Zoek.exe Version 4.0.0.4 Updated 31-08-2013 Tool run by Cuypers on za 31/08/2013 at 19:06:03,34. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\zoek\zoek.exe [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 31/08/2013 19:10:44 Zoek.exe System Restore Point Created Succesfully. ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AF5DA510-8F64-4AD5-AAF5-D8CAA5BF5EF8} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_CLASSES_ROOT\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095} deleted successfully HKEY_CLASSES_ROOT\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{31ad400d-1b06-4e33-a59a-90c2c140cba0} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{03EB0E9C-7A91-4381-A220-9B52B641CDB1} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{977AE9CC-AF83-45E8-9E03-E2798216E2D5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ae07101b-46d4-4a98-af68-0333ea26e113} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\uahyzwcz deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\uahyzwcz deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vsynvllf deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\vsynvllf deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default ---- Lines BabylonToolbar removed from prefs.js ---- ---- Lines BabylonToolbar modified from prefs.js ---- ---- Lines BabylonToolbar removed from user.js ---- user_pref("extensions.BabylonToolbar_i.id", "b6aebd9800000000000020cf3059a7f2"); user_pref("extensions.BabylonToolbar_i.hardId", "b6aebd9800000000000020cf3059a7f2"); user_pref("extensions.BabylonToolbar_i.instlDay", "15431"); user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17"); user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar_i.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.tlbrId", "tb9"); user_pref("extensions.BabylonToolbar_i.instlRef", "sst"); user_pref("extensions.BabylonToolbar.autoRvrt", "false"); user_pref("extensions.BabylonToolbar_i.newTab", false); user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "http://search.babylon.com/?babsrc=TB_def&mntrId=b6aebd9800000000000020cf3059a7f2&q="); user_pref("extensions.BabylonToolbar.id", "b6aebd9800000000000020cf3059a7f2"); user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); user_pref("extensions.BabylonToolbar.instlDay", "15637"); user_pref("extensions.BabylonToolbar.vrsn", "1.8.3.8"); user_pref("extensions.BabylonToolbar.vrsni", "1.8.3.8"); user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.8.3.810:29:34"); user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); user_pref("extensions.BabylonToolbar.aflt", "babsst"); user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); user_pref("extensions.BabylonToolbar.tlbrId", "base"); user_pref("extensions.BabylonToolbar.instlRef", "sst"); user_pref("extensions.BabylonToolbar.dfltLng", "en"); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112553&tt=4312_1"); user_pref("extensions.BabylonToolbar_i.babExt", ""); user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); ---- Lines CT2603445 removed from prefs.js ---- user_pref("browser.search.defaulturl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2603445&SearchSource=3&q={searchTerms}"); user_pref("CommunityToolbar.EngineOwner", "CT2603445"); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2603445", "\"1300086721\""); user_pref("CommunityToolbar.ETag.http://settings.toolbar.search.conduit.com/root/CT2603445/CT2603445", "\"1306785072\""); user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2603445"); user_pref("CommunityToolbar.OriginalEngineOwner", "CT2603445"); user_pref("CommunityToolbar.ToolbarsList", "CT2603445,ConduitEngine"); user_pref("CommunityToolbar.ToolbarsList2", "CT2603445"); user_pref("CT2603445..clientLogIsEnabled", true); user_pref("CT2603445..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2603445..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2603445.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2603445.alertChannelId", "996268"); user_pref("CT2603445.backendstorage.for_aoi", "31333037383937303435"); user_pref("CT2603445.backendstorage.for_ccid", "457373656E"); user_pref("CT2603445.backendstorage.for_cdtr5", "31333037383937303435"); user_pref("CT2603445.backendstorage.for_cid", "4245"); user_pref("CT2603445.backendstorage.for_ip", "3130392E3133322E3136362E313434"); user_pref("CT2603445.backendstorage.for_lcut", "31333037383937303436"); user_pref("CT2603445.backendstorage.for_pid", "31303130"); user_pref("CT2603445.backendstorage.for_rid", "3031"); user_pref("CT2603445.backendstorage.for_zoneid", "39363233"); user_pref("CT2603445.CTID", "CT2603445"); user_pref("CT2603445.CurrentServerDate", "12-6-2011"); user_pref("CT2603445.DialogsAlignMode", "LTR"); user_pref("CT2603445.DownloadReferralCookieData", ""); user_pref("CT2603445.EMailNotifierPollDate", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedLastCount129162461833103140", 392); user_pref("CT2603445.FeedPollDate129150409730308153", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150410477960158", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150411149992123", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150411149992124", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150413057804235", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150414312491517", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150414941085546", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150415506867223", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150416295308354", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150416821245960", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150417598276979", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150418464839018", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150418961870358", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150419428120755", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150421384370672", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150422141713870", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150443759997630", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150461459212855", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate129150462560150661", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate3927911755645313500", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedPollDate3927911755645379000", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.FeedTTL129150410477960158", 2); user_pref("CT2603445.FeedTTL129150414312491517", 5); user_pref("CT2603445.FeedTTL129150417598276979", 1); user_pref("CT2603445.FirstServerDate", "12-6-2011"); user_pref("CT2603445.FirstTime", true); user_pref("CT2603445.FirstTimeFF3", true); user_pref("CT2603445.FixPageNotFoundErrors", true); user_pref("CT2603445.GroupingServerCheckInterval", 1440); user_pref("CT2603445.