
Zoek.exe v5.0.0.0 Updated 14-April-2014
Tool run by Lars on ma 19-05-2014 at 15:27:20,84.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Lars\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

19-5-2014 15:31:20 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Allmyapps deleted successfully
C:\PROGRA~2\AllSSaveer deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\COMMON~1\Merge Modules deleted successfully
C:\Program Files\mcafee deleted successfully
C:\PROGRA~3\AllSSaveer deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\Users\Lars\AppData\Roaming\Bandoo deleted successfully
C:\Users\Lars\AppData\Roaming\TP deleted successfully
C:\Users\Lars\AppData\Roaming\U3 deleted successfully
C:\Users\Lars\AppData\Roaming\uTorrent deleted successfully
C:\Users\Lars\AppData\Roaming\WinRAR deleted successfully
C:\Users\Lars\AppData\Local\PackageAware deleted successfully
C:\Users\Lars\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60EC236A-EC30-E288-9279-86A141035102} deleted successfully
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pricemeterliveUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pricemeterliveUpdate deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\pricemeterliveUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\pricemeterliveUpdatem deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update WebSpades deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update WebSpades deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update WebSpades deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update WebSpades deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vToolbarUpdater18.1.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vToolbarUpdater18.1.0 deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\IePluginService deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\IePluginService deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60EC236A-EC30-E288-9279-86A141035102}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{699B0FCC-42AE-A9BC-AD9B-E54C42834134}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{60EC236A-EC30-E288-9279-86A141035102}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{699B0FCC-42AE-A9BC-AD9B-E54C42834134}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}] 
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"PriceMeterW"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\AVG\AVG2012 not found
C:\Users\Lars\AppData\Local\PriceMeter not found
C:\Program Files (x86)\WebSpades not found
C:\ProgramData\AllSSaveer not found
C:\Program Files (x86)\SupTab deleted
C:\Program Files (x86)\save nEt deleted
C:\Program Files (x86)\Searchi-NeewTab deleted
C:\Users\Lars\AppData\Roaming\DVDVideoSoftIEHelpers deleted
C:\Users\Lars\AppData\Roaming\PriceMeterUpdater deleted
C:\Users\Lars\AppData\Roaming\SupTab deleted
C:\ProgramData\IePluginService deleted
C:\ProgramData\WPM deleted
C:\ProgramData\Searchi-NeewTab deleted
C:\ProgramData\39b559e409962429 deleted
C:\ProgramData\save nEt deleted
C:\ProgramData\InstallMate deleted
C:\Users\Lars\AppData\LocalLow\{13F07BED-990F-D06C-6FA0-9A116F31DF3C} deleted
C:\Users\Lars\AppData\LocalLow\{60EC236A-EC30-E288-9279-86A141035102} deleted
C:\Users\Lars\AppData\LocalLow\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted
C:\Users\Lars\AppData\Local\Packages\windows_ie_ac_001\AC\{13F07BED-990F-D06C-6FA0-9A116F31DF3C} deleted
C:\Users\Lars\AppData\Local\Packages\windows_ie_ac_001\AC\{60EC236A-EC30-E288-9279-86A141035102} deleted
C:\Users\Lars\AppData\Local\Packages\windows_ie_ac_001\AC\{699B0FCC-42AE-A9BC-AD9B-E54C42834134} deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\TB deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\Users\Lars\AppData\Roaming\Babylon deleted
