
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by Charlotte on do 07-05-2015 at 23:29:59,82.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Charlotte\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

7-5-2015 23:38:18 Zoek.exe System Restore Point Created Successfully.

==== Empty Folders Check ======================

C:\PROGRA~2\BuyNsave deleted successfully
C:\Program Files\Symantec deleted successfully
C:\PROGRA~3\3872871776 deleted successfully
C:\PROGRA~3\a7fcb38c0000453b deleted successfully
C:\PROGRA~3\Babylon deleted successfully
C:\PROGRA~3\NewSaver deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\SaverExtension deleted successfully
C:\Users\Charlotte\AppData\Roaming\Advanced System Protector deleted successfully
C:\Users\Charlotte\AppData\Roaming\TP deleted successfully
C:\Users\Charlotte\AppData\Roaming\Windows Live Writer deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Internet Explorer\SearchScopes\{DAAD9570-6FD1-40C3-80F7-D99708817244} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Internet Explorer\SearchScopes\{DAAD9570-6FD1-40C3-80F7-D99708817244} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome.IBG5JQJJIZYSBCBFD5NG6IV5T4\shell\open\command]
@="C:\\Users\\Charlotte\\AppData\\Local\\Google\\Chrome\\Application\\chrome.exe"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]
@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] 
"Ilssoft"=- 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] 
"AppInit_DLLs"=- 

