Zoek.exe v5.0.0.0 Updated 04-March-2015 Tool run by Jos on do 05/03/2015 at 10:53:40,09. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Jos\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used] ==== System Restore Info ====================== 5/03/2015 11:22:33 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\gmsd_be_76 deleted successfully C:\PROGRA~2\GUMF9B1.tmp deleted successfully C:\PROGRA~2\IncrediMail_MediaBar_Nederlands_2 deleted successfully C:\Program Files\log deleted successfully C:\PROGRA~3\MovieWizard deleted successfully C:\Users\chicco\AppData\Roaming\hpqLog deleted successfully C:\Users\Jos\AppData\Roaming\hpqLog deleted successfully C:\Users\Jos\AppData\Roaming\TP deleted successfully C:\Users\chicco\AppData\Local\{00DA7ED7-D86A-4E6F-B373-A73F36C2EB3C} deleted successfully C:\Users\chicco\AppData\Local\{0388FAAC-BB18-431E-A470-A4CE42188115} deleted successfully C:\Users\chicco\AppData\Local\{08F1EBD0-D639-49BA-B3BF-E934D3073EB8} deleted successfully C:\Users\chicco\AppData\Local\{110C56FC-1B14-4B0D-B304-773C537DA783} deleted successfully C:\Users\chicco\AppData\Local\{1308B0C7-0707-4CD9-917A-CB90CFCC5875} deleted successfully C:\Users\chicco\AppData\Local\{13E6FD47-E163-4B39-8451-B547F2099BAD} deleted successfully C:\Users\chicco\AppData\Local\{147F25CE-CE10-45F1-9828-744F627CE009} deleted successfully C:\Users\chicco\AppData\Local\{1C153834-2523-461E-BCB5-A6D6CFFAC6C9} deleted successfully C:\Users\chicco\AppData\Local\{1C997805-DEC6-4D04-9496-55CCE5D1ED00} deleted successfully C:\Users\chicco\AppData\Local\{1FA52AC6-4E4C-4133-863D-7034D5FEE0A6} deleted successfully C:\Users\chicco\AppData\Local\{1FBDA2AE-21DD-4BD7-8A16-4542509C1917} deleted successfully C:\Users\chicco\AppData\Local\{218A619A-47D1-410C-B417-5DB56E87F356} deleted successfully C:\Users\chicco\AppData\Local\{2509112B-0E7F-4376-970F-6EFC5930D334} deleted successfully C:\Users\chicco\AppData\Local\{2595F7EA-5D47-45E0-A6BF-26E958D303F0} deleted successfully C:\Users\chicco\AppData\Local\{28359B32-1EC8-49BC-933D-5CCB8A6A6216} deleted successfully C:\Users\chicco\AppData\Local\{2A874F15-B11A-4A76-BE05-26C3D511412A} deleted successfully C:\Users\chicco\AppData\Local\{2C5B0247-1462-440B-8FEC-96E89AD770FA} deleted successfully C:\Users\chicco\AppData\Local\{2C9755B1-A721-409D-8C36-32C8134F9DF7} deleted successfully C:\Users\chicco\AppData\Local\{2FC6D048-9B32-44B2-96BE-6EB295320EAF} deleted successfully C:\Users\chicco\AppData\Local\{32BE4B5E-1A9D-4836-8DDD-156E4D058EF7} deleted successfully C:\Users\chicco\AppData\Local\{336E6C9C-755D-4671-9322-AD558D9D2D06} deleted successfully C:\Users\chicco\AppData\Local\{37CA1E4D-75C2-4503-87B5-86D21D8E8105} deleted successfully C:\Users\chicco\AppData\Local\{3A604E99-7308-49C0-A6D2-4C49FDD6438D} deleted successfully C:\Users\chicco\AppData\Local\{3BEE7FDB-CDEA-417C-9B99-300DD8CC1F32} deleted successfully C:\Users\chicco\AppData\Local\{4045F6E9-FECF-4C68-A4A8-C710B30B12DC} deleted successfully C:\Users\chicco\AppData\Local\{41FC27BB-5797-4D9A-B5AB-1D1E5E70B62C} deleted successfully C:\Users\chicco\AppData\Local\{43D75329-326D-4311-B022-F2FEE40E226E} deleted successfully C:\Users\chicco\AppData\Local\{43FB4046-A619-4EBA-90E7-02D798AF5C0C} deleted successfully C:\Users\chicco\AppData\Local\{4576AE32-9AFF-4D88-BFF3-1E139DE30768} deleted successfully C:\Users\chicco\AppData\Local\{4792EEB8-0EC7-4965-B701-F9CBFA01C21E} deleted successfully C:\Users\chicco\AppData\Local\{4B9B639F-5424-4B65-8C50-0B0040069F5C} deleted successfully C:\Users\chicco\AppData\Local\{4BA699A8-C3D2-401E-8C6F-7BDCF9C39039} deleted successfully C:\Users\chicco\AppData\Local\{4C525834-EB88-4B2D-A27C-B15CEEF8275C} deleted successfully C:\Users\chicco\AppData\Local\{4D182316-8C5F-4037-BB83-45A294C2BB5F} deleted successfully C:\Users\chicco\AppData\Local\{4FD8F2FB-1C51-4C70-A543-CF5C9B0AF5E4} deleted successfully C:\Users\chicco\AppData\Local\{54172768-0A44-4853-BEFE-43A8299F4324} deleted successfully C:\Users\chicco\AppData\Local\{549CB472-FAED-494A-BCD1-D74ABE0861D4} deleted successfully C:\Users\chicco\AppData\Local\{57F3BEED-2617-431D-B983-469D0CDA6CDD} deleted successfully C:\Users\chicco\AppData\Local\{6193089D-848C-4568-B23D-B2E4F5756AE9} deleted successfully C:\Users\chicco\AppData\Local\{62F799C7-FA65-42D5-AE35-C0344567505B} deleted successfully C:\Users\chicco\AppData\Local\{6323DBB5-E4E8-471E-9DC5-6A1A4E51339F} deleted successfully C:\Users\chicco\AppData\Local\{65117BF6-F92B-453B-8B04-69AEE228452B} deleted successfully C:\Users\chicco\AppData\Local\{67E5BA47-33C4-4E39-8981-9299FD7F4EBD} deleted successfully C:\Users\chicco\AppData\Local\{7088BBE3-910F-49FB-B63B-A6A1EBF290DE} deleted successfully C:\Users\chicco\AppData\Local\{70D8CEF1-95FF-4292-AECE-E31D566DF002} deleted successfully C:\Users\chicco\AppData\Local\{718816FD-18CD-4292-B4FA-2C4D4740B8DB} deleted successfully C:\Users\chicco\AppData\Local\{773FB957-F55F-4DC0-86D8-70244D2DE8DE} deleted successfully C:\Users\chicco\AppData\Local\{780E88B9-3096-4C76-9B32-10F0E1C1EB7B} deleted successfully C:\Users\chicco\AppData\Local\{7B2A416D-ED81-4DB7-877E-B8E71AD0ACD7} deleted successfully C:\Users\chicco\AppData\Local\{7B9EF07E-6FD8-4083-A840-3FD120701B91} deleted successfully C:\Users\chicco\AppData\Local\{7C8A2BC1-84EA-4B3F-964E-70B22330FBE6} deleted successfully C:\Users\chicco\AppData\Local\{7DDE0625-3EDF-4436-AC75-6BABDFDD4095} deleted successfully C:\Users\chicco\AppData\Local\{7FE83684-0BD0-45CF-893B-A46AF8CD8A75} deleted successfully C:\Users\chicco\AppData\Local\{80012C58-1F24-45AB-BC35-DF595022C5E7} deleted successfully C:\Users\chicco\AppData\Local\{829C20E7-5BB8-43CD-B188-B4432BDFC103} deleted successfully C:\Users\chicco\AppData\Local\{847AFBB8-8EF8-43CB-83E5-AF96813B5213} deleted successfully C:\Users\chicco\AppData\Local\{8AD51E31-56E7-4D47-A108-B8A14B446E8C} deleted