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2603445.HasUserGlobalKeys", true); user_pref("CT2603445.Initialize", true); user_pref("CT2603445.InitializeCommonPrefs", true); user_pref("CT2603445.InstallationAndCookieDataSentCount", 1); user_pref("CT2603445.InstallationId", "softonic_SD_CT2603445.exe"); user_pref("CT2603445.InstallationType", "ConduitIntegration"); user_pref("CT2603445.InstalledDate", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.InvalidateCache", false); user_pref("CT2603445.IsGrouping", false); user_pref("CT2603445.IsOpenThankYouPage", false); user_pref("CT2603445.IsOpenUninstallPage", true); user_pref("CT2603445.LanguagePackLastCheckTime", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.LanguagePackReloadIntervalMM", 1440); user_pref("CT2603445.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2603445.LastLogin_3.2.5.2", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.LatestVersion", "3.2.5.2"); user_pref("CT2603445.Locale", "nl"); user_pref("CT2603445.MCDetectTooltipHeight", "83"); user_pref("CT2603445.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2603445.MCDetectTooltipWidth", "295"); user_pref("CT2603445.myStuffEnabled", true); user_pref("CT2603445.myStuffPublihserMinWidth", 400); user_pref("CT2603445.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"); user_pref("CT2603445.myStuffServiceIntervalMM", 1440); user_pref("CT2603445.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUFF_LUT"); user_pref("CT2603445.RadioIsPodcast", false); user_pref("CT2603445.RadioLastCheckTime", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.RadioLastUpdateIPServer", "3"); user_pref("CT2603445.RadioLastUpdateServer", "129162538128430000"); user_pref("CT2603445.RadioMediaID", "20473530"); user_pref("CT2603445.RadioMediaType", "Media Player"); user_pref("CT2603445.RadioMenuSelectedID", "EBRadioMenu_CT260344520473530"); user_pref("CT2603445.RadioStationName", "Radio%20Netherlands"); user_pref("CT2603445.RadioStationURL", "http://www.rnw.nl/distrib/realaudio/ram/live/rnw_live_1.asx"); user_pref("CT2603445.SavedHomepage", "http://eu.ask.com?o=14200&l=dis"); user_pref("CT2603445.SearchFromAddressBarIsInit", true); user_pref("CT2603445.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2603445&q="); user_pref("CT2603445.SearchInNewTabEnabled", true); user_pref("CT2603445.SearchInNewTabIntervalMM", 1440); user_pref("CT2603445.SearchInNewTabLastCheckTime", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2603445.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); user_pref("CT2603445.ServiceMapLastCheckTime", "Sun Jun 12 2011 18:44:00 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.SettingsLastCheckTime", "Sun Jun 12 2011 18:44:00 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.SettingsLastUpdate", "1306785072"); user_pref("CT2603445.testingCtid", ""); user_pref("CT2603445.ThirdPartyComponentsInterval", 504); user_pref("CT2603445.ThirdPartyComponentsLastCheck", "Sun Jun 12 2011 18:44:00 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.ThirdPartyComponentsLastUpdate", "1256026239"); user_pref("CT2603445.toolbarAppMetaDataLastCheckTime", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.toolbarContextMenuLastCheckTime", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.TrusteLinkUrl", "http://trust.conduit.com/EB_ORIGINAL_CTID"); user_pref("CT2603445.UserID", "UN40017311219586487"); user_pref("CT2603445.WeatherNetwork", ""); user_pref("CT2603445.WeatherPollDate", "Sun Jun 12 2011 18:44:03 GMT+0200 (Romance (zomertijd))"); user_pref("CT2603445.WeatherUnit", "C"); ---- Lines CT2603445 modified from prefs.js ---- ---- Lines CT2603445 removed from user.js ---- ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/909619/905414/BE", "\"0\""); user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/996268/991987/BE", "\"0\""); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=nl", "zEXb2Fmcj/HVsqTQpIjULw=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=nl", "TW6pbvEhvglk5DM313wISg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=nl", "GAox/hnZ01AfFOF7PUvloQ=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=nl", "59UMFEXbxdbjS3gnY6/qrA=="); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/toolbar/", "\"634434930587600000\""); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/equalizer_dead.gif", "\"03e383867bc91:0\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/minimize.gif", "\"0e685fa27bc91:0\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/play.gif", "\"02faea337c7c91:0\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/stop.gif", "\"03a54d7f47ac91:0\""); user_pref("CommunityToolbar.ETag.http://storage.conduit.com/BankImages/RadioSkins/Midnight/vol.gif", "\"049b47644c7c91:0\""); user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=nl", "\"634432176643630000\""); user_pref("ConduitEngine.engineLocale", "nl"); user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.FirstServerDate", "06/12/2011 19"); user_pref("ConduitEngine.FirstTime", true); user_pref("ConduitEngine.FirstTimeFF3", true); user_pref("ConduitEngine.HasUserGlobalKeys", true); user_pref("ConduitEngine.initDone", true); user_pref("ConduitEngine.Initialize", true); user_pref("ConduitEngine.InitializeCommonPrefs", true); user_pref("ConduitEngine.InstalledDate", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.IsOpenThankYouPage", false); user_pref("ConduitEngine.IsOpenUninstallPage", true); user_pref("ConduitEngine.LanguagePackLastCheckTime", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.PublisherContainerWidth", 0); user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); user_pref("ConduitEngine.SettingsLastCheckTime", "Sun Jun 12 2011 18:44:01 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.UserID", "UN41930178040563769"); ---- Lines conduit modified from prefs.js ---- user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,linkuryfirefoxremoteplugin@linkury.com:1.0,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.4,fmdownloader@gmail.com:1.0.0,engine@conduit.com:3.2.5.2,{65ca59ee-9920-4d7f-8c41-bfa12403261a}:3.2.5.2,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,ffxtlbr@babylon.com:1.1.3,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"); ---- Lines conduit removed from user.js ---- ---- Lines Search removed from prefs.js ---- user_pref("sweetim.toolbar.search.external", ""); ---- Lines Search modified from prefs.js ---- ---- Lines Search removed from user.js ---- ---- Lines yahoo removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Yahoo"); user_pref("browser.search.param.yahoo-fr", "chr-greentree_ff&ilc=12&type=198484"); user_pref("browser.search.selectedEngine", "Yahoo"); user_pref("extensions.asktb.ff-original-keyword-url", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p="); user_pref("keyword.URL", "http://search.yahoo.com/search?ei=utf-8&fr=greentree_ff1&type=198484&ilc=12&p="); ---- Lines yahoo modified from prefs.js ---- ---- Lines yahoo removed from user.js ---- ---- Lines ask.com removed from prefs.js ---- user_pref("browser.search.defaultengine", "Ask.com"); user_pref("browser.search.order.1", "Ask.com"); ---- Lines ask.com modified from prefs.js ---- ---- Lines ask.com removed from user.js ---- ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultthis.engineName", "Softonic Netherlands Customized Web Search"); ---- Lines Web Search modified from prefs.js ---- ---- Lines Web Search removed from user.js ---- ---- Lines asktb removed from prefs.js ---- ---- Lines asktb modified from prefs.js ---- ---- Lines asktb removed from user.