==== Deleting Files \ Folders ======================

C:\PROGRA~2\BuyNsave not found
C:\ProgramData\a7fcb38c0000453b not found
C:\ProgramData\3872871776 not found
"C:\Reprendre l'installation.lnk" not found
C:\PROGRA~2\BitSavver deleted
C:\PROGRA~2\DigiCoUponu deleted
C:\PROGRA~2\DOOwNSSave deleted
C:\PROGRA~2\ExSatrauSaviings deleted
C:\PROGRA~2\ExStRaSaavinggs deleted
C:\PROGRA~2\Happy2SSave deleted
C:\PROGRA~2\ISaver deleted
C:\PROGRA~2\SaverExtenseionn deleted
C:\PROGRA~2\TTaKeTheCoauipOnn deleted
C:\PROGRA~2\YoutubeAdBlocke deleted
C:\PROGRA~2\DigiCOOupoon deleted
C:\PROGRA~2\DigISauver deleted
C:\PROGRA~2\DiscounntExtensI deleted
C:\PROGRA~2\Facebook Chat Platinum deleted
C:\PROGRA~2\Faster Chrome Pro deleted
C:\PROGRA~2\GreeateSave4U deleted
C:\PROGRA~2\memeticon deleted
C:\PROGRA~2\PageArchiver deleted
C:\PROGRA~2\RooboSaver deleted
C:\Users\Charlotte\AppData\Roaming\DVDVideoSoftIEHelpers deleted
C:\found.001 deleted
C:\ProgramData\7d11adf000003889 deleted
C:\ProgramData\7fb1a105e4adc44a deleted
C:\PROGRA~3\9201312560378135626 deleted
C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted
C:\found.000 deleted
C:\Users\Charlotte\AppData\Roaming\appdataFr3.bin deleted
C:\Users\Charlotte\AppData\Roaming\Cool Mirage Ltd deleted
C:\Users\Charlotte\AppData\Roaming\BabSolution deleted
C:\Users\Charlotte\AppData\Roaming\Babylon deleted
C:\Users\Charlotte\AppData\Roaming\systweak deleted
C:\Users\Charlotte\AppData\Roaming\OpenCandy deleted
C:\PROGRA~3\Trusted Publisher deleted
C:\PROGRA~3\Red AdBlocker deleted
C:\PROGRA~3\RoboSeAveir deleted
C:\Users\Charlotte\AppData\Local\PutLockerDownloader deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SkypEmoticons deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted
C:\windows\SysNative\roboot64.exe deleted
C:\Users\Charlotte\AppData\LocalLow\Cool Mirage Ltd deleted
C:\windows\SysNative\config\systemprofile\Searches deleted
C:\windows\Syswow64\sho587C.tmp deleted
C:\windows\Syswow64\sho5A44.tmp deleted
C:\windows\Syswow64\sho7A62.tmp deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
"C:\Users\Charlotte\AppData\Roaming\SkypEmoticons\Res.dll" deleted
"C:\Users\Charlotte\AppData\Roaming\SkypEmoticons\SE.exe" deleted
"C:\Users\Charlotte\AppData\Roaming\SkypEmoticons" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====
2015-05-06 17:06:23	80FD4D46B0E9B620CF757A9A5C789329	577536	----a-w-	C:\windows\soundman.exe
2015-05-06 17:04:09	B8D51A5F2961AE381723F964978AA848	217088	----a-w-	C:\windows\alcrmv.exe
2015-05-06 17:04:09	A3CF502659EF4EBA42C70E832ED967ED	315392	----a-w-	C:\windows\alcupd.exe
====== C:\Users\CHARLO~1\AppData\Local\Temp ====
====== Java Cache =====
====== C:\windows\SysWOW64 =====
2015-05-06 17:06:23	C99E22EFE74C8B3EFF93E227472FE247	141016	----a-w-	C:\windows\SysWOW64\alsndmgr.wav
2015-05-06 17:06:23	BB47824F9B42B7EF93E4F7129782A48E	147456	----a-w-	C:\windows\SysWOW64\RtlCPAPI.dll
2015-05-06 17:06:23	43C3571EADA5BC1EDEAD7CA22AD66F30	49152	----a-w-	C:\windows\SysWOW64\ChCfg.exe
2015-05-06 17:06:23	336402653D18149456C1AF57A6529A99	10528768	----a-w-	C:\windows\SysWOW64\RTLCPL.exe
2015-05-06 17:06:22	3390B4635D37163CB5B2C0A13403B58B	18804736	----a-w-	C:\windows\SysWOW64\alsndmgr.cpl
====== C:\windows\SysWOW64\drivers =====
2015-05-06 17:06:23	DD8520280304B6145A6BE31008748C7C	4122368	----a-r-	C:\windows\SysWOW64\drivers\alcxwdm.sys
====== C:\windows\Sysnative =====
====== C:\windows\Sysnative\drivers =====
2015-04-15 12:37:27	F61634BEC53F73702A10DE69F6DCAF57	754688	----a-w-	C:\windows\Sysnative\drivers\http.sys
2015-04-15 12:36:59	1FA627E63195BF3BF636BFEF0D7190D4	155576	----a-w-	C:\windows\Sysnative\drivers\ksecpkg.sys
2015-04-15 12:36:59	063C09DB965E3DFD6F4F08416F6DB8F5	95672	----a-w-	C:\windows\Sysnative\drivers\ksecdd.sys
====== C:\windows\Tasks ======
2015-05-06 17:03:34	CC17CADDF532AA5DB1FE667E12EBF296	3156	----a-w-	C:\windows\Sysnative\Tasks\{7931E86E-1FBA-401A-B378-C28AF36830B9}
====== C:\windows\Temp ======
======= C:\Program Files =====
2015-05-07 14:46:06	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
2015-05-07 11:12:04	--------	d-----w-	C:\PROGRA~2\Trend Micro
2015-05-07 10:54:48	--------	d-----w-	C:\PROGRA~2\Avira
2015-05-06 17:04:13	--------	d-----w-	C:\PROGRA~2\Realtek AC97
2015-04-16 11:41:31	--------	d-----w-	C:\PROGRA~2\COMMON~1\Skype
2015-04-16 11:41:30	--------	d-----r-	C:\PROGRA~2\Skype
======= C: =====
====== C:\Users\Charlotte\AppData\Roaming ======
2015-05-07 14:42:47	--------	d-----w-	C:\Users\Charlotte\AppData\Local\AviraResume
2015-05-06 17:00:05	--------	d-----w-	C:\Users\Charlotte\AppData\Local\ElevatedDiagnostics
====== C:\Users\Charlotte ======
2015-04-16 11:41:32	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