successfully C:\Users\chicco\AppData\Local\{8C37563C-BE84-4824-933D-12BDF3A360A2} deleted successfully C:\Users\chicco\AppData\Local\{8DCA78D5-2BBE-4F41-9D00-286C250CF0B9} deleted successfully C:\Users\chicco\AppData\Local\{90E41CA4-767F-4804-B4CF-946FF6151FAE} deleted successfully C:\Users\chicco\AppData\Local\{919B796B-42E9-45AB-A2BB-F5131A7F21FA} deleted successfully C:\Users\chicco\AppData\Local\{91FE27B0-0979-4953-8D8A-B55A8625C557} deleted successfully C:\Users\chicco\AppData\Local\{93B41B0D-2F4C-4DA3-9289-6575F80E9DBD} deleted successfully C:\Users\chicco\AppData\Local\{98331F29-0CE1-40DD-BF56-96EBE26F0ACB} deleted successfully C:\Users\chicco\AppData\Local\{9BDB0295-13DD-40A2-BF21-D8403C74BB34} deleted successfully C:\Users\chicco\AppData\Local\{9F23AC52-7474-4DEF-AB4F-E67583EEF893} deleted successfully C:\Users\chicco\AppData\Local\{A31AD723-F6C4-4F4B-866A-B9DD2286152E} deleted successfully C:\Users\chicco\AppData\Local\{A5C1CD1D-981F-4A3F-9D8A-50AFF148F620} deleted successfully C:\Users\chicco\AppData\Local\{A7A4FB09-287B-4250-8A6F-91B9936E0F42} deleted successfully C:\Users\chicco\AppData\Local\{AB77D327-8B84-4E1E-8558-CA135A17C604} deleted successfully C:\Users\chicco\AppData\Local\{ACCA068F-271D-47EC-89AA-50D25A46D756} deleted successfully C:\Users\chicco\AppData\Local\{AD55A5D1-BF75-4985-B269-45F2520A913E} deleted successfully C:\Users\chicco\AppData\Local\{AE38CDF4-050C-437C-8F4D-2CF6E297967C} deleted successfully C:\Users\chicco\AppData\Local\{B06FE9B9-BA4C-4291-8634-58E0A8EC04B1} deleted successfully C:\Users\chicco\AppData\Local\{B6697840-6EA1-4809-B437-036291BC4C4E} deleted successfully C:\Users\chicco\AppData\Local\{B6D3E948-94B1-46EC-9F16-FE79D92879C4} deleted successfully C:\Users\chicco\AppData\Local\{B78AF3CF-0961-4AC9-9787-0B8051CEBCC1} deleted successfully C:\Users\chicco\AppData\Local\{B81B0B81-76D9-432B-B24D-62C56E8E3DD0} deleted successfully C:\Users\chicco\AppData\Local\{B882D74B-FB84-4BB9-A1A5-DF93D375BEDB} deleted successfully C:\Users\chicco\AppData\Local\{B8A14092-67B3-4ACD-8163-24D199CE4535} deleted successfully C:\Users\chicco\AppData\Local\{BB603309-EC0B-439D-B321-5D07982AC90B} deleted successfully C:\Users\chicco\AppData\Local\{BD265759-7EF9-4DE6-AFF2-B72ED5353C41} deleted successfully C:\Users\chicco\AppData\Local\{BDCBE9F6-5063-4F1A-A51D-E628B403EB95} deleted successfully C:\Users\chicco\AppData\Local\{C0AFC252-506D-4F00-BDF2-6EDA0DABB93F} deleted successfully C:\Users\chicco\AppData\Local\{C0B20AAA-6C49-4833-B57D-15930BE026A8} deleted successfully C:\Users\chicco\AppData\Local\{C21554D8-8CC7-495F-B7DB-62395D80090F} deleted successfully C:\Users\chicco\AppData\Local\{C220AAAB-4F40-4F43-BE76-8850A381F2FC} deleted successfully C:\Users\chicco\AppData\Local\{C255DA5C-ED93-40DC-84E0-9AFA30BF29D0} deleted successfully C:\Users\chicco\AppData\Local\{C436C6E7-7EE8-41E0-9F75-28B602A2F226} deleted successfully C:\Users\chicco\AppData\Local\{C7266622-A530-4BE9-BD09-2E6D70E8A23D} deleted successfully C:\Users\chicco\AppData\Local\{C83D38DF-9012-494C-871A-7124A8667C9B} deleted successfully C:\Users\chicco\AppData\Local\{CA1C1516-3DFD-4DF1-A052-250B6B1B41C8} deleted successfully C:\Users\chicco\AppData\Local\{CD52936E-B48A-4136-BEE3-C1335C03E62E} deleted successfully C:\Users\chicco\AppData\Local\{CE1E67E2-9F17-4307-A117-A76A19488D99} deleted successfully C:\Users\chicco\AppData\Local\{D09896CF-6CCB-4FF1-9FBD-FF3B2460D2AC} deleted successfully C:\Users\chicco\AppData\Local\{D1355483-01C5-4C79-A3D9-616D176EEC97} deleted successfully C:\Users\chicco\AppData\Local\{D426F43C-4CEC-4665-8B59-CD69089CD5BC} deleted successfully C:\Users\chicco\AppData\Local\{D4B72701-F394-4458-9AF3-7C5DF6C6A23D} deleted successfully C:\Users\chicco\AppData\Local\{D631105C-659E-4FDA-9D4B-1EE4B5139590} deleted successfully C:\Users\chicco\AppData\Local\{D689A122-ACA6-4A8E-882C-4781BE8B7020} deleted successfully C:\Users\chicco\AppData\Local\{D71678B8-673F-4E72-BBE7-68DA95346104} deleted successfully C:\Users\chicco\AppData\Local\{D8A260E6-0BAB-445C-9E95-063FC1CE4AF4} deleted successfully C:\Users\chicco\AppData\Local\{D8D6E96C-5505-41C7-85B3-EA05A79162E4} deleted successfully C:\Users\chicco\AppData\Local\{D9C3DA1F-2E11-4462-ABB7-E1B7B14E2456} deleted successfully C:\Users\chicco\AppData\Local\{DC32762B-A832-43F3-ADB6-EA6C971685E0} deleted successfully C:\Users\chicco\AppData\Local\{E0E094B4-0739-49A8-9780-752300B682E4} deleted successfully C:\Users\chicco\AppData\Local\{E2FD5225-7136-46F0-9A27-E3DBC4B0451E} deleted successfully C:\Users\chicco\AppData\Local\{E3AB9853-4BAD-4D02-8E66-DF2171955B02} deleted successfully C:\Users\chicco\AppData\Local\{E6C89EEE-C467-40C6-8770-C34F9F7A2E31} deleted successfully C:\Users\chicco\AppData\Local\{EC47450E-3DED-4E41-84D6-5FCAB4007348} deleted successfully C:\Users\chicco\AppData\Local\{EC71EAA3-5607-448B-8857-DF7054E85925} deleted successfully C:\Users\chicco\AppData\Local\{EE55ACA3-977B-40D7-9977-FC5934D2E414} deleted successfully C:\Users\chicco\AppData\Local\{F24EF91F-440E-4715-915A-4513A7D40F42} deleted successfully C:\Users\chicco\AppData\Local\{F3BF7915-A817-48E0-B5F2-EF7CAAB1CC84} deleted successfully C:\Users\chicco\AppData\Local\{F72455BE-9C8F-4331-8A9B-8F84AB4BAA7E} deleted successfully C:\Users\chicco\AppData\Local\{F8604BC6-F9BB-4CC0-899A-316D115DE8EC} deleted successfully C:\Users\chicco\AppData\Local\{F8A22844-857D-43A5-851B-D8A8F28C7A99} deleted successfully C:\Users\chicco\AppData\Local\{F9A253C5-592A-4246-AC5C-D56B9DD68AF8} deleted successfully C:\Users\chicco\AppData\Local\{FA7FA7FB-A661-4C6D-911B-443783429EFA} deleted successfully C:\Users\chicco\AppData\Local\{FD5149E0-94DA-44F5-A3D8-BFF9AE46AF7B} deleted successfully C:\Users\Gast\AppData\Local\VirtualStore deleted successfully C:\Users\Jos\AppData\Local\MovieWizard deleted successfully C:\Users\Jos\AppData\Local\OpenCandy deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{16E2F390-8C5B-4C52-9478-A62D81CC369E} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{5BB9D15B-DCBC-48DA-9A9A-78221D9A7793} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{632F07F3-19A1-4d16-A23F-E6CE9486BAB5} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{6CB7B80B-0EC1-4BFA-83BC-3BBA4510F2E0} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{709F6B9B-3946-4E05-AAC3-E43B800DA2B0} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{78E6A2E4-C5E1-43EC-97E9-34AC08027BBA} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\SearchScopes\{E733165D-CBCF-4FDA-883E-ADEF965B476C} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D2CE3E00-F94A-4740-988E-03DC2F38C34F} deleted successfully HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Mozilla\Firefox\Extensions\{e4f94d1e-2f53-401e-8885-681602c0ddd8} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{46735dee-f862-49d1-876d-6382794dc625} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95324e44-4b0a-47a9-8f77-9c6415e51c29} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{98889811-442D-49dd-99D7-DC866BE87DBC} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{8dcb7100-df86-4384-8842-8fa844297b3f} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully ==== Installed Programs ====================== Adobe AIR Adobe Flash Player 16 ActiveX Adobe Flash Player 16 NPAPI Avast Free Antivirus ESU for Microsoft Windows 7 Google Chrome Google Update Helper Malwarebytes Anti-Malware versie 2.0.4.1028 Microsoft .NET Framework 4.5.1 Microsoft .NET Framework 4.5.1 (Nederlands) Microsoft .NET Framework 4.5.1 (NLD) Microsoft Application Error Reporting Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (Dutch) 2007 Microsoft Office Excel MUI (Dutch) 2007 Microsoft Office File Validation Add-In Microsoft Office InfoPath MUI (Dutch) 2007 Microsoft Office Office 64-bit Components 2007 Microsoft Office Outlook MUI (Dutch) 2007 Microsoft Office PowerPoint MUI (Dutch) 2007 Microsoft Office Professional Plus 2007 Microsoft Office Proof (Dutch) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proofing (Dutch) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (Dutch) 2007 Microsoft Office Shared 64-bit MUI (Dutch) 2007 Microsoft Office Shared MUI (Dutch) 2007 Microsoft Office Word MUI (Dutch) 2007 Microsoft PowerPoint Viewer Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft SQL Server 2005 Compact Edition [ENU] Microsoft SQL Server Compact 3.5 SP1 English Microsoft SQL Server Compact 3.5 SP1 x64 English Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 More Games from HP Games PepperZip 2.0 RealDownloader RealNetworks - Microsoft Visual C++ 2008 Runtime RealNetworks - Microsoft Visual C++ 2010 Runtime RealPlayer Cloud Realtek Ethernet Controller Driver For Windows 7 RealUpgrade 1.1 Reimage Repair Search App by Ask Security Update for Microsoft .NET Framework 4.5.1 (KB2898869) Security Update for Microsoft .NET Framework 4.5.1 (KB2901126) Security Update for Microsoft .NET Framework 4.5.1 (KB2931368) Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596825) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597973) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760411) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760415) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760585) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760591) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2817330) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2827326) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2850022) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2878233) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880507) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880508) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2880513) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2881069) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2827324) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2817565) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2880515) 32-Bit Edition Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5) Super Optimizer v3.2 TomTom HOME Visual Studio Merge Modules Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition Update voor Microsoft Office Excel 2007 Help (KB963678) Update voor Microsoft Office Powerpoint 2007 Help (KB963669) Update voor Microsoft Office Word 2007 Help (KB963665) UpdateService VASCO Card Reader Plug-In (64-Bit) Video Downloader Visual Studio C++ 10.0 Runtime VLC media player Windows Live Communications Platform Windows Live Essentials Windows Live Family Safety Windows Live ID Sign-in Assistant Windows Live Installer Windows Live Language Selector Windows Live Mail Windows Live Mesh - ActiveX-besturingselement voor externe verbindingen Windows Live Mesh Windows Live Messenger Windows Live Messenger Companion Core Windows Live MIME IFilter Windows Live Movie Maker Windows Live Photo Common Windows Live Photo Gallery Windows Live PIMT Platform Windows Live Remote Client Windows Live Remote Client Resources Windows Live Remote Service Windows Live Remote Service Resources Windows Live SOXE Windows Live SOXE Definitions Windows Live Sync Windows Live UX Platform Windows Live UX Platform Language Pack Windows Live Writer Windows Live Writer Resources YTDownloader ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\PROGRA~2\YTDOWN~1\BROWSE~2.EXE C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe C:\Windows\SysWOW64\ezSharedSvcHost.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe C:\ProgramData\GveSCot\oapjrYNkKn.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe C:\Program Files (x86)\YTDownloader\YTDownloader.exe C:\Program Files (x86)\Smart PC Cleaner\SPCReminder.