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines Customized removed from user.js ---- ---- Lines CommunityToolbar removed from prefs.js ---- user_pref("CommunityToolbar.alert.alertInfoInterval", 60); user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Jun 12 2011 18:44:02 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.alert.locale", "en"); user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Jun 12 2011 18:44:00 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); user_pref("CommunityToolbar.alert.showTrayIcon", false); user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); user_pref("CommunityToolbar.alert.userId", "7a6893cc-2673-42d9-b1a4-3cdd38f47115"); user_pref("CommunityToolbar.EngineOwnerGuid", "{65ca59ee-9920-4d7f-8c41-bfa12403261a}"); user_pref("CommunityToolbar.EngineOwnerToolbarId", "softonic_netherlands"); user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{65ca59ee-9920-4d7f-8c41-bfa12403261a}"); user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "softonic_netherlands"); ---- Lines CommunityToolbar modified from prefs.js ---- ---- Lines CommunityToolbar removed from user.js ---- ---- Lines helperbar removed from prefs.js ---- ---- Lines helperbar modified from prefs.js ---- user_pref("extensions.enabledItems", "helperbar@helperbar.com:1.0,linkuryfirefoxremoteplugin@linkury.com:1.0,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.4,fmdownloader@gmail.com:1.0.0,engine@disabled.com:3.2.5.2,{65ca59ee-9920-4d7f-8c41-bfa12403261a}:3.2.5.2,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,ffxtlbr@babylon.com:1.1.3,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"); ---- Lines helperbar removed from user.js ---- ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from prefs.js ---- ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ---- user_pref("extensions.enabledItems", "disabled@disabled.com:1.0,linkuryfirefoxremoteplugin@linkury.com:1.0,{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23,{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24,{EEE6C361-6118-11DC-9C72-001320C79847}:1.1.0.4,fmdownloader@gmail.com:1.0.0,engine@disabled.com:3.2.5.2,{65ca59ee-9920-4d7f-8c41-bfa12403261a}:3.2.5.2,{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26,ffxtlbr@babylon.com:1.1.3,{972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.13"); ---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from user.js ---- ---- Lines SweetIM removed from prefs.js ---- user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); user_pref("sweetim.toolbar.mode.debug", "false"); user_pref("sweetim.toolbar.previous.browser.search.defaulturl", ""); user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); user_pref("sweetim.toolbar.previous.browser.startup.homepage", "http://www.google.be/"); user_pref("sweetim.toolbar.search.history.capacity", "10"); user_pref("sweetim.toolbar.simapp_id", "{D88D07AA-978E-4EA2-8120-3016065EBFAB}"); user_pref("sweetim.toolbar.urls.homepage", "http://home.sweetim.com"); user_pref("sweetim.toolbar.version", "1.1.0.4"); ---- Lines SweetIM modified from prefs.js ---- ---- Lines SweetIM removed from user.js ---- ---- Lines blabbers removed from prefs.js ---- ---- Lines blabbers modified from prefs.js ---- ---- Lines blabbers removed from user.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20133108_1914_.backup prefs_20133108_1914_.backup ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31ad400d-1b06-4e33-a59a-90c2c140cba0}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{48A789BF-F6D6-4930-9C8B-77855A63EDE1}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A7DF592F-6E2A-45C4-9A87-4BD217D714ED}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FEB703F7-E7B2-4AB0-9566-87658AC70095}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "ApnUpdater"=-- "SearchSettings"=- ==== Batch Command(s) Run By Tool====================== C:\Windows\system32\appdata deleted ==== Deleting Files \ Folders ====================== "C:\windows\SysNative\drivers\uahyzwcz.sys" not found "C:\windows\SysNative\drivers\vsynvllf.sys" not found "C:\Windows\tasks\Ginyas Chrome Watcher.job" deleted "C:\Windows\tasks\Ginyas FireFox Watcher.job" deleted "C:\Windows\tasks\Ginyas Stats Report.job" deleted "C:\Windows\tasks\Ginyas Update Checker.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job" deleted "C:\Users\Cuypers\AppData\Local\{187C4C42-98B8-47FC-8122-83DC2FF911C0}" deleted "C:\Users\Cuypers\AppData\Local\{939410DF-490B-45CD-95DE-3ADD5B602D6C}" deleted "C:\Users\Cuypers\AppData\Local\{A72FA41D-3147-43AF-B694-180782DFCF55}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\conduit.xml" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\yahoo.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted "C:\Program Files (x86)\Mozilla Firefox\defaults\pref\all-iminent.js" deleted "C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchTheWeb.xml" deleted "C:\Windows\SysNative\roboot64.exe" deleted "C:\windows\SysNative\Tasks\DealPlyUpdate" deleted "C:\ProgramData\xoferif.pad" deleted "C:\Users\Cuypers\AppData\Local\BIT12C4.tmp" deleted "C:\Windows\wininit.ini" deleted "C:\Windows\tasks\Ginyas Chrome Watcher.job" deleted "C:\Windows\tasks\Ginyas FireFox Watcher.job" deleted "C:\Windows\tasks\Ginyas Stats Report.job" deleted "C:\Windows\tasks\Ginyas Update Checker.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Chrome Watcher.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion FireFox Watcher.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Stats Report.job" deleted "C:\Windows\tasks\GinyasBrowserCompanion Update Checker.job" deleted "C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar" deleted "C:\Windows\Syswow64\ConduitEngine.tmp" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\browsemngr.xml" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\askcom.xml" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\Messenger Plus Smartbar Search.xml" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\searchplugins\SearchTheWeb.xml" deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe" deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx165.dll" deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings\SearchSettings64.exe" deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings\wthx165.dll" deleted "C:\Program Files (x86)\IObit Apps Toolbar" deleted "C:\Program Files (x86)\ConduitEngine" deleted "C:\Users\Cuypers\AppData\Local\Rich Media Player" deleted "C:\Users\Cuypers\AppData\Local\Rich Media Player" deleted "C:\Program Files (x86)\Common Files\Spigot" not deleted "C:\Users\Cuypers\AppData\Roaming\OpenCandy" deleted "C:\Program Files (x86)\Secure Speed Dial" deleted "C:\Program Files (x86)\Application Updater" deleted "C:\Users\Cuypers\AppData\Roaming\GinyasBrowserCompanion" deleted "C:\Windows\syswow64\appdata" deleted "C:\Program Files (x86)\Application Updater" deleted "C:\Program Files (x86)\IObit Apps Toolbar" deleted "C:\Program Files (x86)\PriceGong" deleted "C:\Program Files (x86)\BrowserCompanion" deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\Conduit" deleted "C:\Program Files (x86)\ConduitEngine" deleted "C:\Program Files (x86)\Common Files\Spigot" not deleted "C:\Users\Cuypers\AppData\Roaming\BrowserCompanion" deleted "C:\Users\Cuypers\AppData\Roaming\GinyasBrowserCompanion" deleted "C:\Users\Cuypers\AppData\Roaming\SpeedyPC Software" deleted "C:\Users\Cuypers\AppData\Roaming\ParetoLogic" deleted "C:\Users\Cuypers\AppData\Roaming\DriverCure" deleted "C:\Users\Cuypers\AppData\Roaming\Systweak" deleted "C:\Users\Cuypers\AppData\Roaming\YourFileDownloader" deleted "C:\Users\Cuypers\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\Browser Manager" deleted "C:\ProgramData\Ask" deleted "C:\ProgramData\SpeedyPC Software" deleted "C:\ProgramData\ParetoLogic" deleted "C:\ProgramData\GinyasBrowserCompanion" deleted "C:\ProgramData\Iminent" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong" deleted "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Iminent" deleted "C:\Users\Cuypers\AppData\Local\CRE" deleted "C:\Users\Cuypers\AppData\Local\APN" deleted "C:\Users\Cuypers\AppData\Local\Rich Media Player\BrowserExtensions" deleted "C:\Users\Cuypers\AppData\Local\PackageAware" deleted "C:\Users\Cuypers\AppData\Local\Conduit" deleted "C:\Users\Cuypers\AppData\LocalLow\IObit Apps" deleted "C:\Users\Cuypers\AppData\LocalLow\AskToolbar" deleted "C:\Users\Cuypers\AppData\LocalLow\BabylonToolbar" deleted "C:\Users\Cuypers\AppData\LocalLow\PriceGong" deleted "C:\Users\Cuypers\AppData\LocalLow\Conduit" deleted "C:\Users\Cuypers\AppData\LocalLow\ConduitEngine" deleted "C:\Users\Cuypers\AppData\LocalLow\Search Settings" deleted "C:\Users\Cuypers\AppData\LocalLow\Toolbar4" deleted "C:\Users\Cuypers\AppData\Roaming\Iminent" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\SweetIMToolbarData" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\staged" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\CT2603445" deleted "C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted "C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\CT2603445" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\engine@conduit.com" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\conduit" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\ConduitEngine" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\toolbar@ask.com" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\helperbar@helperbar.com" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\SweetIMToolbarData" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\bbrs_002@blabbers.com" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}" deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings" not deleted "C:\Program Files (x86)\Common Files\Spigot\Search Settings" not deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Cuypers\AppData\Local\Temp ==== 2013-08-30 14:03:30 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\SkypeSetup.exe 2013-08-30 13:42:01 08D9CABB387DA9109A891E0D666F1143 10452992 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\SkypeToolbars.msi 2013-08-30 13:39:46 B06712BF5643BB55600A040F210DC218 20586496 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\Skype.msi ====== C:\Windows\SysWOW64 ===== 2013-08-30 13:42:20 077BEC5524666423C09A038033E0CD3E 21344 ----a-w- C:\Windows\SysWOW64\authuitu.dll 2013-08-29 16:07:15 9BF1F5F8FC502AF808729E64DC8BDF9B 268968 ----a-w- C:\Windows\SysWOW64\sqlite3.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-30 13:42:21 70F7F8BFA7D231EC84B68B17445E61E3 34656 ----a-w- C:\Windows\Sysnative\TURegOpt.exe 2013-08-30 13:42:20 C97AAE4C5118C0F6B9C5F1B3D99864B7 25952 ----a-w- C:\Windows\Sysnative\authuitu.dll ====== C:\Windows\Sysnative\drivers ===== 2013-08-15 07:14:12 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-08-15 07:14:12 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys ====== C:\Windows\Tasks ====== 2013-08-31 09:59:42 E91DA76A97285D09F33104639347C4FF 2770 ----a-w- C:\Windows\Sysnative\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 2013-08-30 14:07:28 E0D1673FD9C7D58E3B1E3C4268BFD884 3134 ----a-w- C:\Windows\Sysnative\Tasks\{1376BA88-FE3C-4D05-8533-A95BE33F2AB5} 2013-08-30 14:07:21 B1501040D88547A693E9B773330F5FC1 3142 ----a-w- C:\Windows\Sysnative\Tasks\{56440FA8-C12F-4D96-8922-378D769B2675} 2013-08-30 14:00:25 772096B1533565D97B73C65131B7AA23 3694 ----a-w- C:\Windows\Sysnative\Tasks\Adobe-online actualiseringsprogramma ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-31 14:45:05 -------- d-----w- C:\Program Files\trend micro ======= C:\Program Files (x86) ===== 2013-08-30 13:42:13 -------- d-----w- C:\Program Files (x86)\TuneUp Utilities 2013 2013-08-30 13:41:57 -------- d-----w- C:\Program Files (x86)\Common Files\Skype 2013-08-30 13:41:57 -------- d-----r- C:\Program Files (x86)\Skype 2013-08-28 07:20:49 -------- d-----w- C:\Program Files (x86)\Trend Micro ======= C: ===== ====== C:\Users\Cuypers\AppData\Roaming ====== 2013-08-29 16:07:13 -------- d-----w- C:\users\Cuypers\AppData\Locallow\SecurePlugin 2013-08-29 16:06:57 -------- d-----w- C:\users\Cuypers\AppData\Locallow\IObit 2013-08-12 08:41:58 -------- d-----w- C:\users\Cuypers\AppData\Roaming\Skype ====== C:\Users\Cuypers ====== 2013-08-30 13:43:38 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player 2013-08-30 13:42:18 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013 2013-08-30 13:42:11 -------- d-----w- C:\ProgramData\TuneUp Software 2013-08-30 13:42:05 -------- d-sh--w- C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} 2013-08-30 13:41:57 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2013-08-22 13:43:53 0362C01D91B785A08C3FBA3008D67D9C 5733 ----a-w- C:\Users\Cuypers\Scanread.PDF 2013-08-22 13:34:27 -------- d-----w- C:\ProgramData\ABBYY 2013-08-22 13:33:31 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk 2013-08-22 13:32:52 -------- d-----w- C:\ProgramData\syscon 2013-08-12 08:41:51 -------- d-----w- C:\ProgramData\Skype 2013-08-11 17:05:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth ====== C: exe-files == 2013-08-31 14:45:06 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Cuypers.exe 2013-08-30 14:03:30 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\SkypeSetup.exe 2013-08-30 13:57:47 8EBF40E771838C9BBABDB83906033D95 1595744 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\UpdateWizard_59749\SilentUpdater.exe 2013-08-30 13:42:21 70F7F8BFA7D231EC84B68B17445E61E3 34656 ----a-w- C:\Windows\System32\TURegOpt.exe 2013-08-30 13:39:36 60DFB95B6B7C9E02F61D5F0962F12C66 53873040 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\rmi\rmp.exe 2013-08-30 13:39:32 BA8C4E5154F1A188855C1CD527280E96 1337960 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\rmi\download-SkypeSetup.exe 2013-08-29 16:07:03 AF2D086176A148B1081958EB4F791E29 2689872 ----a-w- C:\ProgramData\IObit\ASCDownloader\AccelerateTab.exe 2013-08-29 16:06:56 B1B3E882E40F951D11737883A2827146 2256704 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Freeware\ASC_FreeSoftwareDownloader.exe 2013-08-29 16:06:54 90288329AF3A362A2ADD0E5A7F22D6DB 528192 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ErrorReport.exe 2013-08-29 16:06:54 7B8087492B3FB5123DED9D9F2A52ACEF 235840 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 6\ProTip.exe 2013-08-29 16:06:54 19E63014138118C4ED3D24B5F87FC904 1002816 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 6\Nfeatures.exe 2013-08-29 16:06:53 402F8E8F8EA52136FBCE69CA247EE31D 1187136 ----a-w- C:\Program Files (x86)\IObit\Advanced SystemCare 6\unins000.exe 2013-08-26 06:56:21 0BA1F7C9CEEBA910472A9F2F065FF4E3 17905479 ----a-w- C:\ProgramData\IObit\ASCDownloader\IObit Malware Fighter 2.exe === C: other files == 2013-08-30 13:57:43 4EF9B74405883F5AAE0877606B60A298 2021196 ----a-w- C:\Users\Cuypers\AppData\Local\Temp\UpdateWizard_59749\package_13.0.3000.153_to_13.0.3020.15.