====== C: exe-files ==
2015-05-07 21:32:05	4557B9A730399415AA14C610A130B998	544	----a-w-	C:\$Recycle.Bin\S-1-5-21-3147329327-1183664364-287875317-1001\$ILMNZN8.exe
2015-05-07 21:31:28	F68A5507E37C1FC1C17F6B1A6BFF582E	1308672	----a-w-	C:\$Recycle.Bin\S-1-5-21-3147329327-1183664364-287875317-1001\$RLMNZN8.exe
2015-05-07 18:52:51	CEA213832D8ED9E2CACFEEB6D09B5600	451584	------r-	C:\ProgramData\NVIDIA\Updatus\Download\767C\updatus.19556269_RUNASUSER.exe
2015-05-07 18:51:33	4300112CEC15A16BD0884F4567F12714	427824	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp\avshadow.exe
2015-05-07 18:51:05	EE47316743B75C10B47BCA6AA540FE89	494592	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\wsctool.exe
2015-05-07 18:50:58	6504FECEF7E884792ECAC55062A4744B	625400	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\vista64\avshadow.exe
2015-05-07 18:50:57	255B2D11D8319A739CA88FB3234DDD4D	394488	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\updrgui.exe
2015-05-07 18:50:56	6C71332014C7571F9964CFD6F016558B	1073608	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\update.exe
2015-05-07 18:50:56	5D7827F1D6939ADA04275A31D620F83C	69880	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\toastNotifier.exe
2015-05-07 18:50:54	97EFB2CEEB277E1BAD8EAF52DFBD47B5	1838080	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\setup.exe
2015-05-07 18:50:54	2E85B0F4AD18EDB88FF91B270974DDE6	420296	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\setuppending.exe
2015-05-07 18:50:53	624D29E2D70F83147A79043FD0024D1D	432888	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\sched.exe
2015-05-07 18:50:45	15A13202FE23545F05A72AA30CE2E01E	2259456	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\presetup.exe
2015-05-07 18:50:43	FD0C6E6875A39D92CDB724D72063239F	452856	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\ipmgui.exe
2015-05-07 18:50:43	B34952B39CAD33FCBF76BA51E4CC4A31	485376	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\licmgr.exe
2015-05-07 18:50:43	ACE3DB7AE7F7371F40F55C82776BFD03	658736	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\guardgui.exe
2015-05-07 18:50:43	717CA750E7B2739027896A59554AE7DF	447280	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\imp64b.exe
2015-05-07 18:50:43	506DE0EF0F65E937EB4A26530513D596	489208	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\inssda64.exe
2015-05-07 18:50:43	271D6DF89FEEDCD1880254B0EA7D99A3	408824	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\insthlp.exe
2015-05-07 18:50:26	81472308A99AAF0F7F0A64A170E8A2AD	4515896	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\fr-fr\avira_fr____fm.exe
2015-05-07 18:50:25	BAB97B25933CC23925B1CAD3C628F32A	880376	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\fact.exe
2015-05-07 18:50:24	7A64629B644BE6E7C89C726A93F2CA55	402432	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\checkt.exe
2015-05-07 18:50:23	CC5ADF27C77AAD51DCEFA65D849F2D6D	466168	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\ccuac.exe
2015-05-07 18:50:21	E03FF6E92D850735CEF312DDDE62AB32	1043152	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avwsc.exe
2015-05-07 18:50:21	7983B808D27CEFADD0BCBCAB30736B5B	992504	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avwebgrd.exe
2015-05-07 18:50:21	4FBE128DCB19554535880BA21B5246F1	1014064	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avscan.exe
2015-05-07 18:50:21	18ECEDC2E65953474DA39DDC259C801A	992560	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avwebg7.exe
2015-05-07 18:50:21	11EDD839B3C5F3A6463F3053F75B38C6	519472	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avwebloader.exe
2015-05-07 18:50:21	063C94D7D205ABF7E7A77A74C2FCB7F1	409392	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avupgsvc.exe