C:\PROGRA~3\OberonGameConsole deleted
C:\PROGRA~3\AVG Secure Search deleted
C:\Users\Lars\AppData\Local\Ilivid Player deleted
C:\Users\Lars\AppData\Local\AVG Secure Search deleted
C:\Users\Lars\AppData\Local\Babylon deleted
C:\Users\Lars\Downloads\iLividSetup-r394-n-bc (1).exe deleted
C:\Users\Lars\Downloads\iLividSetup-r394-n-bc.exe deleted
C:\Users\Lars\Downloads\avg_free_stb_all_2014_4116_cnet.exe deleted
C:\Users\Lars\AppData\LocalLow\AVG Secure Search deleted
C:\Users\Lars\AppData\LocalLow\searchquband deleted
C:\Users\Lars\AppData\LocalLow\BabylonToolbar deleted
C:\Users\Lars\AppData\LocalLow\DataMngr deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job deleted
C:\windows\SysNative\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv deleted
C:\Users\Lars\Documents\Optimizer Pro deleted
C:\Users\Lars\Downloads\need for speed nl subs.exe deleted
"C:\Windows\tasks\PriceMeterLiveUpdateUpdateTaskMachineCore.job" deleted
"C:\Windows\tasks\PriceMeterLiveUpdateUpdateTaskMachineUA.job" deleted
"C:\Windows\tasks\PriceMeterUpdater.job" deleted
"C:\Windows\tasks\SW-Booster-S-5644911192.job" deleted
"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
"C:\PROGRA~2\AVG Secure Search\vprot.exe" deleted
"C:\ProgramData\PriceMeterLiveUpdate\Update\Log\PriceMeterLiveUpdate.log" not deleted
"C:\Program Files (x86)\PriceMeterLiveUpdate\Update\PriceMeterLiveUpdate.exe" deleted
"C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0\goopdate.dll" deleted
"C:\ProgramData\AppReady Software\SW-Booster\SW-Booster.exe" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.0\SiteSafety.dll" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.0\log4cplusU.dll" deleted
"C:\ProgramData\PriceMeterLiveUpdate" not deleted
"C:\Program Files (x86)\PriceMeterLiveUpdate" not deleted
"C:\ProgramData\AppReady Software" not deleted
"C:\Program Files (x86)\SW-Booster" deleted
"C:\PROGRA~2\AVG Secure Search" deleted
"C:\PROGRA~2\AVG Secure Search" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search" deleted
"C:\ProgramData\PriceMeterLiveUpdate\Update" not deleted
"C:\ProgramData\PriceMeterLiveUpdate\Update\Log" not deleted
"C:\Program Files (x86)\PriceMeterLiveUpdate\Update" not deleted
"C:\Program Files (x86)\PriceMeterLiveUpdate\Update\1.3.23.0" not deleted
"C:\ProgramData\AppReady Software\SW-Booster" not deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\SiteSafetyInstaller\18.1.0" deleted
"C:\PROGRA~2\COMMON~1\AVG Secure Search\vToolbarUpdater\18.1.0" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\Lars\AppData\Local\Temp ====
2014-05-07 12:50:19	40395C175553CB14D2050888EFCCDF00	4961800	----a-w-	C:\Users\Lars\AppData\Local\Temp\vcredist_x64.exe
2014-05-07 12:49:57	45922155C9628E11441AA869C6287BB7	10372136	----a-w-	C:\Users\Lars\AppData\Local\Temp\BackupSetup.exe
2014-05-07 12:34:17	D2D6341A87CC3995ABE80F505B6E112A	1207264	----a-w-	C:\Users\Lars\AppData\Local\Temp\LiveSupport_setup.exe
2014-05-07 12:34:07	57E626878D667E65127D1725279B0965	12384	----atw-	C:\Users\Lars\AppData\Local\Temp\{E35560C8-99FA-4EA0-AC4B-D1D838B6423E}\x86\regsvr32.exe
2014-05-07 12:34:07	157FE300857E06020BCB38A04D5B3B75	12896	----atw-	C:\Users\Lars\AppData\Local\Temp\{E35560C8-99FA-4EA0-AC4B-D1D838B6423E}\x64\regsvr32.exe
2014-05-07 12:33:57	A55C41C052034EEBF4B09BC307888572	2132632	----a-w-	C:\Users\Lars\AppData\Local\Temp\{E35560C8-99FA-4EA0-AC4B-D1D838B6423E}\Addons\newtab_setup.exe
2014-05-07 12:33:33	B55E90D26838294514389CD8B194AA82	5304336	----a-w-	C:\Users\Lars\AppData\Local\Temp\{E35560C8-99FA-4EA0-AC4B-D1D838B6423E}\Addons\OptimizerProInstaller.exe