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU C:\Windows\TEMP\E_S975E.tmp /EF HKCU" "Logitech Vid"="C:\Program Files (x86)\Logitech\Vid HD\Vid.exe -bootmode" "MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" "F.lux"="C:\Users\Cuypers\Local Settings\Apps\F.lux\flux.exe /noshow" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware /f" "adaware_XP"="reg.exe delete HKCU\Software\adaware /f" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "adaware"="reg.exe delete HKCU\Software\AppDataLow\Software\adaware /f" "adaware_XP"="reg.exe delete HKCU\Software\adaware /f" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "JMB36X IDE Setup"="C:\Windows\RaidTool\xInsIDE.exe" "TurboV EVO"="C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe -b" "LWS"="C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide" "ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "EPSON Stylus DX8400 Series"="C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU C:\Windows\TEMP\E_S975E.tmp /EF HKCU" "Logitech Vid"="C:\Program Files (x86)\Logitech\Vid HD\Vid.exe -bootmode" "MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" "Advanced SystemCare 6"="C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe /AutoStart" "F.lux"="C:\Users\Cuypers\Local Settings\Apps\F.lux\flux.exe /noshow" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" ==== Startup Registry Disabled ====================== [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-] "Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\"" "SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" ==== Startup Registry Disabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HDAudDeck] "key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="HDAudDeck" "hkey"="HKLM" "command"="C:\\Program Files (x86)\\VIA\\VIAudioi\\VDeck\\VDeck.exe -r" ==== Startup Folders ====================== 2012-12-11 09:25:22 1053 ----a-w- C:\users\Cuypers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk 2010-12-10 11:31:17 961 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SilkQuit Meter.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21/08/2013 09:14] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/12/2010 16:36] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [04/12/2010 16:36] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default - Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF - AccelerateTab - %ProfilePath%\extensions\speeddial@instair.net - NCH EN Community Toolbar - %ProfilePath%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e} - Softonic Netherlands Community Toolbar - %ProfilePath%\extensions\{65ca59ee-9920-4d7f-8c41-bfa12403261a} - PriceGong - %ProfilePath%\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} - IMinent Toolbar - %ProfilePath%\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444} - DealPly - %ProfilePath%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} AppDir: C:\Program Files (x86)\Mozilla Firefox - Iminent WebBooster - %AppDir%\extensions\webbooster@iminent.com - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default 2134E14DFB56952F548487898AE63A89 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director ==== Deleting Files \ Folders ====================== "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}" deleted "C:\Users\Cuypers\AppData\Roaming\Mozilla\Firefox\Profiles\iw3828du.default\extensions\{C9B68337-E93A-44EA-94DC-CB300EC06444}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bodddioamolcibagionmmobehnbhiakf - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[] bpegkgagfojjbcpkihigfmkojdmmimdf - No path found[] cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Cuypers\AppData\Local\Temp\crx2F5.tmp[] doagiokpgboiomffjfhaiimafndmmpni - C:\Users\Cuypers\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\richmediadownloader.crx[] fkcdbkhjcaljlfolhllfneigeepmjfim - C:\Users\Cuypers\AppData\Local\Rich Media Player\BrowserExtensions\Chrome\playerextension.crx[] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] gclijllifhfpomppedeljakfegbcpojn - C:\Users\Cuypers\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[] hbcennhacfaagdopikcegfcobcadeocj - C:\Program Files (x86)\Common Files\Spigot\GC\saebay_1.0.crx[] icdlfehblmklkikfigmjhbmmpmkmpooj - C:\Program Files (x86)\Common Files\Spigot\GC\errorassistant_1.1.crx[] igdhbblpcellaljokkpfhcjlagemhgjl - C:\Program Files (x86)\Iminent\Iminent.crx[] kolgnaidildmdbfgdnoapjdianbpajne - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[] mhkaekfpcppmmioggniknbnbdbcigpkk - C:\Program Files (x86)\Common Files\Spigot\GC\coupons_2.4.crx[] pfndaklgolladniicklehhancnlgocpp - C:\Program Files (x86)\Common Files\Spigot\GC\saamazon_1.0.crx[] pgafcinpmmpklohkojmllohdhomoefph - C:\ProgramData\Browser Manager\2.3.796.11\{16cdff19-861d-48e3-a751-d99a27784753}\browsemngr.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions amfclgbdpgndipgoegfpkkgobahigbcl - C:\Users\Cuypers\AppData\Local\Smartbar/Application\1Extension.crx[] gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[] gclijllifhfpomppedeljakfegbcpojn - C:\Users\Cuypers\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[] Docs - Cuypers - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Cuypers - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Cuypers - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Ginyas Browser Companion - Cuypers - Default\Extensions\bodddioamolcibagionmmobehnbhiakf Google Search - Cuypers - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf NCH EN - Cuypers - Default\Extensions\gclijllifhfpomppedeljakfegbcpojn AccelerateTab - Cuypers - Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg Ebay Shopping Assistant by Spigot - Cuypers - Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj Domain Error Assistant - Cuypers - Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj Amazon Shopping Assistant by Spigot - Cuypers - Default\Extensions\pfndaklgolladniicklehhancnlgocpp Gmail - Cuypers - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chrome Fix ====================== C:\Users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully C:\Users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully C:\Users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully C:\Users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully C:\Users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be/" "Search Page"="http://www.bing.com/search?q={searchTerms}" "Search Bar"="http://www.bing.com/search?q={searchTerms}" "Use Search