2015-05-07 18:50:20	69B388D8F3085411D00F875FF5CBCAF6	704512	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avgnt.exe
2015-05-07 18:50:20	624D29E2D70F83147A79043FD0024D1D	432888	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avguard.exe
2015-05-07 18:50:20	25F51A1D4E86AA3D0A0F3BA8502BE5F4	701744	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avnotify.exe
2015-05-07 18:50:20	06CE40EEF9E59B67E172A6D3334CB8DC	546608	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avrestart.exe
2015-05-07 18:50:19	A8739982BF94DEDCB08A54702F319C49	379200	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\AppRemover_CLI.exe
2015-05-07 18:50:19	9228057E862F1F0496B40BB6E68B5E1B	417072	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avadmin.exe
2015-05-07 18:50:19	840DE5838FA9080DF71DA5A158BBC7C5	126272	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\AppRemover_64.exe
2015-05-07 18:50:19	6B49679EAE3BC1432886EC7BE8DC3ADE	820984	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avconfig.exe
2015-05-07 18:50:19	2C55586E2300DFCC83C3CEA72F40BE5E	703224	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\avcenter.exe
2015-05-07 18:50:18	D9B59FC0943A584EC05BDD8DE94DD28B	321856	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\64bitProxy.exe
2015-05-07 10:58:56	664DB720EFDA3CB5F153A512ACFD50DA	2099656	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avira_free_antivirus.exe
2015-05-07 10:54:49	E6B04F25DC26F649EAEE94336D401D5C	679592	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\setup.exe
2015-05-07 10:54:49	26FFCA26212B22C4194012B0A92631FD	195240	----a-w-	C:\Program Files (x86)\Avira\AntiVir Desktop\avrestart.exe
2015-05-06 17:04:19	80FD4D46B0E9B620CF757A9A5C789329	577536	----a-w-	C:\Program Files (x86)\Realtek AC97\SoundMan.exe
2015-05-06 17:04:19	8002F63F810D35DF46F88D1A1408694D	37376	----a-w-	C:\Program Files (x86)\Realtek AC97\CPLUtl64.exe
2015-05-06 17:04:19	43C3571EADA5BC1EDEAD7CA22AD66F30	49152	----a-w-	C:\Program Files (x86)\Realtek AC97\ChCfg.exe
2015-05-06 17:04:19	336402653D18149456C1AF57A6529A99	10528768	----a-w-	C:\Program Files (x86)\Realtek AC97\RTLCPL.exe
2015-05-06 17:04:13	B8D51A5F2961AE381723F964978AA848	217088	----a-w-	C:\Program Files (x86)\Realtek AC97\alcrmv.exe
2015-05-06 17:04:13	8E6AFCA34A4650AFB6B6A5FDD7EC639B	316416	----a-w-	C:\Program Files (x86)\Realtek AC97\alcrmv64.exe
2015-05-06 17:04:08	49B3D2077199C44C1F3BBB16B4094AE6	121064	----a-w-	C:\Program Files (x86)\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\setup.exe
2015-05-06 17:03:52	9B7E1DF9722AA964C973425FC449F46D	65024	----a-w-	C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe
=== C: other files ==
2015-05-07 18:51:33	AF5DA81B19AFA730F1E5246AD81D140A	105864	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp\avgntflt.sys
2015-05-07 18:51:33	A5674637BCA212D9FE136ADFA04C9857	136216	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp\avipbb.sys
2015-05-07 18:51:33	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp64\avkmgr.sys
2015-05-07 18:51:33	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp64\avipbb.sys
2015-05-07 18:51:33	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp64\avgntflt.sys
2015-05-07 18:51:05	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win864\avnetflt.sys
2015-05-07 18:51:05	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win864\avkmgr.sys
2015-05-07 18:51:04	73772F2898D5A3A335B8CADA5DBDB66C	37384	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win8\avnetflt.sys
2015-05-07 18:51:04	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win864\avipbb.sys
2015-05-07 18:51:04	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win864\avgntflt.sys