2014-05-07 12:32:39	60E7A7686C196EAAD7B21C4538BD6A19	2132056	----a-w-	C:\Users\Lars\AppData\Local\Temp\{E35560C8-99FA-4EA0-AC4B-D1D838B6423E}\Addons\ytab_setup.exe
2014-05-07 12:28:35	E5575149A477DC94AF527FC7D751A407	6379728	----a-w-	C:\Users\Lars\AppData\Local\Temp\nscFAA9\SpSetup.exe
2014-05-07 12:28:23	9FB9D49C2DB7EDD1084AB765D619F5C6	66368	----a-w-	C:\Users\Lars\AppData\Local\Temp\uttCD05.tmp.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
2014-05-16 07:14:41	FBCF3F01177953EBF1E735643621CCF5	69632	----a-w-	C:\Windows\SysWOW64\mshtmled.dll
2014-05-16 07:14:38	EB5347F6149D3FF25F4D609A21A3BD67	17382912	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-05-16 07:14:38	10D531ADC7B8FB36C7361D44AF6E8AB6	2724864	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-05-15 07:00:33	E9D88493FBDB36D4B65C6F2F7F122C95	12874240	----a-w-	C:\Windows\SysWOW64\shell32.dll
2014-05-15 06:59:51	9DE19EA21DF99AF15BA5A947E5317F9E	550912	----a-w-	C:\Windows\SysWOW64\kerberos.dll
2014-05-15 06:59:51	4D59F470985D08139E42D15842816C47	3969984	----a-w-	C:\Windows\SysWOW64\ntkrnlpa.exe
2014-05-15 06:59:50	31FA2485DFC773F1E718A4D19F443FA9	3914176	----a-w-	C:\Windows\SysWOW64\ntoskrnl.exe
2014-05-15 06:59:49	ED195AC76E10F17F6DD60C49666F2A83	259584	----a-w-	C:\Windows\SysWOW64\msv1_0.dll
2014-05-15 06:59:48	995B39A08421C7725D1DF8DACEBBFC89	538112	----a-w-	C:\Windows\SysWOW64\objsel.dll
2014-05-15 06:59:47	541BB9B4C899ADCC5D3DB89208C1F409	65536	----a-w-	C:\Windows\SysWOW64\TSpkg.dll
2014-05-15 06:59:47	461B713DE7F353C6447B744F1A049930	274944	----a-w-	C:\Windows\SysWOW64\KernelBase.dll
2014-05-15 06:59:47	3A1ABE045A3E30799576E83A2D012B43	172032	----a-w-	C:\Windows\SysWOW64\wdigest.dll
2014-05-15 06:59:46	FBC78B5D12A4F5A62D9C91E0E0E46D46	49664	----a-w-	C:\Windows\SysWOW64\adprovider.dll
2014-05-15 06:59:46	828185688FDAAE6C7959B884ABED1766	247808	----a-w-	C:\Windows\SysWOW64\schannel.dll
2014-05-15 06:59:46	62C0798CC68EBF42F29C92E6CD6DC3D6	36864	----a-w-	C:\Windows\SysWOW64\dimsroam.dll
2014-05-15 06:59:46	335FA669FC952BC4888CEDBDB42607E2	51200	----a-w-	C:\Windows\SysWOW64\cngprovider.dll
2014-05-15 06:59:45	834A859BB331B0B2CCAE25BB1986F80D	47616	----a-w-	C:\Windows\SysWOW64\dpapiprovider.dll
2014-05-15 06:59:45	5E11C55CC4D9330E55CCB22B1F20BB33	35328	----a-w-	C:\Windows\SysWOW64\wincredprovider.dll
2014-05-15 06:59:45	38A30B8E4216BE24D30F766EF3BAC2C7	48128	----a-w-	C:\Windows\SysWOW64\capiprovider.dll
2014-05-15 06:59:44	C94CE65AE7701E9FDBA889045543E27C	22016	----a-w-	C:\Windows\SysWOW64\secur32.dll
2014-05-15 06:59:44	75878492F2B33405EEF900F8C16C6D08	96768	----a-w-	C:\Windows\SysWOW64\sspicli.dll
2014-05-15 06:59:44	2A86C18CE6869C77FCEB62F3B47D4D5B	17408	----a-w-	C:\Windows\SysWOW64\credssp.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-05-16 07:14:41	A920E1336F9FEA95477763E2CC15891B	84992	----a-w-	C:\Windows\Sysnative\mshtmled.dll
2014-05-16 07:14:41	797E2E5C309AFF76990D5B7AF457EACA	23544320	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-05-16 07:14:38	A45BFDCFD5864F658289A165E6E0227F	2724864	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-05-15 07:00:33	427015D56DF17241F634611557146C57	14175744	----a-w-	C:\Windows\Sysnative\shell32.dll
2014-05-15 07:00:25	4A795989DF0043973711B666D36D2678	477184	----a-w-	C:\Windows\Sysnative\aepdu.dll
2014-05-15 07:00:23	485FB1F3792FF7B5D5EBB99AB870E588	424448	----a-w-	C:\Windows\Sysnative\aeinv.dll
2014-05-15 06:59:53	9358149234A4F3FE00CF5C2096DC1652	1460736	----a-w-	C:\Windows\Sysnative\lsasrv.dll
2014-05-15 06:59:51	B19C8390A1D641B9AC4490D4828A7B5E	728064	----a-w-	C:\Windows\Sysnative\kerberos.dll
