
Zoek.exe v5.0.0.0 Updated 30-06-2014
Tool run by Ani on ma 30/06/2014 at 21:13:40,86.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Ani\Desktop\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-06-20-183620.log	332 bytes
C:\zoek-results2014-06-20-183857.log	1252 bytes

==== Possible Rootkit Infection ======================

C:\Users\Ani\AppData\Local\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\L
C:\Users\Ani\AppData\Local\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\U
C:\Windows\installer\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\L
C:\Windows\installer\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\U
C:\Windows\installer\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\L\00000004.@

==== Empty Folders Check ======================

C:\PROGRA~2\1ClickDownload deleted successfully
C:\PROGRA~2\Free Video Converter deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\SNT deleted successfully
C:\PROGRA~2\SW-Booster deleted successfully
C:\PROGRA~2\COMMON~1\Symantec Shared deleted successfully
C:\Program Files\Babylon deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\Browser Manager deleted successfully
C:\PROGRA~3\Wincert deleted successfully
C:\PROGRA~3\ZoomBrowser deleted successfully
C:\Users\Ani\AppData\Roaming\Malwarebytes deleted successfully
C:\Users\Ani\AppData\Roaming\PerformerSoft deleted successfully
C:\Users\Ani\AppData\Roaming\Samsung deleted successfully
C:\Users\Ani\AppData\Roaming\TP deleted successfully
C:\Users\Ani\AppData\Roaming\Uwosy deleted successfully
C:\Users\Ani\AppData\Roaming\Windows Live Writer deleted successfully
C:\Users\Ani\AppData\Roaming\ZoomBrowser EX deleted successfully
C:\Users\Ani\AppData\Local\CrashDumps deleted successfully
C:\Users\Ani\AppData\Local\genienext deleted successfully
C:\Users\Ani\AppData\Local\MigWiz deleted successfully
C:\Users\Ani\AppData\Local\PackageAware deleted successfully
C:\Users\Ani\AppData\Local\TomTom deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{14FF4172-C2BD-4959-93B9-F49BF650DD1F} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671} deleted successfully
HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\JustVoip.com\JustVoip\justvoip.exe
C:\Windows\SysWOW64\ezSharedSvcHost.exe
C:\Users\Ani\AppData\Roaming\Spotify\spotify.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\Ani\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Users\Ani\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
C:\Program Files (x86)\Citrix\ICA Client\redirector.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Citrix\Receiver\Receiver.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Citrix\SelfServicePlugin\SelfServicePlugin.exe
C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Ani\Desktop\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\cmd.exe

==== Deleting Services ======================


==== FireFox Fix ======================

ProfilePath: C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\0

user.js not found
---- Lines WebSearch removed from prefs.js ----
user_pref("browser.search.order.1", "WebSearch");
user_pref("browser.search.defaultenginename", "WebSearch");
user_pref("browser.search.selectedEngine", "WebSearch");
user_pref("browser.search.order.1,S", "WebSearch");
user_pref("browser.search.defaultenginename,S", "WebSearch");
user_pref("browser.search.selectedEngine,S", "WebSearch");
user_pref("browser.search.defaulturl", "http://websearch.fastosearch.info/?pid=714&r=2014/06/09&hid=12481905827288361955&lg=EN&cc=BE&unqvl=55&l=1&q=")
---- FireFox user.js and prefs.js backups ---- 