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe C:\Program Files (x86)\Ask.com\Updater\Updater.exe C:\ProgramData\{a11873b3-874d-2ecb-a118-873b3874cece}\superoptimizersetup.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastui.exe C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\PROGRA~2\YTDOWN~1\BrowserHelper.exe C:\Users\Jos\Downloads\zoek.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Users\Jos\AppData\Local\Installer\Installcr_19515\DCytdiegut_gutdc_setup.exe C:\Users\Jos\AppData\Local\Installer\Installcr_19515\DCytdiegut_gutdc_setup.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\oapjrYNkKn deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\APNMCP deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BrsHelper deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BrsHelper deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\SPBIUpd deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ReimageRealTimeProtector deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\BackupStack deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sbmntr deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\sbmntr deleted successfully ==== FireFox Fix ====================== ProfilePath: C:\Users\chicco\AppData\Roaming\Mozilla\Firefox\Profiles\7m2qk5rk.default-1424184591928 user.js not found ---- Lines Search removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\ ---- FireFox user.js and prefs.js backups ---- prefs_20150503_1225_.backup ProfilePath: C:\Users\chicco\AppData\Roaming\Thunderbird\Profiles\u7goch1p.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150503_1225_.backup ProfilePath: C:\Users\chicco\AppData\Roaming\TomTom\HOME\Profiles\xsczw2sg.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150503_1225_.backup ProfilePath: C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default user.js not found ---- Lines BabylonToolbar removed from prefs.js ---- user_pref("extensions.BabylonToolbar.admin", false); user_pref("extensions.BabylonToolbar.aflt", "orgnl"); user_pref("extensions.BabylonToolbar.bbDpng", 1); user_pref("extensions.BabylonToolbar.cntry", "BE"); user_pref("extensions.BabylonToolbar.dfltSrch", false); user_pref("extensions.BabylonToolbar.excTlbr", false); user_pref("extensions.BabylonToolbar.firstRun", false); user_pref("extensions.BabylonToolbar.hdrMd5", "D3CE2CB1A277563E1A8A233450F5B0F8"); user_pref("extensions.BabylonToolbar.hmpg", false); user_pref("extensions.BabylonToolbar.lastActv", "22"); user_pref("extensions.BabylonToolbar.lastDP", 1); user_pref("extensions.BabylonToolbar.lastVrsnTs", ""); user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "25.0"); user_pref("extensions.BabylonToolbar.newTab", true); user_pref("extensions.BabylonToolbar.newTabUrl", "http://search.babylon.com/?babsrc=NT_FFUP"); user_pref("extensions.BabylonToolbar.noFFXTlbr", false); user_pref("extensions.BabylonToolbar.propectorlck", 124460272); user_pref("extensions.BabylonToolbar.smplGrp", "azb"); ---- Lines CT2102399 removed from prefs.js ---- user_pref("CommunityToolbar.EngineOwner", "CT2102399"); user_pref("CommunityToolbar.OriginalEngineOwner", "CT2102399"); user_pref("CommunityToolbar.ToolbarsList", "ConduitEngine,CT2102399,CT2727678"); user_pref("CommunityToolbar.ToolbarsList2", "CT2102399,CT2727678"); user_pref("CT2102399..clientLogIsEnabled", true); user_pref("CT2102399..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2102399..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2102399.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2102399.alertChannelId", "518308"); user_pref("CT2102399.backendstorage.http://cmg1_conduit-widgets_com/pitsi.state", "4F50454E"); user_pref("CT2102399.CTID", "CT2102399"); user_pref("CT2102399.CurrentServerDate", "10-8-2011"); user_pref("CT2102399.DialogsAlignMode", "LTR"); user_pref("CT2102399.DialogsGetterLastCheckTime", "Wed Jun 01 2011 16:27:42 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.DownloadReferralCookieData", ""); user_pref("CT2102399.EMailNotifierPollDate", "Wed Aug 10 2011 15:22:19 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.ExternalComponentPollDate128987942863125952", "Wed Aug 10 2011 15:09:12 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.ExternalComponentPollDate129007784800094055", "Wed Aug 10 2011 15:09:13 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.ExternalComponentPollDate129237587753858307", "Wed Aug 10 2011 15:09:12 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedLastCount128731380714969334", 356); user_pref("CT2102399.FeedLastCount129315323335031267", 450); user_pref("CT2102399.FeedPollDate128734848660238153", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734848780081259", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734848899768760", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734849162893952", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734849447894294", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734849563988162", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734849871644036", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734850012112791", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851254769189", "Wed Aug 10 2011 15:09:17 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851343519240", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851486175530", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851555550653", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851626019450", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128734851705082013", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128737397111669438", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128737397234794525", "Wed Aug 10 2011 15:09:17 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128737397358857050", "Wed Aug 10 2011 15:09:17 