2014-05-15 06:59:50	E2A483E796D5FC7E447725FD01D98FA0	314880	----a-w-	C:\Windows\Sysnative\msv1_0.dll
2014-05-15 06:59:49	89EF1CE0CE43AB8F55247D746739A321	722944	----a-w-	C:\Windows\Sysnative\objsel.dll
2014-05-15 06:59:49	6B47CF5C27865DDF6680E4D834FBE34F	5550016	----a-w-	C:\Windows\Sysnative\ntoskrnl.exe
2014-05-15 06:59:48	B6D8C1202DACA028AD94BDA2795CBBE9	86528	----a-w-	C:\Windows\Sysnative\TSpkg.dll
2014-05-15 06:59:48	851BB346CD59D9B3BC8854384C7DD5C3	424960	----a-w-	C:\Windows\Sysnative\KernelBase.dll
2014-05-15 06:59:48	26AF184300C0868D854D5A3092234E24	210944	----a-w-	C:\Windows\Sysnative\wdigest.dll
2014-05-15 06:59:46	CF13522172342AD8196B329C15D68E23	44544	----a-w-	C:\Windows\Sysnative\dimsroam.dll
2014-05-15 06:59:46	9D942180B5B6CE1C882B9CC54EA1F275	57344	----a-w-	C:\Windows\Sysnative\cngprovider.dll
2014-05-15 06:59:46	692E9886B2A475684F7E3294BF66E97D	56832	----a-w-	C:\Windows\Sysnative\adprovider.dll
2014-05-15 06:59:46	4959DE74643CBC4B83E5BC99486A4FC9	53760	----a-w-	C:\Windows\Sysnative\capiprovider.dll
2014-05-15 06:59:46	481F70241D4EA038BB02590A30F15A23	340992	----a-w-	C:\Windows\Sysnative\schannel.dll
2014-05-15 06:59:45	C072064F95579C0D6D86AF5B3DC53192	136192	----a-w-	C:\Windows\Sysnative\sspicli.dll
2014-05-15 06:59:45	BDA8B14AFE99A0C52BFEA64C5AC62171	52736	----a-w-	C:\Windows\Sysnative\dpapiprovider.dll
2014-05-15 06:59:45	9A3C6D8593F29A9F66744A3D4E6309B2	39936	----a-w-	C:\Windows\Sysnative\wincredprovider.dll
2014-05-15 06:59:45	204F3F58212B3E422C90BD9691A2DF28	31232	----a-w-	C:\Windows\Sysnative\lsass.exe
2014-05-15 06:59:44	82A72E99AA1CF0B04D3B9843CBA3AEC1	22016	----a-w-	C:\Windows\Sysnative\credssp.dll
2014-05-15 06:59:44	8098627D0AA1706D69C5AF3F74332ABB	29184	----a-w-	C:\Windows\Sysnative\sspisrv.dll
2014-05-15 06:59:44	39312B37C5FE5138F99680A49ACD3AEA	28160	----a-w-	C:\Windows\Sysnative\secur32.dll
====== C:\Windows\Sysnative\drivers =====
2014-05-15 06:59:47	1C2D8E18AA8FD50CD04C15CC27F7F5AB	155072	----a-w-	C:\Windows\Sysnative\drivers\ksecpkg.sys
2014-05-15 06:59:45	353009DEDF918B2A51414F330CF72DEC	95680	----a-w-	C:\Windows\Sysnative\drivers\ksecdd.sys
====== C:\Windows\Tasks ======
2014-05-07 12:50:33	6114DAC433728AF6969A4C649892171C	3224	----a-w-	C:\Windows\Sysnative\Tasks\PriceMeterUpdater
2014-05-07 12:50:31	3D310C109D2B6E9D4F46FDCBB68AC827	3284	----a-w-	C:\Windows\Sysnative\Tasks\pricemeterdownloader
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-05-16 14:17:41	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2014-05-16 07:13:34	--------	d-----w-	C:\PROGRA~2\COMMON~1\DESIGNER
2014-05-07 12:50:38	--------	d-----w-	C:\PROGRA~2\PriceMeterLiveUpdate
======= C: =====
====== C:\Users\Lars\AppData\Roaming ======
2014-05-16 14:10:16	--------	d-sh--w-	C:\Users\Lars\AppData\Locallow\EmieUserList
2014-05-16 14:10:16	--------	d-sh--w-	C:\Users\Lars\AppData\Locallow\EmieSiteList
2014-05-07 12:50:38	--------	d-----w-	C:\Users\Lars\AppData\Local\PriceMeterLiveUpdate
2014-05-07 12:39:32	--------	d-sh--w-	C:\Users\Lars\AppData\Local\EmieUserList
2014-05-07 12:39:32	--------	d-sh--w-	C:\Users\Lars\AppData\Local\EmieSiteList
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Lars\AppData\Local\Torch
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Lars\AppData\Local\Comodo
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Lars\AppData\Local\Chromatic Browser
2014-05-07 12:33:01	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-05-07 12:33:01	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-05-07 12:33:01	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Gast\AppData\Local\Torch
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Gast\AppData\Local\Comodo