Asst"="yes" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=BE&userid=e8cc57c7-6d4e-4c69-8762-15193d78fef2&sp=addr&q={searchTerms}&t=a0627" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "Default"="http://feed.plusnetwork.com/?publisher=MessengerPlus&dpid=MessengerPlus&co=BE&userid=e8cc57c7-6d4e-4c69-8762-15193d78fef2&sp=addr&q={searchTerms}&t=a0627" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "Default"="http://www.bing.com/search?q={searchTerms}" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b6aebd9800000000000020cf3059a7f2&tlver=1.4.19.19&affID=19405" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b6aebd9800000000000020cf3059a7f2&tlver=1.4.19.19&affID=19405" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://www.bing.com/search?q={searchTerms}" "SearchAssistant"="http://www.bing.com/search?q={searchTerms}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://www.google.be/" "Use Search Asst"="no" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {006ee092-9658-4fd6-bd8e-a21a348e59f5} Unknown Url="Not_Found" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {26B83254-FF01-459A-868D-336050E4DEF4} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&q={searchTerms}&src=IE-SearchBox" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Reset Google Chrome ====================== C:\users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2215215196-2545258734-729568454-1000\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\Cuypers\Desktop\Audacity.lnk - C:\Program Files (x86)\Audacity\audacity.exe C:\Users\Cuypers\Desktop\Audiograbber.lnk - C:\audiograbber\audiograbber.exe C:\Users\Cuypers\Desktop\Dropbox.lnk - C:\Users\Cuypers\AppData\Roaming\Dropbox\bin\Dropbox.exe /home C:\Users\Cuypers\Desktop\google earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Cuypers\Desktop\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Cuypers\Desktop\Micro Excel 2007 (2).lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Cuypers\Desktop\Micro Outlook 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Cuypers\Desktop\Micro Word 2007.lnk - C:\Windows\Installer\{90120000-0030-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Cuypers\Desktop\VCW VicMan's Photo Editor.lnk - C:\Users\Cuypers\Desktop\win verkenner Everything.lnk - C:\Program Files (x86)\Everything\Everything.exe C:\Users\Cuypers\Desktop\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Cuypers\Desktop\zoek.zip - Snelkoppeling.lnk - D:\documenten\Downloads\zoek.zip C:\Users\Cuypers\Desktop\zzzzclipx.exe.lnk - C:\Program Files (x86)\ClipX\clipx.exe C:\Users\Cuypers\Desktop\epson\EPSON Easy Photo Print.lnk - C:\Program Files (x86)\epson\Creativity Suite\Easy Photo Print\EEasyPhotoPrint.exe C:\Users\Cuypers\Desktop\epson\EPSON File Manager.lnk - C:\Program Files (x86)\epson\Creativity Suite\File Manager\EFileManager.exe C:\Users\Cuypers\Desktop\epson\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Cuypers\Desktop\epson\EPSON Stylus CX7300_CX8300_DX7400_DX8400 Handboek.lnk - C:\Program Files (x86)\epson\TPMANUAL\ES_CX_DX\NLD\USE_G\INDEX.HTM C:\Users\Cuypers\Desktop\muziek\HD VDeck.lnk - C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe C:\Users\Cuypers\Desktop\muziek\muziek downloaden iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Cuypers\Desktop\pc help map\HiJackThis.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe C:\Users\Cuypers\Desktop\pc help map\RSITx64.exe - Snelkoppeling.lnk - D:\documenten\Downloads\RSITx64.exe C:\Users\Cuypers\Desktop\PC opschonen\Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe C:\Users\Cuypers\Desktop\PC opschonen\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\Users\Cuypers\Desktop\PC opschonen\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\Users\Cuypers\Desktop\PC opschonen\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe C:\Users\Cuypers\Desktop\PC opschonen\Smart Defrag 2.lnk - C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe C:\Users\Cuypers\Desktop\PC opschonen\SUPERAntiSpyware Free Edition.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\Free&Easy Font Viewer.lnk - C:\Program Files (x86)\Free&Easy Font Viewer\Free&Easy Font Viewer.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\InstantMask.exe - betaald.lnk - C:\Program Files (x86)\InstantMask Pro 2.8\InstantMask.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\Photofilre Reflet.lnk - D:\photofiltre reflectie\Reflet.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\PhotoFiltre 6.lnk - C:\Program Files (x86)\PhotoFiltre\photofiltre.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\photofiltre 7.lnk - C:\Program Files (x86)\PhotoFiltre7\PhotoFiltre7.exe C:\Users\Cuypers\Desktop\tek pfotofiltre o.a\Picase.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe C:\Users\Cuypers\Desktop\tool\Freeraser - Snelkoppeling.lnk - C:\Program Files (x86)\Codyssey\Freeraser\Freeraser.exe C:\Users\Cuypers\Desktop\tool\TreeSizeFree.exe - Snelkoppeling.lnk - C:\Program Files (x86)\JAM Software\TreeSize Free\TreeSizeFree.exe C:\Users\Cuypers\Desktop\tool\WinDirStat.lnk - C:\Program Files (x86)\WinDirStat\windirstat.exe C:\Users\Cuypers\Desktop\VIDEO HALEN\Unzbin.lnk - C:\Program Files (x86)\Unzbin\Unzbin.exe C:\Users\Cuypers\Desktop\Zion\Big Numbers.lnk - D:\Hiyah\Big Numbers\BigNum.exe C:\Users\Cuypers\Desktop\Zion\Colors - Basic.lnk - D:\Hiyah\Colors - Basic\PPTVIEW.EXE /L "playlist.txt" C:\Users\Cuypers\Desktop\Zion\Shapes - Basic.lnk - D:\Hiyah\Shapes Basic\PPTVIEW.EXE /L "playlist.txt" C:\Users\Cuypers-PC\Desktop\Free&Easy Font Viewer.lnk - C:\Program Files (x86)\Free&Easy Font Viewer\Free&Easy Font Viewer.exe C:\Users\Cuypers-PC\Desktop\Unzbin.lnk - C:\Program Files (x86)\Unzbin\Unzbin.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader X .lnk - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\Advanced SystemCare 6.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe C:\Users\Public\Desktop\cd branden InfraRecorder.lnk - C:\Program Files (x86)\InfraRecorder\InfraRecorder.exe C:\Users\Public\Desktop\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\Users\Public\Desktop\Express Zip File Compression Software.lnk - C:\Program Files (x86)\NCH Software\ExpressZip\expresszip.exe C:\Users\Public\Desktop\FotoMorph.lnk - C:\Program Files (x86)\Digital Photo Software\FotoMorph\FotoMorph.exe C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\IntoWords.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\cd-ord.exe C:\Users\Public\Desktop\IObit Malware Fighter.lnk - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe C:\Users\Public\Desktop\iTunes.lnk - C:\Program Files (x86)\iTunes\iTunes.exe C:\Users\Public\Desktop\Logitech Webcam Software .lnk - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\Rich Media Player.lnk - C:\Users\Cuypers\AppData\Local\Rich Media Player\rmplayer.exe C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe C:\Users\Public\Desktop\TeamViewer 6.lnk - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer.exe C:\Users\Public\Desktop\TuneUp 1-klik Onderhoud.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe C:\Users\Public\Desktop\TuneUp Utilities 2013.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe C:\Users\Public\Desktop\Uninstaller.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Cuypers\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Advanced SystemCare 6.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Toolbox.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe /toolbox C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Turbo Boost.