prefs_20143006_2132_.backup

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] 
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] 
""=- 
"mobilegeni daemon"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\SW-Booster not found
C:\Program Files (x86)\Mobogenie deleted
C:\Program Files\Java\jre6 deleted
C:\Users\Ani\AppData\Roaming\Smilebox deleted
C:\zoek_backup deleted
C:\Windows\Temp21391019-208C-65E2-9870-C2FC6AC8ED8C-Signatures deleted
C:\Windows\Temp52FCDE01-2A94-F8FB-7FA7-977D06173195-Signatures deleted
C:\Windows\Temp0902261F-0AA2-CA0F-3759-6D97845CB6D6-Signatures deleted
C:\ProgramData\df50ea80e4df227b deleted
C:\ProgramData\InstallMate deleted
C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 deleted
C:\Program Files\Web Assistant deleted
C:\Users\Ani\daemonprocess.txt deleted
C:\Users\Ani\.android deleted
C:\PROGRA~2\Mozilla Firefox\user.js deleted
C:\PROGRA~2\ExpressFiles deleted
C:\PROGRA~2\express-files deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\PROGRA~2\Smiley Bar for Facebook deleted
C:\PROGRA~2\Conduit deleted
C:\PROGRA~2\Search Results Toolbar deleted
C:\SearchProtect deleted
C:\Users\Ani\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted
C:\Users\Ani\AppData\Roaming\Uniblue deleted
C:\Users\Ani\AppData\Roaming\ExpressFiles deleted
C:\Users\Ani\AppData\Roaming\DVDVideoSoftIEHelpers deleted
C:\Users\Ani\AppData\Roaming\StatusWinks deleted
C:\PROGRA~3\Apple deleted
C:\PROGRA~3\Apple Computer deleted
C:\PROGRA~3\Application Data deleted
C:\PROGRA~3\Supersoftware App deleted
C:\PROGRA~3\SNT deleted
C:\PROGRA~3\Tarma Installer deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Ani\AppData\Local\iLivid deleted
C:\Users\Ani\AppData\Local\CRE deleted
C:\Users\Ani\AppData\Local\Mobogenie deleted
C:\Users\Ani\AppData\Local\cache deleted
C:\Users\Ani\AppData\Local\Conduit deleted
C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted
C:\Users\Ani\Searches deleted
C:\Users\Ani\AppData\LocalLow\express-files deleted
C:\Users\Ani\AppData\LocalLow\ilividtoolbargaw deleted
C:\Users\Ani\AppData\LocalLow\BabylonToolbar deleted
C:\Users\Ani\AppData\LocalLow\DataMngr deleted
C:\Users\Ani\AppData\LocalLow\Conduit deleted
C:\user.js deleted
C:\END deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
C:\Users\Ani\Documents\Mobogenie deleted
C:\Users\Ani\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\OneClickDownloader@OneClickDownloader.com.xpi deleted
C:\Users\Ani\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks deleted
"C:\Users\Ani\AppData\Roaming\Ohhi\tiot.agi" deleted
"C:\Users\Ani\AppData\Roaming\Amtya\kiemp.zeu" deleted
"C:\Users\Ani\AppData\Roaming\xsecva\xseacc.xse" deleted
"C:\Users\Ani\AppData\Local\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}" deleted
"C:\Users\Ani\AppData\Roaming\Ohhi" deleted
"C:\Users\Ani\AppData\Roaming\Amtya" deleted
"C:\Users\Ani\AppData\Roaming\xsecva" deleted
"C:\Users\Ani\AppData\Local\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\L" deleted
"C:\Users\Ani\AppData\Local\{c3135bcf-8b21-8f66-44fe-4fbaebe2f077}\U" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4044 MB
CPU Info: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
CPU Speed: 2292,8 MHz
Sound Card: Luidsprekers en koptelefoons (I | 
Communicatie koptelefoons (IDT  | 
Display Adapters: Mobile Intel(R) HD Graphics | Mobile Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Ralink RT5390 802.11b/g/n WiFi Adapter | Realtek PCIe FE Family Controller
CD / DVD Drives: 1x (E: | ) E: hp      DVDRAM GT31L
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 16 Button Wheel Mouse Present
Hard Disks: C:  579,4GB | D:  16,5GB
Hard Disks - Free: C:  464,3GB | D:  1,8GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 06/17/11 | HPQOEM - 1
Time Zone: Romance (standaardtijd)
Motherboard *: Hewlett-Packard 1672
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: Microsoft Security Essentials On-access scanning disabled (Outdated)
Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: avast! Antivirus disabled (Outdated)
Anti-Spyware: Microsoft Security Essentials disabled (Outdated)
Default Browser: Google Chrome	35.0.1916.114
Internet Explorer Version: 11.0.9600.17126 
Google Chrome version: 35.0.1916.114
Adobe Reader version: 10.1.10.18
Sun Java version: 1.7.0_60 (32-bit) 
Shockwave Player version: 11.5.9r620