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Gast\AppData\Local\Chromatic Browser
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Administrator\AppData\Local\Torch
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Administrator\AppData\Local\Comodo
2014-05-07 12:33:01	--------	d-----w-	C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-05-07 12:32:37	--------	d-----w-	C:\Users\Lars\AppData\Local\Packages
2014-05-07 12:32:26	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Google
2014-05-07 12:32:26	--------	d-----w-	C:\Users\Gast\AppData\Local\Google
2014-05-07 12:32:25	--------	d-----w-	C:\Users\Administrator\AppData\Local\Google
2014-05-07 12:32:13	--------	d-----w-	C:\Users\Lars\AppData\Local\Programs
====== C:\Users\Lars ======
2014-05-18 07:02:54	22574847381A0D7238FB89119811D790	4996816	----a-w-	C:\Users\Lars\Downloads\mmil_myil291431 (1).exe
2014-05-18 07:02:47	22574847381A0D7238FB89119811D790	4996816	----a-w-	C:\Users\Lars\Downloads\mmil_myil291431.exe
2014-05-18 07:01:16	FBF37A32F1A41C250516D26670C16BA3	2002216	----a-w-	C:\Users\Lars\Downloads\DriverDetective (1).exe
2014-05-18 06:58:36	FBF37A32F1A41C250516D26670C16BA3	2002216	----a-w-	C:\Users\Lars\Downloads\DriverDetective.exe
2014-05-18 06:57:34	2874553F479BF62B036A70464AA5EE9F	678608	----a-w-	C:\Users\Lars\Downloads\google-chrome_setup (1).exe
2014-05-18 06:57:30	2874553F479BF62B036A70464AA5EE9F	678608	----a-w-	C:\Users\Lars\Downloads\google-chrome_setup.exe
2014-05-16 14:16:54	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Lars\Downloads\RSITx64.exe
2014-05-16 07:17:06	CB98A2DDFC58154DA5BD0F34509A44C5	104536344	----a-w-	C:\Users\Lars\Downloads\msert.exe
2014-05-07 12:50:38	--------	d-----w-	C:\ProgramData\PriceMeterLiveUpdate
2014-05-07 12:46:20	02A8E61B12816CF9A8BA9E6337A06CFC	437744	----a-w-	C:\Users\Lars\Downloads\need_for_speed_nl_subs_Full (1).exe
2014-05-07 12:45:07	02A8E61B12816CF9A8BA9E6337A06CFC	437744	----a-w-	C:\Users\Lars\Downloads\need_for_speed_nl_subs_Full.exe
2014-05-07 12:33:29	--------	d-----w-	C:\ProgramData\AppReady Software
2014-05-07 12:32:26	--------	d-----w-	C:\Users\HomeGroupUser$\AppData
2014-05-07 12:32:26	--------	d-----w-	C:\Users\Gast\AppData
2014-05-07 12:32:25	--------	d-----w-	C:\Users\Administrator\AppData
2014-05-07 12:26:23	9F27F32DC4C7BA60D7038E06F03973B7	1672784	----a-w-	C:\Users\Lars\Downloads\uTorrent.exe

====== C: exe-files ==
2014-05-18 07:02:54	22574847381A0D7238FB89119811D790	4996816	----a-w-	C:\Users\Lars\Downloads\mmil_myil291431 (1).exe
2014-05-18 07:02:47	22574847381A0D7238FB89119811D790	4996816	----a-w-	C:\Users\Lars\Downloads\mmil_myil291431.exe
2014-05-18 07:01:16	FBF37A32F1A41C250516D26670C16BA3	2002216	----a-w-	C:\Users\Lars\Downloads\DriverDetective (1).exe
2014-05-18 06:58:36	FBF37A32F1A41C250516D26670C16BA3	2002216	----a-w-	C:\Users\Lars\Downloads\DriverDetective.exe
2014-05-18 06:57:34	2874553F479BF62B036A70464AA5EE9F	678608	----a-w-	C:\Users\Lars\Downloads\google-chrome_setup (1).exe
2014-05-18 06:57:30	2874553F479BF62B036A70464AA5EE9F	678608	----a-w-	C:\Users\Lars\Downloads\google-chrome_setup.exe
2014-05-16 14:17:41	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\Lars.exe
2014-05-16 14:16:54	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\Lars\Downloads\RSITx64.exe
2014-05-16 07:17:06	CB98A2DDFC58154DA5BD0F34509A44C5	104536344	----a-w-	C:\Users\Lars\Downloads\msert.exe
=== C: other files ==
2014-05-15 06:59:47	1C2D8E18AA8FD50CD04C15CC27F7F5AB	155072	----a-w-	C:\Windows\System32\drivers\ksecpkg.sys
2014-05-15 06:59:45	353009DEDF918B2A51414F330CF72DEC	95680	----a-w-	C:\Windows\System32\drivers\ksecdd.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Google Update"="C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Microsoft Default Manager"="C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe -resume"