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate128902540560556910", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129116725838750303", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129176784974660683", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129192039304157236", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129195361967280412", "Wed Aug 10 2011 15:09:16 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129311824697844123", "Wed Aug 10 2011 15:09:17 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129311824697844129", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129313894484444664", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129315104353631992", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedPollDate129315323335343769", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.FeedTTL128734849162893952", 5); user_pref("CT2102399.FeedTTL128734849447894294", 20); user_pref("CT2102399.FeedTTL128734849563988162", 30); user_pref("CT2102399.FeedTTL128734849871644036", 15); user_pref("CT2102399.FeedTTL128734850012112791", 5); user_pref("CT2102399.FeedTTL128737397358857050", 30); user_pref("CT2102399.FeedTTL128902540560556910", 40); user_pref("CT2102399.FeedTTL129116725838750303", 40); user_pref("CT2102399.FeedTTL129176784974660683", 40); user_pref("CT2102399.FeedTTL129192039304157236", 40); user_pref("CT2102399.FeedTTL129311824697844123", 40); user_pref("CT2102399.FeedTTL129311824697844129", 40); user_pref("CT2102399.FeedTTL129313894484444664", 40); user_pref("CT2102399.FeedTTL129315104353631992", 40); user_pref("CT2102399.FeedTTL129315323335343769", 40); user_pref("CT2102399.FirstServerDate", "1-6-2011"); user_pref("CT2102399.FirstTime", true); user_pref("CT2102399.FirstTimeFF3", true); user_pref("CT2102399.FixPageNotFoundErrors", true); user_pref("CT2102399.globalFirstTimeInfoLastCheckTime", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.GroupingServerCheckInterval", 1440); user_pref("CT2102399.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2102399.HasUserGlobalKeys", true); user_pref("CT2102399.Initialize", true); user_pref("CT2102399.InitializeCommonPrefs", true); user_pref("CT2102399.InstallationAndCookieDataSentCount", 3); user_pref("CT2102399.InstallationType", "UnknownIntegration"); user_pref("CT2102399.InstalledDate", "Wed Jun 01 2011 16:27:40 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.InvalidateCache", false); user_pref("CT2102399.isAppTrackingManagerOn", true); user_pref("CT2102399.IsGrouping", false); user_pref("CT2102399.IsMulticommunity", false); user_pref("CT2102399.IsOpenThankYouPage", true); user_pref("CT2102399.IsOpenUninstallPage", true); user_pref("CT2102399.LanguagePackLastCheckTime", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.LanguagePackReloadIntervalMM", 1440); user_pref("CT2102399.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2102399.LastLogin_3.3.3.2", "Wed Aug 10 2011 15:09:20 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.LatestVersion", "3.3.3.2"); user_pref("CT2102399.Locale", "nl"); user_pref("CT2102399.MCDetectTooltipHeight", "83"); user_pref("CT2102399.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2102399.MCDetectTooltipWidth", "295"); user_pref("CT2102399.myStuffEnabled", true); user_pref("CT2102399.myStuffPublihserMinWidth", 400); user_pref("CT2102399.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" user_pref("CT2102399.myStuffServiceIntervalMM", 1440); user_pref("CT2102399.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF user_pref("CT2102399.oldAppsList", "128719124367600658,128719124391506909,129235028739995966,129315323335031267,129457908992178159,129237587753858307, user_pref("CT2102399.RadioIsPodcast", false); user_pref("CT2102399.RadioLastCheckTime", "Wed Aug 10 2011 15:09:15 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.RadioLastUpdateIPServer", "3"); user_pref("CT2102399.RadioLastUpdateServer", "129315398872270000"); user_pref("CT2102399.RadioMediaID", "9511994"); user_pref("CT2102399.RadioMediaType", "Media Player"); user_pref("CT2102399.RadioMenuSelectedID", "EBRadioMenu_CT21023999511994"); user_pref("CT2102399.RadioStationName", "Radio%201%20"); user_pref("CT2102399.RadioStationURL", "http://www.omroep.nl/live/radio1-breed.asx"); user_pref("CT2102399.SearchFromAddressBarIsInit", true); user_pref("CT2102399.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2102399&q="); user_pref("CT2102399.SearchInNewTabEnabled", true); user_pref("CT2102399.SearchInNewTabIntervalMM", 1440); user_pref("CT2102399.SearchInNewTabLastCheckTime", "Wed Aug 10 2011 15:09:12 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2102399.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); user_pref("CT2102399.ServiceMapLastCheckTime", "Wed Aug 10 2011 15:09:13 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.SettingsLastCheckTime", "Wed Aug 10 2011 15:09:12 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.SettingsLastUpdate", "1312118211"); user_pref("CT2102399.testingCtid", ""); user_pref("CT2102399.ThirdPartyComponentsInterval", 504); user_pref("CT2102399.ThirdPartyComponentsLastCheck", "Wed Jul 27 2011 20:19:58 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.ThirdPartyComponentsLastUpdate", "1256026239"); user_pref("CT2102399.toolbarAppMetaDataLastCheckTime", "Wed Aug 10 2011 15:09:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.toolbarContextMenuLastCheckTime", "Wed Jun 01 2011 16:27:42 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.TrusteLinkUrl", "http://trust.conduit.com/CT2102399"); user_pref("CT2102399.UserID", "UN18739608434751729"); user_pref("CT2102399.WeatherNetwork", ""); user_pref("CT2102399.WeatherPollDate", "Wed Aug 10 2011 15:09:17 GMT+0200 (Romance (zomertijd))"); user_pref("CT2102399.WeatherUnit", "C"); ---- Lines CT2727678 removed from prefs.js ---- user_pref("CommunityToolbar.ToolbarsList4", "CT2727678"); user_pref("CT2727678..clientLogIsEnabled", false); user_pref("CT2727678..