==== Files Recently Created / Modified ======================

====== C:\Windows ====
2014-06-29 12:45:06	0DD08DDE3A93F8A6BF3089697CCA7CDF	533418806	----a-w-	C:\Windows\MEMORY.DMP
2014-06-15 13:09:54	0B5A0005C0BDF4A05174576AF80DEA04	43152	----a-w-	C:\Windows\avastSS.scr
====== C:\Users\Ani\AppData\Local\Temp ====
2014-06-30 19:06:48	5634C601025C31032A0AF1590B4C0CA6	43008	----a-w-	C:\Users\Ani\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpme0bpu.dll
2014-06-29 13:14:08	E8F0610061F5542431960BDC87BE9502	1712128	----a-w-	C:\Users\Ani\AppData\Local\Temp\GdiPlus.dll
2014-06-29 13:14:08	E6310E207EA8B2C69D5A1B03A1939752	245760	----a-w-	C:\Users\Ani\AppData\Local\Temp\InstallerMessageBox.exe
2014-06-29 13:14:08	18BD318B7082A2A0775A106B9FEA955A	708608	----a-w-	C:\Users\Ani\AppData\Local\Temp\NPSInstallerProxy.exe
2014-06-29 13:14:08	16F2DA0575483DE3179542D10DB31432	528384	----a-w-	C:\Users\Ani\AppData\Local\Temp\NPSInstallerProxyMessageBoxHookDll.dll
2014-06-29 12:37:55	E69EDC9813B9C9C275D62D0E8E7E3950	7168	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\ENGLISH\UnInstRsc.dll
2014-06-29 12:37:55	3440929CD14433B73F9BD3C44DEE451A	2625536	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\ENGLISH\InstRsc02.dll
2014-06-29 12:37:54	AB69B0B11EB5483F5BAD2F1EBF4F04BE	390536	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\Uninst.exe
2014-06-29 12:37:54	683FF4D6165946D79640293A6CF8ED97	532480	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\setup.dll
2014-06-29 12:37:54	6508D7F1FCFB246C9BC9491522955D94	25600	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\ENGLISH\InstRsc01.dll
2014-06-29 12:37:53	605C09DF4AB062EA1F803A2C6169A77D	636296	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\Install.exe
2014-06-29 12:37:53	01062BBD488F9AAC358ED0C3934782D6	233472	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\CURALDLL.dll
2014-06-29 12:37:51	D4210581A0C46D3DCBED051F87CA9D65	3256320	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\CommonRsc02.dll
2014-06-29 12:37:51	1A9F16D6AAD33E232AF7208354FA28A4	26112	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\SOFTWARE\INSTALL\COMMON\CommonRsc01.dll
2014-06-29 12:37:50	6DC82F19999C4EF203AA3F17C0F73D5A	103816	----a-w-	C:\Users\Ani\AppData\Local\Temp\UIW_TEMP000\setup.exe
====== Java Cache =====
====== C:\Windows\SysWOW64 =====
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
====== C:\Windows\Sysnative\drivers =====
2014-06-15 13:10:30	340B0467E98A8C92697D73034DB4BCB7	29208	----a-w-	C:\Windows\Sysnative\drivers\aswHwid.sys
2014-06-13 20:21:42	8A50D5304E6AE48664CF5838EC32F647	122584	----a-w-	C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys
2014-06-13 20:18:39	9D9ED48F841EA37AA5310D54B9E5D3C7	91352	----a-w-	C:\Windows\Sysnative\drivers\mbamchameleon.sys
2014-06-13 20:18:39	15E8ABC06843672955CE26A009533BAD	63704	----a-w-	C:\Windows\Sysnative\drivers\mwac.sys
2014-06-12 16:25:21	17F685B67C74B8F7BFED4308790B71DE	288192	----a-w-	C:\Windows\Sysnative\drivers\FWPKCLNT.SYS
2014-06-12 16:25:21	04ADD18EE5CC9FBEDAEC1DD1CD0CB45E	1903552	----a-w-	C:\Windows\Sysnative\drivers\tcpip.sys
====== C:\Windows\Tasks ======
2014-06-09 15:32:29	863D3DF96087092E567483B208374EF7	3494	----a-w-	C:\Windows\Sysnative\Tasks\AdobeAAMUpdater-1.0-Ani-HP-Ani
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-06-19 16:47:14	--------	d-----w-	C:\Program Files\trend micro
2014-06-09 15:24:56	--------	d-----w-	C:\Program Files\Adobe
2014-06-09 15:15:23	--------	d-----w-	C:\Program Files\Common Files\Adobe
2014-06-04 18:21:07	--------	d-----w-	C:\Program Files\iPod
2014-06-04 18:21:06	--------	d-----w-	C:\Program Files\iTunes
======= C:\PROGRA~2 =====
2014-06-29 12:38:03	--------	d-----w-	C:\PROGRA~2\COMMON~1\Canon
2014-06-25 17:58:03	--------	d-----w-	C:\PROGRA~2\ESET
2014-06-16 17:10:09	--------	d-----w-	C:\PROGRA~2\COMMON~1\Java
2014-06-16 17:09:17	--------	d-----w-	C:\PROGRA~2\Java
2014-06-04 18:25:07	--------	d-----w-	C:\PROGRA~2\QuickTime
2014-06-04 18:21:06	--------	d-----w-	C:\PROGRA~2\iTunes
======= C: =====
====== C:\Users\Ani\AppData\Roaming ======
2014-06-29 13:01:27	--------	d-----w-	C:\Users\Ani\AppData\Local\CANON_INC
2014-06-29 12:53:55	--------	d-----w-	C:\Users\Ani\AppData\Roaming\Canon
2014-06-27 13:55:59	--------	d-----w-	C:\Users\Ani\AppData\Local\Smilebox
2014-06-22 12:30:31	A0AE76C8B5FE9D88DA5477793941441F	3584	----a-w-	C:\Users\Ani\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-06-09 15:34:55	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-06-09 15:34:55	--------	d-----w-	C:\Users\Gast\AppData\Local\Chromatic Browser
2014-06-09 15:34:55	--------	d-----w-	C:\Users\Ani\AppData\Local\Chromatic Browser
2014-06-09 15:34:55	--------	d-----w-	C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-06-09 15:34:54	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-06-09 15:34:54	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Google
2014-06-09 15:34:54	--------	d-----w-	C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Gast\AppData\Local\Torch
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Gast\AppData\Local\Google
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Gast\AppData\Local\Comodo
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Ani\AppData\Local\Torch
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Ani\AppData\Local\Comodo
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Administrator\AppData\Local\Torch
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Administrator\AppData\Local\Comodo
2014-06-09 15:34:53	--------	d-----w-	C:\Users\Administrator\AppData\Local\Google
2014-06-09 15:30:43	--------	d-----w-	C:\Users\Ani\AppData\Roaming\PDAppFlex
2014-06-04 18:25:01	--------	d-----w-	C:\Users\Ani\AppData\Locallow\Apple Computer
====== C:\Users\Ani ======
2014-06-29 10:46:07	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Ani\Downloads\RSITx64.exe
2014-06-27 13:54:51	ABF2FFC857587A6B12B0B3485DD40564	790776	----a-w-	C:\Users\Ani\Downloads\SmileboxInstaller.exe
2014-06-27 12:55:26	C882E29819596BB487E59B4ABD6C33B7	4812672	----a-w-	C:\Users\Ani\Downloads\ccsetup415.exe
2014-06-25 17:57:21	E8D3E34FFDAF21DF7C09CBBBA5763237	2347384	----a-w-	C:\Users\Ani\Downloads\esetsmartinstaller_enu.exe
2014-06-23 19:58:20	94E3A2D6251A35ED69DB3221329E8584	4181856	----a-w-	C:\Users\Ani\Downloads\tdsskiller.exe
2014-06-22 12:37:45	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-06-22 12:34:00	DF463B4C69C1531D1DA7DA3E30E7F8B5	24677393	----a-w-	C:\Users\Ani\Downloads\vlc-2.1.3-win32.exe
2014-06-19 16:45:16	8045ABB21A3BDD66A48E1ED5C0F0EF6A	1222144	----a-w-	C:\Users\Ani\Desktop\RSITx64.exe
2014-06-19 16:20:44	--------	d-----r-	C:\Users\Ani\Creative Cloud Files
2014-06-09 15:37:18	02C1EE40968BAA67C3A785CDA9807125	262	--sha-r-	C:\ProgramData\ntuser.pol
2014-06-09 15:34:54	--------	d-----w-	C:\Users\HomeGroupUser$\AppData
2014-06-09 15:34:54	--------	d-----w-	C:\Users\Gast\AppData
2014-06-09 15:34:53	--------	d-----w-	C:\Users\Administrator\AppData
2014-06-09 15:30:19	--------	d-----w-	C:\ProgramData\regid.1986-12.com.adobe
2014-06-04 18:25:26	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-06-04 18:24:28	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-06-04 18:22:09	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