2015-05-07 18:51:03	3303FB85532093FC6723632B5947E8C4	37896	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win7\avnetflt.sys
2015-05-07 18:51:03	13253E5E3B6BDF945B63B336A8C9489B	44088	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\win764\avnetflt.sys
2015-05-07 18:50:57	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\vista64\avkmgr.sys
2015-05-07 18:50:57	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\vista64\avipbb.sys
2015-05-07 18:50:57	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\vista64\avgntflt.sys
2015-05-07 18:50:55	A36EE93698802CD899F98BFD553D8185	28520	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\ssmdrv.sys
2015-05-07 14:43:12	D8C712305F73CD34D1B344810E522728	37352	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\xp\avkmgr.sys
2015-05-07 14:42:55	DEFFB985C08623202A399361B8C00C3D	12591	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\QATestedProducts.zip
2015-05-07 14:42:54	E274C96E2175C7DF97DCB255E406A900	1478	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\ProductReleaseNotes.zip
2015-05-07 14:42:54	1A50108D7111A61F9853B7BE9DBEAB6B	2931471	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\ManualUninstallConfig.zip
2015-05-07 14:42:52	31D6E4AC0AAD330F4562A52E4844F0BE	42224	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\fr-fr\sweb.zip
2015-05-07 14:42:48	CB13DBC41D4B4A7965BA936B26E4CB36	29735	----a-w-	C:\Users\Charlotte\AppData\Local\AviraResume\AVSDKList.zip
2015-05-07 11:06:13	D8C712305F73CD34D1B344810E522728	37352	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp\avkmgr.sys
2015-05-07 11:06:13	AF5DA81B19AFA730F1E5246AD81D140A	105864	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp\avgntflt.sys
2015-05-07 11:06:13	A5674637BCA212D9FE136ADFA04C9857	136216	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp\avipbb.sys
2015-05-07 11:06:13	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp64\avkmgr.sys
2015-05-07 11:06:13	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp64\avipbb.sys
2015-05-07 11:06:13	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\xp64\avgntflt.sys
2015-05-07 11:06:12	E274C96E2175C7DF97DCB255E406A900	1478	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\ProductReleaseNotes.zip
2015-05-07 11:06:12	DEFFB985C08623202A399361B8C00C3D	12591	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\QATestedProducts.zip
2015-05-07 11:06:12	CB13DBC41D4B4A7965BA936B26E4CB36	29735	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\AVSDKList.zip
2015-05-07 11:06:12	A36EE93698802CD899F98BFD553D8185	28520	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\ssmdrv.sys
2015-05-07 11:06:12	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win864\avnetflt.sys
2015-05-07 11:06:12	73772F2898D5A3A335B8CADA5DBDB66C	37384	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win8\avnetflt.sys
2015-05-07 11:06:12	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win864\avkmgr.sys
2015-05-07 11:06:12	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\vista64\avkmgr.sys
2015-05-07 11:06:12	3303FB85532093FC6723632B5947E8C4	37896	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win7\avnetflt.sys
2015-05-07 11:06:12	31D6E4AC0AAD330F4562A52E4844F0BE	42224	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\fr-fr\sweb.zip
2015-05-07 11:06:12	1A50108D7111A61F9853B7BE9DBEAB6B	2931471	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\ManualUninstallConfig.zip
2015-05-07 11:06:12	13253E5E3B6BDF945B63B336A8C9489B	44088	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win764\avnetflt.sys
2015-05-07 11:06:12	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win864\avipbb.sys
2015-05-07 11:06:12	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\vista64\avipbb.sys