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2727678..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2727678.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2727678.alertChannelId", "1119940"); user_pref("CT2727678.ct2727678.DialogsAlignMode", "LTR"); user_pref("CT2727678.ct2727678.FeedLastCount129251362180576374", 0); user_pref("CT2727678.ct2727678.globalFirstTimeInfoLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.InvalidateCache", false); user_pref("CT2727678.ct2727678.LanguagePackLastCheckTime", "Wed Aug 10 2011 15:22:23 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.Locale", "nl"); user_pref("CT2727678.ct2727678.RadioLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.RadioLastUpdateIPServer", "3"); user_pref("CT2727678.ct2727678.RadioLastUpdateServer", "129251437915200000"); user_pref("CT2727678.ct2727678.SearchInNewTabLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.SettingsLastCheckTime", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.SettingsLastUpdate", "1312118218"); user_pref("CT2727678.ct2727678.ThirdPartyComponentsLastCheck", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.ThirdPartyComponentsLastUpdate", "1256026239"); user_pref("CT2727678.ct2727678.toolbarAppMetaDataLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ct2727678.toolbarContextMenuLastCheckTime", "Wed Aug 10 2011 15:22:23 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.CTID", "ct2727678"); user_pref("CT2727678.CurrentServerDate", "10-8-2011"); user_pref("CT2727678.DialogsAlignMode", "LTR"); user_pref("CT2727678.DialogsGetterLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.DownloadReferralCookieData", ""); user_pref("CT2727678.FeedPollDate129251362180576374", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.FirstServerDate", "10-8-2011"); user_pref("CT2727678.FirstTime", true); user_pref("CT2727678.FirstTimeFF3", true); user_pref("CT2727678.FixPageNotFoundErrors", false); user_pref("CT2727678.globalFirstTimeInfoLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.GroupingServerCheckInterval", 1440); user_pref("CT2727678.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2727678.HasUserGlobalKeys", true); user_pref("CT2727678.homepageProtectorEnableByLogin", true); user_pref("CT2727678.initDone", true); user_pref("CT2727678.Initialize", true); user_pref("CT2727678.InitializeCommonPrefs", true); user_pref("CT2727678.InstallationAndCookieDataSentCount", 2); user_pref("CT2727678.InstallationId", "ConduitStubGeneric"); user_pref("CT2727678.InstallationType", "ConduitStubIntegration"); user_pref("CT2727678.InstalledDate", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.InvalidateCache", false); user_pref("CT2727678.isAppTrackingManagerOn", true); user_pref("CT2727678.isFirstRadioInstallation", false); user_pref("CT2727678.IsGrouping", false); user_pref("CT2727678.IsInitSetupIni", true); user_pref("CT2727678.IsOpenThankYouPage", false); user_pref("CT2727678.IsOpenUninstallPage", true); user_pref("CT2727678.LanguagePackLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.LanguagePackReloadIntervalMM", 1440); user_pref("CT2727678.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2727678.LastLogin_3.5.0.12", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.LatestVersion", "3.3.5.1"); user_pref("CT2727678.Locale", "nl"); user_pref("CT2727678.MCDetectTooltipHeight", "83"); user_pref("CT2727678.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2727678.MCDetectTooltipWidth", "295"); user_pref("CT2727678.myStuffEnabled", true); user_pref("CT2727678.MyStuffEnabledAtInstallation", true); user_pref("CT2727678.myStuffPublihserMinWidth", 400); user_pref("CT2727678.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" user_pref("CT2727678.myStuffServiceIntervalMM", 1440); user_pref("CT2727678.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF user_pref("CT2727678.OriginalFirstVersion", "3.5.0.12"); user_pref("CT2727678.RadioIsPodcast", false); user_pref("CT2727678.RadioLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.RadioLastUpdateIPServer", "0"); user_pref("CT2727678.RadioMediaID", "21096803"); user_pref("CT2727678.RadioMediaType", "Media Player"); user_pref("CT2727678.RadioMenuSelectedID", "EBRadioMenu_CT272767821096803"); user_pref("CT2727678.RadioShrinkedFromSetup", false); user_pref("CT2727678.RadioStationName", "Hotmix%20108"); user_pref("CT2727678.RadioStationURL", "http://shoutcastcp.com/stream/47/listen.asx"); user_pref("CT2727678.SearchFromAddressBarIsInit", true); user_pref("CT2727678.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2727678&q="); user_pref("CT2727678.SearchInNewTabEnabled", true); user_pref("CT2727678.SearchInNewTabIntervalMM", 1440); user_pref("CT2727678.SearchInNewTabLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2727678.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID"); user_pref("CT2727678.searchProtectorDialogDelayInSec", 10); user_pref("CT2727678.searchProtectorEnableByLogin", true); user_pref("CT2727678.ServiceMapLastCheckTime", "Wed Aug 10 2011 15:22:20 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.SettingsLastCheckTime", "Wed Aug 10 2011 15:22:20 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.SettingsLastUpdate", "1312118218"); user_pref("CT2727678.testingCtid", ""); user_pref("CT2727678.ThirdPartyComponentsInterval", 504); user_pref("CT2727678.ThirdPartyComponentsLastCheck", "Wed Aug 10 2011 15:22:20 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ThirdPartyComponentsLastUpdate", "1256026239"); user_pref("CT2727678.toolbarAppMetaDataLastCheckTime", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.toolbarContextMenuLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.ToolbarShrinkedFromSetup", false); user_pref("CT2727678.