====== C: exe-files ==
2014-06-29 12:39:07	AB69B0B11EB5483F5BAD2F1EBF4F04BE	390536	----a-w-	C:\Program Files (x86)\Common Files\Canon\UIW\1.10.0.0\Uninst.exe
2014-06-25 17:58:07	D69EB85DE0C04A20A9ADA55431A24E75	358144	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScanner.exe
2014-06-25 17:58:07	8D2CD7124589AA9656E61364EC57FEDA	333424	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineCmdLineScannerA.exe
2014-06-25 17:58:06	F706B4A0068F64302CF4E968F6ACC946	119184	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerUninstaller.exe
2014-06-25 17:58:06	B9DD20CBAB7931DF860AD110D0667B51	2887824	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
2014-06-25 17:58:06	6FB6C26AE7F565F4DD5AFA6242D3DB06	535304	----a-w-	C:\Program Files (x86)\ESET\ESET Online Scanner\OnlineScannerApp.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"Google Update"="C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"JustVoip"="C:\Program Files (x86)\JustVoip.com\JustVoip\justvoip.exe -nosplash -minimized"
"Spotify"="C:\Users\Ani\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe"
"HPConnectionManager"="C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe"
"HPOSD"="C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe"
"ConnectionCenter"="C:\Program Files (x86)\Citrix\ICA Client\concentr.exe /startup"
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Redirector"="C:\Program Files (x86)\Citrix\ICA Client\redirector.exe /startup"
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"
"iTunesHelper"="C:\Program Files (x86)\iTunes\iTunesHelper.exe"
"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"
"Adobe Creative Cloud"="C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OfficeSyncProcess"="C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
"Google Update"="C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"JustVoip"="C:\Program Files (x86)\JustVoip.com\JustVoip\justvoip.exe -nosplash -minimized"
"Spotify"="C:\Users\Ani\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"
"Spotify Web Helper"="C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="C:\Windows\system32\igfxtray.exe"
"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
"Persistence"="C:\Windows\system32\igfxpers.exe"
"BCSSync"="C:\Program Files\Microsoft Office\Office14\BCSSync.exe /DelayServices"
"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
"MSC"="c:\Program Files\Microsoft Security Client\mssecex.exe -hide -runkey"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "
"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