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASC.exe /turboboost C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 6\Verwijder Advanced SystemCare.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files\CCleaner\CCleaner64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files\CCleaner\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler\Uninstall Defraggler.lnk - C:\Program Files\Defraggler\uninst.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setDX C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe -setOGL C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\SysWOW64\msiexec.exe /x {96AD3B61-EAE2-11E2-9E72-B8AC6F98CCE3} C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files (x86)\Google\Google Earth\client\googleearth.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight\Microsoft Silverlight.lnk - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\Silverlight.Configuration.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Ask about.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\askabout.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Open plaatjeslezer.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\capture.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Open users guide.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\Manual\manual.pdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Scan\Scan and open as PDF.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvscaninput mvshowpdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Scan\Scan and open as text.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvscaninput mvshowtxt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Scan\Scan and open as Word.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvscaninput mvshowdocx C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Scan\Scan and open as....lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvscaninput mvpromptoutput C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Scan\Scan en lees voor.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvscaninput mvplaytext C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Select image or PDF\Open as audio.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvpromptinput mvplaytext C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Select image or PDF\Open as PDF.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvpromptinput mvshowpdf C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Select image or PDF\Open as text.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvpromptinput mvshowtxt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Select image or PDF\Open as Word.lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvpromptinput mvshowdocx C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mikrov.dk\CD-ORD\SkanRead\Select image or PDF\Save as....lnk - C:\Program Files (x86)\Mikrov\CD-ORD\SkanRead\skanread.exe mvpromptinput mvpromptoutput C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Official Home Page.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Rich Audio Converter.lnk - C:\Users\Cuypers\AppData\Local\Rich Media Player\audioconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Rich Media Downloader.lnk - C:\Users\Cuypers\AppData\Local\Rich Media Player\rmdownloader.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Rich Media Player.lnk - C:\Users\Cuypers\AppData\Local\Rich Media Player\rmplayer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rich Media Player\Rich Video Converter.lnk - C:\Users\Cuypers\AppData\Local\Rich Media Player\videoconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype\Skype.lnk - C:\Program Files (x86)\Skype\Phone\Skype.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Help TuneUp Utilities.lnk - C:\ProgramData\TuneUp Software\TuneUp Utilities 2013\nl-NL\main_vista_7.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\TuneUp Utilities 2013.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Integrator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp 1-klik Onderhoud.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\OneClick.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Browser Cleaner.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\BrowserCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Disk Cleaner.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\DiskCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Disk Doctor.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\DiskDoctor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Disk Space Explorer.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\DiskExplorer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Drive Defrag.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\DriveDefrag.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Economy-modus.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\EnergyOptimizer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Live-optimalisatie.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\SettingCenter.exe /live C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Process Manager.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\ProcessManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Program Deactivator.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\ProgramDeactivator.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Registry Cleaner.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\RegistryCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Registry Defrag.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\RegistryDefrag.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Registry Editor.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\RegistryEditor.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Repair Wizard.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\RepairWizard.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Rescue Center.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\RescueCenter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Setting Center.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\SettingCenter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Shortcut Cleaner.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\ShortcutCleaner.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Shredder.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Shredder.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp StartUp Manager.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\StartUpManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp StartUp Optimizer.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\StartupOptimizer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Styler.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Styler.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp System Control.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\SystemControl.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp System Information.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\SystemInformation.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Undelete.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Undelete.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Uninstall Manager.