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityTool user_pref("CT2727678.TrusteLinkUrl", "http://trust.conduit.com/CT2727678"); user_pref("CT2727678.undefined", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.UserID", "UN94924987808140377"); user_pref("CT2727678.WeatherNetwork", ""); user_pref("CT2727678.WeatherPollDate", "Wed Aug 10 2011 15:22:23 GMT+0200 (Romance (zomertijd))"); user_pref("CT2727678.WeatherUnit", "C"); ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=nl", "zEXb2Fmcj/HVsqTQpIjULw=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=nl", "TW6pbvEhvglk5DM313wISg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=nl", "GAox/hnZ01AfFOF7PUvloQ=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=nl", "59UMFEXbxdbjS3gnY6/qrA=="); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=0", "634356118310000000"); user_pref("CommunityToolbar.ETag.http://settings.engine.conduit-services.com/?browser=FF&lut=3/13/2011 11:17:11 AM", "634356118310000000"); user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Jos\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\1r5t0w1p.default\\conduitCommon\\m user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); user_pref("ConduitEngine.AppTrackingLastCheckTime", "Wed Jul 27 2011 20:20:08 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.DialogsGetterLastCheckTime", "Wed Aug 10 2011 15:09:24 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.engineLocale", "nl"); user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Wed Aug 10 2011 15:09:24 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.FirstServerDate", "06/01/2011 17"); user_pref("ConduitEngine.FirstTime", true); user_pref("ConduitEngine.FirstTimeFF3", true); user_pref("ConduitEngine.globalFirstTimeInfoLastCheckTime", "Wed Aug 10 2011 15:09:24 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.HasUserGlobalKeys", true); user_pref("ConduitEngine.HideEngineAfterRestart", true); user_pref("ConduitEngine.initDone", true); user_pref("ConduitEngine.Initialize", true); user_pref("ConduitEngine.InitializeCommonPrefs", true); user_pref("ConduitEngine.InstalledDate", "Wed Jun 01 2011 16:27:38 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.isAppTrackingManagerOn", true); user_pref("ConduitEngine.IsMulticommunity", false); user_pref("ConduitEngine.IsOpenThankYouPage", false); user_pref("ConduitEngine.IsOpenUninstallPage", true); user_pref("ConduitEngine.LanguagePackLastCheckTime", "Wed Aug 10 2011 15:09:24 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.LastLogin_3.3.3.2", "Wed Aug 10 2011 15:09:20 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.PublisherContainerWidth", 0); user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); user_pref("ConduitEngine.SettingsLastCheckTime", "Wed Aug 10 2011 15:09:24 GMT+0200 (Romance (zomertijd))"); user_pref("ConduitEngine.UserID", "UN82285327179848526"); ---- Lines Search removed from prefs.js ---- user_pref("extensions.xpiState", "{\"app-global\":{\"{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}\":{\"d\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\ ---- Lines babsrc removed from prefs.js ---- user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://search.babylon.com/?babsrc=SP_ss&mntrId=b8f7c6d2000000000000c0cb382bfafd&tlver=1.4. ---- Lines ask.com removed from prefs.js ---- user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*"); ---- Lines quick_start removed from prefs.js ---- user_pref("browser.newtab.url", "chrome://quick_start/content/index.html"); user_pref("extensions.quick_start.enable_search1", false); user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false); ---- Lines istart removed from prefs.js ---- user_pref("browser.search.selectedEngine", "istartsurf"); user_pref("browser.startup.homepage", "http://www.istartsurf.com/?type=hp&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022"); ---- Lines CommunityToolbar removed from prefs.js ---- user_pref("CommunityToolbar.alert.alertDialogsGetterLastCheckTime", "Wed Jun 01 2011 16:27:35 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.alert.locale", "en"); user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); user_pref("CommunityToolbar.alert.loginLastCheckTime", "Wed Aug 10 2011 15:09:12 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1305622559"); user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); user_pref("CommunityToolbar.alert.showTrayIcon", false); user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); user_pref("CommunityToolbar.alert.userId", "79a96b08-d9a8-42d8-8bdb-b4daebcd2910"); user_pref("CommunityToolbar.EngineOwnerGuid", "{46735dee-f862-49d1-876d-6382794dc625}"); user_pref("CommunityToolbar.EngineOwnerToolbarId", "phpnukedu"); user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Wed Aug 10 2011 15:09:13 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.globalUserId", "313ba6c3-9014-4dd3-8385-845322b141cc"); user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); user_pref("CommunityToolbar.IsEngineShown", true); user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.5.0.12"); user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Wed Aug 10 2011 15:22:22 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.notifications.locale", "en"); user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Wed Aug 10 2011 15:22:21 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1305622559"); user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); user_pref("CommunityToolbar.notifications.showTrayIcon", false); user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); user_pref("CommunityToolbar.notifications.userId", "7917f548-c24f-400d-ab87-89e5d6ea4e5a"); user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{46735dee-f862-49d1-876d-6382794dc625}"); user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "phpnukedu"); user_pref("CommunityToolbar.twitter.user_16409683.