==== Startup Folders ======================

2013-04-06 19:28:56	1045	----a-w-	C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
2012-04-07 09:36:00	1316	----a-w-	C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Messenger.lnk
2012-02-17 21:50:10	1270	----a-w-	C:\Users\Ani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Schermopname en Snel starten.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [16/06/2014 19:01]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001Core.job --a------ C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 20:40]
C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001UA.job --a------ C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe [12/07/2012 20:40]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001Core1ce77c2da74bdd5.job --a------ C::C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe []
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001UA1ce77c2db3355b0.job --a------ C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe []

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\0" [c:\program files\internet explorer\iexplore.exe]
"C:\Windows\SysNative\tasks\4461" [wscript.exe C:\Users\Ani\AppData\Local\Temp\launchie.vbs //B]
"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Ani-HP-Ani" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]
"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001Core" [C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001UA" [C:\Users\Ani\AppData\Local\Facebook\Update\FacebookUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001Core1ce77c2da74bdd5" [C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-1628012784-2049178738-2898664664-1001UA1ce77c2db3355b0" [C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\Windows\SysNative\tasks\ServicePlan" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{5BC10001-FA08-47ED-989B-81A6D99DE7EE}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\{3D3595A0-BE47-47ED-A690-FE3E24EFFFD2}" ["C:\Program Files (x86)\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/6.1.0.129.272/en/abandoninstall?page=tsProgressBar]
"C:\Windows\SysNative\tasks\{BF318E6B-B134-46AF-8C01-B272464F58AB}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.9.73.106.456/nl/abandoninstall?page=tsProgressBar]
"C:\Windows\SysNative\tasks\{C351C98F-F787-4023-88A7-DB7861632FC2}" ["c:\program files (x86)\internet explorer\iexplore.exe" http://ui.skype.com/ui/0/6.9.73.106.456/nl/abandoninstall?page=tsProgressBar]
"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]
"C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"statuswinks@StatusWinks"="C:\Users\Ani\AppData\Roaming\Mozilla\Extensions\statuswinks@StatusWinks" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================