"Adobe Reader Speed Launcher"="c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"BackupManagerTray"="C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe -h -k"
"Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe"
"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"
"EgisUpdate"="C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe -d"
"EgisTecPMMUpdate"="C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"HP Software Update"="C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Google Update"="C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
"LiveSupport"="C:\Program Files (x86)\LiveSupport\LiveSupport.exe /noshow /log"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="c:\\progra~2\\sw-boo~1\\assist~1.dll"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AmIcoSinglun64"="C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe"
"mwlDaemon"="C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe"
"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"
"PLFSetI"="C:\Windows\PLFSetI.exe"
"Apoint"="C:\Program Files\Apoint2K\Apoint.exe"
"Acer ePower Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"
"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"
"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

==== Startup Folders ======================

2013-11-05 13:02:32	2103	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-926169715-2678499732-3854754969-1001Core.job --a------ C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [30-08-2011 00:13]
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-926169715-2678499732-3854754969-1001UA.job --a------ C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe [30-08-2011 00:13]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-926169715-2678499732-3854754969-1001Core" [C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-926169715-2678499732-3854754969-1001UA" [C:\Users\Lars\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\pricemeterdownloader" [C:\Users\Lars\AppData\Local\PriceMeter\pricemeterd.exe]
"C:\Windows\SysNative\tasks\PriceMeterUpdater" [C:\Users\Lars\AppData\Roaming\PRICEM~1\UPDATE~1\UPDATE~1.EXE]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\{0D36482B-6883-404B-AD4F-D474F43C4196}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/4.1.0.179.367/nl/abandoninstall?source=lightinstaller&amp;page=tsMain&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded]
"C:\Windows\SysNative\tasks\{8F2D4BBE-CDDD-4E9D-A60A-02C1858D04B9}" ["c:\program files\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.3.73.105.457/nl/abandoninstall?page=tsMain]
"C:\Windows\SysNative\tasks\{FE9985CF-1724-4AC3-8A9E-C711EC27D043}" ["c:\program files\internet explorer\iexplore.exe" http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=4.1.0.179.367&amp;LastError=404]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [05-11-2013 15:04]
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [05-11-2013 15:04]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Lars\AppData\Roaming\TomTom\HOME\Profiles\s5kvran6.default
- Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com
- TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com

==== Firefox Plugins ======================


==== Chrome Look ======================

Searchi-NeewTab - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd
sAve inet - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh
Searchi-NeewTab - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Administrator\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd
sAve inet - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh
Searchi-NeewTab - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Gast\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Gast\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd
sAve inet - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh
Searchi-NeewTab - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Lars\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Lars\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Lars\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Lars\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Angry Birds - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj
YoutubeAdblocker - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd
CoupExtENNsion - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebjccaeebcpjffojaeohfllihiihaebn
sAve inet - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh
Google Wallet - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Live CSS Editor - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Quick Start - Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Searchi-NeewTab - Lars\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Lars\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg
Searchi-NeewTab - Lars\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj
Live CSS Editor - Lars\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg

==== Chrome Fix ======================

C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.searchsun.info_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.qone8.com_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_searches.qone8.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.qone8.com_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_start.qone8.com_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.qone8.com_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.qone8.com_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Lars\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Lars\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Lars\AppData\Local\Torch\User Data\Default\Extensions\mdakkinldjfmehfmgnpjokbecejijpbj deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpmeiihppehhonpgknkndpnecehifpgd deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpmeiihppehhonpgknkndpnecehifpgd_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_cpmeiihppehhonpgknkndpnecehifpgd_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Torch\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oelggcmknbjmhkpgjfhakedcfnkgbdpg_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_oelggcmknbjmhkpgjfhakedcfnkgbdpg_0.localstorage-journal deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\oelggcmknbjmhkpgjfhakedcfnkgbdpg deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\koopnlhjikkllmgnhcjpgamebpkjfnlh deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_koopnlhjikkllmgnhcjpgamebpkjfnlh_0.localstorage deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_koopnlhjikkllmgnhcjpgamebpkjfnlh_0.localstorage-journal deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Extensions\ebjccaeebcpjffojaeohfllihiihaebn deleted successfully
C:\Users\Lars\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ebjccaeebcpjffojaeohfllihiihaebn_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
"Default_Page_URL"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.qone8.com/web/?type=ds&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX&q={searchTerms}"
"Default_Page_URL"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
"Start Page"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