2015-05-07 11:06:12	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\win864\avgntflt.sys
2015-05-07 11:06:12	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\AVSETUP_554b4724\vista64\avgntflt.sys
2015-05-07 11:02:50	31D6E4AC0AAD330F4562A52E4844F0BE	42224	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\fr-fr\sweb.zip
2015-05-07 11:00:50	E274C96E2175C7DF97DCB255E406A900	1478	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\ProductReleaseNotes.zip
2015-05-07 11:00:50	DEFFB985C08623202A399361B8C00C3D	12591	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\QATestedProducts.zip
2015-05-07 11:00:50	1A50108D7111A61F9853B7BE9DBEAB6B	2931471	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\ManualUninstallConfig.zip
2015-05-07 11:00:37	CB13DBC41D4B4A7965BA936B26E4CB36	29735	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\AVSDKList.zip
2015-05-07 11:00:36	A36EE93698802CD899F98BFD553D8185	28520	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\ssmdrv.sys
2015-05-07 11:00:36	73772F2898D5A3A335B8CADA5DBDB66C	37384	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win8\avnetflt.sys
2015-05-07 11:00:35	3303FB85532093FC6723632B5947E8C4	37896	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win7\avnetflt.sys
2015-05-07 11:00:35	13253E5E3B6BDF945B63B336A8C9489B	44088	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win764\avnetflt.sys
2015-05-07 11:00:34	83586138F23A4C284EB68AFC852D7AFA	43576	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win864\avnetflt.sys
2015-05-07 11:00:33	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win864\avkmgr.sys
2015-05-07 11:00:32	D8C712305F73CD34D1B344810E522728	37352	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp\avkmgr.sys
2015-05-07 11:00:32	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp64\avkmgr.sys
2015-05-07 11:00:32	390184FAD8FCC1B6DA25AEBAE928C3B6	28600	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\vista64\avkmgr.sys
2015-05-07 11:00:32	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win864\avipbb.sys
2015-05-07 11:00:31	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp64\avipbb.sys
2015-05-07 11:00:31	055D318220DD4593F2A8C8FF83707D36	132120	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\vista64\avipbb.sys
2015-05-07 11:00:30	A5674637BCA212D9FE136ADFA04C9857	136216	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp\avipbb.sys
2015-05-07 11:00:29	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\win864\avgntflt.sys
2015-05-07 11:00:28	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp64\avgntflt.sys
2015-05-07 11:00:28	00BF66D168E1A7AA7E1C9F458BBA0B34	128536	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\vista64\avgntflt.sys
2015-05-07 11:00:27	AF5DA81B19AFA730F1E5246AD81D140A	105864	----a-w-	C:\Windows\Temp\avnwldrtemp\setup\xp\avgntflt.sys
2015-05-06 17:06:23	DD8520280304B6145A6BE31008748C7C	4122368	----a-r-	C:\Windows\SysWOW64\drivers\alcxwdm.sys
2015-05-06 17:04:18	DD8520280304B6145A6BE31008748C7C	4122368	----a-r-	C:\Program Files (x86)\Realtek AC97\alcxwdm.sys
2015-05-06 17:04:15	69787485D360C309315A578831091179	3581696	----a-r-	C:\Program Files (x86)\Realtek AC97\alcwdm64.sys
2015-05-06 17:04:10	DD8520280304B6145A6BE31008748C7C	4122368	----a-r-	C:\Windows\Temp\alcxwdm.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Google Update"="C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"Ilssoft"="regsvr32.exe C:\Users\Charlotte\AppData\Local\Ilssoft\cmdlineLibrary_ipv6.dll"
"se"="C:\Users\Charlotte\AppData\Roaming\SkypEmoticons\SE.exe  /minimized "
"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Google Update"="C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"se"="C:\Users\Charlotte\AppData\Roaming\SkypEmoticons\SE.exe  /minimized "