==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
dhkplhfnhceodhffomolpfigojocbpcb - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonChrome.crx[]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[15/06/2014 15:09]
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Ani\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\Ani\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

SNT - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Administrator\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Administrator\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Administrator\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Administrator\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
Google Docs - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake
Google Drive - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Enhance Browser - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
avast Online Security - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
save on - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
Google Wallet - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda
Gmail - Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia
SNT - Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Ani\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Ani\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Ani\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Ani\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Ani\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - Gast\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - Gast\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - Gast\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - Gast\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - Gast\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi
SNT - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb
Enhance Browser - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb
save on - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim
YoutubeAdblocker - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi
savE on - HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi

==== Chrome Fix ======================

C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_continuetosave.info_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Ani\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mbdcmgohhcnmaggbbhjbmphibbajlifi deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mbdcmgohhcnmaggbbhjbmphibbajlifi_0.localstorage deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Ani\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\ehbhogapbkchbfklbpamklbapcjkjjpb deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\gbiekjoijknlhijdjbaadobpkdhmoebb deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbiekjoijknlhijdjbaadobpkdhmoebb_0.localstorage deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gbiekjoijknlhijdjbaadobpkdhmoebb_0.localstorage-journal deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Ani\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\icgdkmppahjdodbfmobiikkjhbpbimim deleted successfully
C:\Users\Administrator\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Administrator\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Administrator\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Ani\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Ani\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Ani\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Gast\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Gast\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Gast\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Gast\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\HomeGroupUser$\AppData\Local\Torch\User Data\Default\Extensions\mbmbblpengaockoacpmidibajpndappi deleted successfully
C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_mbmbblpengaockoacpmidibajpndappi_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.bing.com"
"Search Bar"="http://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://www.bing.com"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&form=HPNTDF&pc=HPNTDF&src=IE-SearchBox"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"
{d43b3890-80c7-4010-a95d-1e77b5924dc3} Wikipedia  Url="http://nl.wikipedia.org/wiki/Special:Search?search={searchTerms}"
{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay  Url="http://rover.ebay.com/rover/1/1553-111073-34115-5/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}"

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1628012784-2049178738-2898664664-1001\Software\Mozilla\Firefox\Extensions\statuswinks@StatusWinks deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\c973eb90-dea4-4fb6-859f-095b46fa295a deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1 deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CtxIEInterceptorBHO - {2C4631FF-5CC8-4EBC-A0DF-34C92291759E} - C:\Program Files (x86)\Citrix\ICA Client\IEInterceptor.dll
O2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
O4 - HKLM\..\Run: [HPConnectionManager] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
O4 - HKLM\..\Run: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
O4 - HKLM\..\Run: [CitrixReceiver] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
O4 - HKLM\..\Run: [ConnectionCenter] "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Redirector] "C:\Program Files (x86)\Citrix\ICA Client\redirector.exe" /startup
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Google Update] "C:\Users\Ani\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [JustVoip] "C:\Program Files (x86)\JustVoip.com\JustVoip\justvoip.exe" -nosplash -minimized
O4 - HKCU\..\Run: [Spotify] "C:\Users\Ani\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart
O4 - HKCU\..\Run: [Spotify Web Helper] "C:\Users\Ani\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = Ani\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Startup: Facebook Messenger.lnk = Ani\AppData\Local\Facebook\Messenger\2.1.4814.0\FacebookMessenger.exe
O4 - Startup: OneNote 2010 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
O8 - Extra context menu item: &Verzenden naar OneNote - res://C:\PROGRA~1\MICROS~4\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Update-service (gupdate) (gupdate) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Unknown owner - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (file missing)
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Client Services (HPClientSvc) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
O23 - Service: HP Connection Manager 4 Service (hpCMSrv) - Hewlett-Packard Development Company L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Ani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKKZQ17U will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Ani\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=515 folders=194 5022965 bytes)

==== Empty Temp Folders ======================

C:\Users\Ani\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\Ani\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Ani\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LKKZQ17U" not found

==== EOF on ma 30/06/2014 at 21:59:48,99 ======================