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\UninstallManager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp Update Wizard.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\UpdateWizard.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2013\Alle functies\TuneUp-optimalisatierapport.lnk - C:\Program Files (x86)\TuneUp Utilities 2013\Report.exe ==== shortcuts in Quick Launch ====================== C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Office Outlook.lnk - C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE /recycle C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\Windows\system32\control.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\9d91276b0be3e46b\pinned.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Defraggler.lnk - C:\Program Files\Defraggler\Defraggler64.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\EPSON Easy Photo Print.lnk - C:\Program Files (x86)\epson\Creativity Suite\Easy Photo Print\EEasyPhotoPrint.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Media Center.lnk - C:\Windows\ehome\ehshell.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Uninstall Programs.lnk - C:\Program Files (x86)\IObit\Advanced SystemCare 6\Suc10_Uninstal.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Welcome Center.lnk - C:\Windows\system32\rundll32.exe C:\Windows\system32\OobeFldr.dll,ShowWelcomeCenter LaunchedBy_StartMenuShortcut C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Calculator.lnk - C:\Windows\system32\calc.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Logitech Webcam Software .lnk - C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\HelpMain\launchershortcut.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Magnify.lnk - C:\Windows\system32\magnify.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Narrator.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\photofiltre 7.lnk - C:\Program Files (x86)\PhotoFiltre7\PhotoFiltre7.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\SilkQuit Meter.lnk - C:\Program Files (x86)\SilkQuit\SilkQuit.exe C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Snipping Tool.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Sound Recorder.lnk - C:\Users\Cuypers\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Cuypers-PC\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\doagiokpgboiomffjfhaiimafndmmpni deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fkcdbkhjcaljlfolhllfneigeepmjfim deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hbcennhacfaagdopikcegfcobcadeocj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\icdlfehblmklkikfigmjhbmmpmkmpooj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\igdhbblpcellaljokkpfhcjlagemhgjl deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\kolgnaidildmdbfgdnoapjdianbpajne deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\mhkaekfpcppmmioggniknbnbdbcigpkk deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pfndaklgolladniicklehhancnlgocpp deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\amfclgbdpgndipgoegfpkkgobahigbcl deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully ==== HijackThis Entries ====================== R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.be/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: WOT Helper - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files (x86)\WOT\WOT.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files (x86)\WOT\WOT.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe O4 - HKLM\..\Run: [TurboV EVO] "C:\Program Files (x86)\ASUS\TurboV EVO\TurboV_EVO.exe" -b O4 - HKLM\..\Run: [LWS] C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe -hide O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart O4 - HKCU\..\Run: [EPSON Stylus DX8400 Series] C:\Windows\system32\spool\DRIVERS\x64\3\E_IATICEE.EXE /FU "C:\Windows\TEMP\E_S975E.tmp" /EF "HKCU" O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Advanced SystemCare 6] "C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCTray.exe" /AutoStart O4 - HKCU\..\Run: [F.lux] "C:\Users\Cuypers\Local Settings\Apps\F.lux\flux.exe" /noshow O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [adaware] reg.exe delete "HKCU\Software\AppDataLow\Software\adaware" /f (User 'Default user') O4 - Startup: Dropbox.lnk = Cuypers\AppData\Roaming\Dropbox\bin\Dropbox.exe O4 - Global Startup: SilkQuit Meter.lnk = C:\Program Files (x86)\SilkQuit\SilkQuit.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4A85DBE0-BFB2-4119-8401-186A7C6EB653} - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/mjss/MJSS.cab109791.cab O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Protocol: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files (x86)\WOT\WOT.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\23796~1.11\{16cdf~1\browse~1.dll c:\progra~3\browse~1\23762~1.17\{16cdf~1\browse~1.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Advanced SystemCare Service 6 (AdvancedSystemCareService6) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 6\ASCService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASUS System Control Service (AsSysCtrlService) - Unknown owner - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.05\AsSysCtrlService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BroadCam Video Streaming Server (BroadCamService) - Unknown owner - C:\Program Files (x86)\NCH Software\BroadCam\broadcam.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SecureUpdate (SecureUpdateSvc) - Unknown owner - C:\Program Files (x86)\Secure Speed Dial\IE\SecureUpdate.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cuypers-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cuypers-PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Cuypers-PC\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6YINWFZR will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JYA8LIWD will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U21J9SDX will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0C1GTN08 will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JHL8OCX will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DXIT6T33 will be deleted at reboot C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KANESOSM will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== C:\users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\Cuypers\AppData\Local\Google\Chrome\User Data\Default\Extensions\glmfgahfleepmdfffonfckpmkondpdkg\1.2.8_0\cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Cuypers\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Program Files (x86)\Common Files\Spigot" not found "C:\Program Files (x86)\Common Files\Spigot" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\6YINWFZR" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JYA8LIWD" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U21J9SDX" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\0C1GTN08" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\2JHL8OCX" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\DXIT6T33" not found "C:\Users\Cuypers\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\KANESOSM" not found ==== EOF on za 31/08/2013 at 19:20:01,92 ======================