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"mctadmin"="C:\Windows\System32\mctadmin.exe"
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"

[HKEY_USERS\S-1-5-21-3147329327-1183664364-287875317-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"
"Google Update"="C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe /c"
"se"="C:\Users\Charlotte\AppData\Roaming\SkypEmoticons\SE.exe  /minimized "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64"
"Uninstall C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"="C:\windows\system32\cmd.exe /q /c rmdir /s /q C:\Users\Charlotte\AppData\Local\Microsoft\SkyDrive\17.0.2003.1112\amd64"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BTMTrayAgent"="rundll32.exe C:\Program Files (x86)\Intel\Bluetooth\btmshell.dll,TrayApp"
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

==== Task Scheduler Jobs ======================

C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3147329327-1183664364-287875317-1001Core.job --a------ C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe [31-07-2012 13:39]
C:\windows\tasks\GoogleUpdateTaskUserS-1-5-21-3147329327-1183664364-287875317-1001UA.job --a------ C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe [31-07-2012 13:39]

==== Other Scheduled Tasks ======================

"C:\windows\SysNative\tasks\advSRS5" ["C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe"]
"C:\windows\SysNative\tasks\Easy Software Manager Agent" ["%ProgramFiles(x86)%\Samsung\Easy Software Manager\SWMAgent.exe"]
"C:\windows\SysNative\tasks\EasyBatteryManager" ["%ProgramFiles(x86)%\Samsung\Easy Settings\EBM\EasyBatteryMgr4.exe"]
"C:\windows\SysNative\tasks\EasyDisplayMgr" ["C:\Program Files (x86)\Samsung\Easy Settings\dmhkcore.exe"]
"C:\windows\SysNative\tasks\EasySpeedUpManager" ["%programfiles(x86)%\Samsung\Easy Settings\EasySpeedUpManager.exe"]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3147329327-1183664364-287875317-1001Core" [C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\GoogleUpdateTaskUserS-1-5-21-3147329327-1183664364-287875317-1001UA" [C:\Users\Charlotte\AppData\Local\Google\Update\GoogleUpdate.exe]
"C:\windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]
"C:\windows\SysNative\tasks\MovieColorEnhancer" ["%programfiles(x86)%\Samsung\Easy Settings\MovieColorEnhancer.exe"]
"C:\windows\SysNative\tasks\SamsungSupportCenter" [%programfiles(x86)%\Samsung\Easy Support Center\SSCKbdHk.exe]
"C:\windows\SysNative\tasks\SCCSpeedBoot" ["%programfiles(x86)%\Samsung\Easy Settings\SCCSpeedBoot.exe"]
"C:\windows\SysNative\tasks\SmartSetting" ["%programfiles(x86)%\Samsung\Easy Settings\SmartSetting.exe"]
"C:\windows\SysNative\tasks\{F092814F-D40D-411A-BADB-08BF48AABB78}" ["C:\Users\Charlotte\AppData\Local\Google\Chrome\Application\chrome.exe"]
"C:\windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]
"C:\windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]
"C:\windows\SysNative\tasks\Symantec\Norton Error Analyzer 18.7.2.3" [C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe]
"C:\windows\SysNative\tasks\Symantec\Norton Error Processor 18.7.2.3" [C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_18.5.0.125\coFFPlgn_2011_7_13_2" [07-05-2015 20:51]

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bopakagnckmlgajfccecajhnimjiiedh - No path found[]
mbcjjdjanpccmehilicphhmeobiljcpk - C:\Program Files (x86)\FTDownloader.com\FTDownloader10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
begbnpffhnpedhocnobliippgejhjpfp - C:\Users\Charlotte\AppData\Roaming\Cool Mirage Ltd\gophotoit\1.8.29.5\gophotoit.crx[]

Google Drive - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf
YouTube - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
Google Search - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
Gmail - Charlotte\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chromium Fix ======================

C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=56626&homepage=http://www.mystartsearch.com/?type=hp&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657"
"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657&q={searchTerms}"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://www.mystartsearch.com/web/?type=ds&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657&q={searchTerms}"
"Default_Page_URL"="http://www.mystartsearch.com/?type=hp&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657"
"Search Page"="http://www.mystartsearch.com/web/?type=ds&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657&q={searchTerms}"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{DAAD9570-6FD1-40C3-80F7-D99708817244}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DAAD9570-6FD1-40C3-80F7-D99708817244}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{012E1000-F331-11DB-8314-0800200C9A66}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
{012E1000-F331-11DB-8314-0800200C9A66} Google  Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02"

==== Reset Google Chrome ======================

C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF4bda7cb.TMP will be reset at reboot
C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== shortcuts on Users Desktops ======================

C:\Users\Charlotte\Desktop\Allegro.lnk - C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allegro 
C:\Users\UpdatusUser\Desktop\Allegro.lnk - C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Allegro 

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe 
C:\Users\Public\Desktop\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
C:\Users\Public\Desktop\Easy Settings.lnk - C:\Program Files (x86)\Samsung\Easy Settings\ControlCenter.exe 
C:\Users\Public\Desktop\Easy Software Manager.lnk - C:\Program Files (x86)\Samsung\Easy Software Manager\SoftwareManager.exe 
C:\Users\Public\Desktop\Easy Support Center.lnk - C:\Program Files (x86)\Samsung\Easy Support Center\SSCMain.exe 
C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll
C:\Users\Public\Desktop\Multimedia POP.lnk - C:\Program Files\Samsung\MultimediaPOP\MultimediaPOP.exe 
C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\Norton Internet Security\Engine\18.7.2.3\uistub.exe 
C:\Users\Public\Desktop\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe 
C:\Users\Public\Desktop\�Torrent.lnk -  