"Search Page"="http://www.qone8.com/web/?type=ds&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.qone8.com/web/?type=ds&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX&q={searchTerms}"
"Default_Page_URL"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
"Start Page"="http://start.qone8.com/?type=hp&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX"
"Search Page"="http://www.qone8.com/web/?type=ds&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://isearch.avg.com/tab?cid={A24266EE-353A-4447-B137-DAC8A14AFF13}&mid=21bbbea71ad147d1aaa7f123ccfb88f1-6974dff3d484fecef203eb43e11a6d6555963414&lang=nl&ds=AVG&pr=pr&d=2011-12-12 16:07:15&v=9.0.0.22&sap=nt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="http://isearch.avg.com/tab?cid={A24266EE-353A-4447-B137-DAC8A14AFF13}&mid=21bbbea71ad147d1aaa7f123ccfb88f1-6974dff3d484fecef203eb43e11a6d6555963414&lang=nl&ds=AVG&pr=pr&d=2011-12-12 16:07:15&v=9.0.0.22&sap=nt"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{67BB9647-6409-4BA1-A03A-7430F8C4512F} Bing  Url="http://www.bing.com/search?q={searchTerms}&amp;form=BIE9DF&amp;pc=BIE9&amp;src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_USERS\S-1-5-21-926169715-2678499732-3854754969-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{27B4851A-3207-45A2-B947-BE8AFE6163AB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\avg@toolbar deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Lars\Desktop\Google Chrome.lnk - C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Aangifte inkomstenbelasting 2013.lnk - C:\Program Files (x86)\Belastingdienst\Aangifte inkomstenbelasting\2013\ib2013.exe 
C:\Users\Public\Desktop\Acer Accessoires.lnk - C:\Program Files (x86)\Acer Accessory Store\StartUrl.exe http://store.acer-euro.com/nl?utm_source=Icon&utm_medium=Icon&utm_campaign=Acer%2BInternal
C:\Users\Public\Desktop\AVG 2014.lnk - C:\Program Files (x86)\AVG\AVG2014\avgui.exe 
C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe 
C:\Users\Public\Desktop\HP Solution Center.lnk - C:\Program Files (x86)\HP\Digital Imaging\bin\Hpqdirec.exe 
C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\Norton Online Backup.lnk - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe OPEN
C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe 
C:\Users\Public\Desktop\Windows Live Photo Gallery.lnk - C:\Program Files (x86)\HP\Print Projects\Common01\Bin\HpqWLPG03.exe 
C:\Users\Public\Desktop\Winkel voor HP-benodigheden.lnk - C:\Program Files (x86)\HP\HPSSUPPLY\hpqSSupply.exe 

==== shortcuts in Users Start Menu ======================

C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX
C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX
C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Users\Lars\AppData\Local\Google\Chrome\Application\chrome.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ijji REACTOR.lnk - C:\Program Files (x86)\REACTOR\REACTOR.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Acer GameZone Console.lnk - C:\Program Files (x86)\Acer GameZone\GameConsole\Acer Game Console.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://start.qone8.com/?type=sc&ts=1399466930&from=ild&uid=HitachiXHTS545050B9A300_101018PBN40417F8NPMEX
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604130000"
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\Program Files (x86)\Preload\Skype\SkypeSetup.exe 

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Acer Accessoires.lnk - C:\Program Files (x86)\Acer Accessory Store\StartUrl.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 
C:\Users\Lars\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe