %ProfilePath%\extensions\sroussey@illumination-for-developers.com.xpi
- Web Developer - %ProfilePath%\extensions\{c45c406e-ab73-11d8-be73-000a95be3b12}.xpi
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- TrueSuite Website Logon - %AppDir%\distribution\bundles\websitelogon@truesuite.com
- Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\BlackAngel\AppData\Roaming\Mozilla\Firefox\Profiles\4xhuaa46.default
1B05342DC6A8896A90952AF2084620F5	- C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll -	RocketLife Secure Plug-In Layer
3D3CAF586124C4E8102764C8B3063BB6	- C:\windows\SysWOW64\Adobe\Director\np32dsw.dll -	Shockwave for Director / Shockwave for Director
E3D40D344C196E66D4346CCECED7AC1C	- C:\Users\BlackAngel\AppData\Roaming\HewlettPackard\HPDetect\1.0.0.0\npHPDetect.dll -	HPDetect


==== Chromium Look ======================

Google Chrome Version: 45.0.2454.101

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cjabmdjcfcfdmffimndhafhblfmpjdpe - C:\Program Files (x86)\Norton Internet Security\Engine\22.5.2.15\Exts\Chrome.crx[10/07/2015 06:03]
efaidnbmnnnibpcajpcglclefindmkaj - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx[03/12/2014 08:31]
fegekclkdhbnfdcmomlpegkkndgnmfmo - C:\Program Files (x86)\HP SimplePass\tschrome.crx[01/04/2013 02:25]
iikflkcanblccfahdhdonehdalibjnif - No path found[]
jaaieiajnhcnimjgfmjpccjmmfkploci - C:\Program Files (x86)\HP SimplePass\tschrome.crx[01/04/2013 02:25]
kanflfepiobnpjbljmngfgegijhdpljm - C:\Program Files (x86)\HP SimplePass\tschrome.crx[01/04/2013 02:25]
lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[01/05/2015 11:17]
plmlpkfpkijnlijgalnjaacllnjmoamo - No path found[]
pmcmflmkceipgecmhoddphflfndnfbbe - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
bmkckgpgekmanipelfidlhmkfcjicion - No path found[]
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[12/12/2012 19:51]
plmlpkfpkijnlijgalnjaacllnjmoamo - No path found[]
pmcmflmkceipgecmhoddphflfndnfbbe - No path found[]

DocHub - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgncicbhbjfpijkdmbijninnhnmiblj
h5o - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\afoibpobokebhgfnknfndkgemglggomo
Google Docs - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Web Developer - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm
YouTube - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
selector is not a valid CSS selector - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Adblock for Youtube - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
Google Search - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Google - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm
Adobe Acrobat - Create PDF - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Norton Home Page for Chrome - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejbdobdndcjhdmljipngpeoekdinlohe
AdBlock - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Pin It Button - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
Bitly | Unleash the power of the link - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic
Norton Identity Safe - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Website Logon - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanflfepiobnpjbljmngfgegijhdpljm
Neutron Drive - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lanjfnanlbolmgmnchmhfnicfefjgnff
Skype Click to Call - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
iStart - new tab page in metro style - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae
Google Maps - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
html5 buddy - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepcemlliclfkppahmgdfoamhccflihc
SelectorGadget - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb
Norton Security Toolbar - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk
Norton Identity Safe - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgpiocdhdmnglomggfjkkonjjfahnom
Google Wallet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
DocHub - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\adgncicbhbjfpijkdmbijninnhnmiblj
h5o - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\afoibpobokebhgfnknfndkgemglggomo
Google Drive - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
Web Developer - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm
Bing Search Engine - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion
selector is not a valid CSS selector - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb
Norton Security Toolbar - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe
Adblock for Youtube - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk
Google - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm
Adobe Acrobat - Create PDF - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj
Google Docs Offline - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi
AdBlock - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Pin It Button - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic
Bitly | Unleash the power of the link - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic
Norton Identity Safe - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif
Website Logon - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kanflfepiobnpjbljmngfgegijhdpljm
Neutron Drive - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lanjfnanlbolmgmnchmhfnicfefjgnff
Skype Click to Call - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
iStart - new tab page in metro style - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae
Google Maps - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh
html5 buddy - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mepcemlliclfkppahmgdfoamhccflihc
SelectorGadget - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mhjhnkcfbdhnjickkkdbjoemdmbfginb
Norton Identity Safe - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\njgpiocdhdmnglomggfjkkonjjfahnom
Chrome Web Store Payments - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.manhattanservices.com_0.localstorage deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.manhattanservices.com_0.localstorage-journal deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_translator.babylon.com_0.localstorage deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_translator.babylon.com_0.localstorage-journal deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmkckgpgekmanipelfidlhmkfcjicion deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkgdlmlmcijgnglfcophfjhafiafhkae deleted successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lkgdlmlmcijgnglfcophfjhafiafhkae_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"
{483830EE-A4CD-4b71-B0A3-3D82E62A6909} Unknown  Url="Not_Found"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"
{FFEBBF0A-C22C-4172-89FF-45215A135AC7} ?????@Mail.Ru  Url="http://go.mail.ru/search?q={searchTerms}&utf8in=1&fr=ietb"

==== Reset Google Chrome ======================

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Preferences.bad was reset successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully
HKEY_USERS\S-1-5-21-1746845942-926921496-1953624999-1002\Software\Microsoft\Internet Explorer\SearchScopes\{483830EE-A4CD-4b71-B0A3-3D82E62A6909} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BE51BFEEB8EFFD744A69C1D4410292A4 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\237AA359BFA99C94484AF769ACA080AD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\bmkckgpgekmanipelfidlhmkfcjicion deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{EEFB15EB-FE8B-47DF-A496-1C4D1420294A} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{EEFB15EB-FE8B-47DF-A496-1C4D1420294A} deleted successfully
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Sansa Updater deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{E2C8D0C2-1C97-4C05-939A-5B13A0FE655C} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\BE51BFEEB8EFFD744A69C1D4410292A4 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\2C0D8C2E79C150C439A9B5310AEF56C5 deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\237AA359BFA99C94484AF769ACA080AD deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 deleted successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\BlackAngel\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\BlackAngel\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\BlackAngel\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\BlackAngel\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Administrator\AppData\Local\Mozilla\Firefox\Profiles\2xyid3h3.default\Cache emptied successfully
C:\Users\BlackAngel\AppData\Local\Mozilla\Firefox\Profiles\4xhuaa46.default\cache2 emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\BlackAngel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1507 folders=340 3129471373 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\BlackAngel\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\MSSQL$ADK\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\BLACKA~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted

==== EOF on zo 04/10/2015 at 13:35:31,65 ======================