==== shortcuts in Users Start Menu ======================

C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Popcorn Time.lnk - C:\Users\Charlotte\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe .
C:\Users\Charlotte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Popcorn Time\Uninstall Popcorn Time.lnk - C:\Users\Charlotte\AppData\Local\Popcorn Time\Uninstall.exe 

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Log Report.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\DVSSysReport.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Premium Membership.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\PremiumMembershipOffer.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Uninstall.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\Uninstall.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Audio Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Audio Converter\FreeAudioConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Audio Editor.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Audio Editor\FreeAudioEditor.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Coub Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Coub Download\FreeCoubDownload.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Dailymotion Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Dailymotion Download\FreeDailymotionDownload.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free DVD Video Burner.lnk - C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Burner\FreeDVDVideoBurner.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free DVD Video Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Converter\FreeDVDVideoConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free GIF Maker.lnk - C:\Program Files (x86)\DVDVideoSoft\Free GIF Maker\FreeGIFMaker.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Image Convert and Resize.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Image Convert And Resize\FreeImageConvertAndResize.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Instagram Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Instagram Download\FreeInstagramDownload.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free MP4 Video Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free MP4 Video Converter\FreeMP4VideoConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free NicoVideo Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free NicoVideo Download\FreeNicoVideoDownload.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Screen Video Recorder.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Screen Video Recorder\FreeScreenVideoRecorder.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Torrent Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Video Editor.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video Editor\FreeVideoEditor.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Video Flip and Rotate.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video Flip And Rotate\FreeVideoFlipAndRotate.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Video to DVD Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free DVD Video Burner\FreeVideoToDVDConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Video to JPG Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video to JPG Converter\FreeVideoToJPGConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free Video to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free Video to MP3 Converter\FreeVideoToMP3Converter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Download.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube Download\FreeYTVDownloader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube to DVD Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to DVD Converter\FreeYouTubeToDVDConverter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube to MP3 Converter.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft\Programs\Free YouTube Uploader.lnk - C:\Program Files (x86)\DVDVideoSoft\Free YouTube Uploader\FreeYouTubeUploader.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\Info iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.Resources\nl.lproj\About iTunes.rtf 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe 
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe 

==== shortcuts in Quick Launch ======================

C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Goodgame Empire.lnk -  
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.mystartsearch.com/?type=sc&ts=1416938216&from=wpc&uid=ST500LM012XHN-M500MBB_S2RSJAAC327657
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\�Torrent.lnk -  
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe 
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\DVDVideoSoft Free Studio.lnk - C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe 
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word Starter 2010.lnk - C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE "Microsoft Word Starter 2010 9014006604130000"
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Popcorn Time.lnk - C:\Users\Charlotte\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe .
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\User Guide.lnk - C:\Program Files\Samsung\SamsungManual\RunManual.exe 
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Goodgame Empire.lnk -  
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Users\Charlotte\AppData\Local\Google\Chrome\Application\chrome.exe 
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Software Launcher.lnk - C:\Program Files (x86)\Samsung\Software Launcher\Software Launcher.exe 
C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe 
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -  
C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -  

==== shortcuts After Repair ======================

C:\Users\Charlotte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe 

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mbcjjdjanpccmehilicphhmeobiljcpk deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\begbnpffhnpedhocnobliippgejhjpfp deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{4820778D-AB0D-6D18-C316-52A6A0E1D507} deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SkypEmoticons_is1 deleted successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlotte\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlotte\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlotte\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K0KFBCOM will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=261 folders=82 69089093 bytes)

==== Empty Temp Folders ======================

C:\Users\Charlotte\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\UpdatusUser\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\CHARLO~1\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Charlotte\AppData\Local\Google\Chrome\User Data\Default\Preferences~RF4bda7cb.TMP" not found
"C:\Users\Charlotte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\K0KFBCOM" not found

==== EOF on vr 08-05-2015 at  0:09:42,66 ======================