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_16727535.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_18863815.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_19058681.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_19248106.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_19554706.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_19757371.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_428333.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_807095.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); user_pref("CommunityToolbar.twitter.user_813286.LastCheckTime", "Wed Aug 10 2011 15:10:18 GMT+0200 (Romance (zomertijd))"); ---- FireFox user.js and prefs.js backups ---- prefs_20150503_1225_.backup ProfilePath: C:\Users\Jos\AppData\Roaming\Thunderbird\Profiles\16glgmxf.default user.js not found ---- FireFox user.js and prefs.js backups ---- prefs_20150503_1225_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "YTDownloader"=- "SPDriver"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- ==== Registry Fix Code x64 ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@real.com/nsJSRealPlayerPlugin [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4a99-B4B6-146BF802613B}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{46735dee-f862-49d1-876d-6382794dc625}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95324e44-4b0a-47a9-8f77-9c6415e51c29}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}] [-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] ""=- "YTDownloader"=- "SPDriver"=- "ApnTBMon"=- "gmsd_be_76"=- ==== Deleting Files \ Folders ====================== C:\PROGRA~2\gmsd_be_76 not found C:\PROGRA~2\GUMF9B1.tmp not found C:\PROGRA~2\IncrediMail_MediaBar_Nederlands_2 not found C:\Program Files (x86)\gmsd_be_76 not found "C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\searchplugins\MyStart Search.xml" not found "C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\searchplugins\search-here.xml" not found C:\Users\chicco\AppData\Local\PriceMeter deleted C:\Program Files (x86)\ShopperPro deleted C:\Program Files\Common Files\ShopperPro deleted C:\Program Files\Reimage deleted C:\found.000 deleted C:\ProgramData\Reimage Protector deleted C:\ProgramData\AskPartnerNetwork deleted C:\Program Files (x86)\XTab deleted C:\ProgramData\WindowsMangerProtect deleted C:\Users\Jos\AppData\Roaming\istartsurf deleted C:\ProgramData\ShopperPro deleted C:\Windows\syswow64\appdata deleted C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\startup\superoptimizersetup.lnk deleted C:\Users\chicco\AppData\LocalLow\ConduitEngine deleted C:\Users\chicco\AppData\LocalLow\PHPNukeDU deleted C:\Users\Jos\AppData\LocalLow\Conduit deleted C:\Users\Jos\AppData\LocalLow\ConduitEngine deleted C:\PROGRA~2\Smart Driver Updater deleted C:\PROGRA~2\PriceGong deleted C:\PROGRA~2\PHPNukeDU deleted C:\PROGRA~2\BabylonToolbar deleted C:\PROGRA~2\WinMaximizer deleted C:\PROGRA~2\MyPC Backup deleted C:\PROGRA~2\Conduit deleted C:\PROGRA~2\ConduitEngine deleted C:\Program Files\Common Files\System\SysMenu.dll deleted C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\DriverScanner.lnk deleted C:\Users\Jos\AppData\Roaming\PC Speed Maximizer deleted C:\Users\Jos\AppData\Roaming\Smart PC Cleaner deleted C:\Users\Jos\AppData\Roaming\DefaultTab deleted C:\Users\Jos\AppData\Roaming\Smart Driver Updater deleted C:\Users\Jos\AppData\Roaming\OpenCandy deleted C:\PROGRA~3\APN deleted C:\PROGRA~3\WinMaximizer deleted C:\PROGRA~3\Browser deleted C:\PROGRA~3\PriceMeterLiveUpdate deleted C:\PROGRA~3\Package Cache deleted C:\Users\chicco\AppData\Local\gmsd_be_76 deleted C:\Users\chicco\AppData\Local\PriceMeterLiveUpdate deleted C:\Users\chicco\AppData\Local\AskPartnerNetwork deleted C:\Users\chicco\AppData\Local\Conduit deleted C:\Users\Jos\AppData\Local\gmsd_be_76 deleted C:\Users\Jos\AppData\Local\AskPartnerNetwork deleted C:\Users\Jos\AppData\Local\CrashRpt deleted C:\Users\Jos\AppData\Local\Conduit deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue\DriverScanner deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Speed Maximizer deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reimage Repair deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart PC Cleaner deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GAMESDESKTOP deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PepperZip deleted C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup deleted C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\DealPly deleted C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PepperZip deleted C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\YTDownloader deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk deleted C:\windows\SysNative\Tasks\avast! Emergency Update deleted C:\windows\SysNative\Tasks\pricemetertask deleted C:\windows\SysNative\Tasks\pricemeterwatcher deleted C:\rei deleted C:\Users\chicco\AppData\LocalLow\AskToolbar deleted C:\Users\chicco\AppData\LocalLow\BabylonToolbar deleted C:\Users\Gast\AppData\LocalLow\BabylonToolbar deleted C:\Users\Jos\AppData\LocalLow\AskToolbar deleted C:\Users\Jos\AppData\LocalLow\BabylonToolbar deleted C:\Users\Jos\AppData\LocalLow\IncrediMail_MediaBar_Nederlands_2 deleted C:\Users\Jos\AppData\LocalLow\PHPNukeDU deleted C:\Users\Jos\AppData\LocalLow\PriceGong deleted C:\Windows\Reimage.ini deleted C:\windows\SysNative\tasks\DriverScanner deleted C:\Windows\tasks\DriverScanner.job deleted C:\windows\SysNative\TASKS\Scheduled Update for Ask Toolbar deleted C:\windows\SysNative\tasks\ReimageUpdater deleted C:\windows\SysNative\tasks\YTDownloader deleted C:\windows\SysNative\tasks\YTDownloaderUpd deleted C:\windows\SysNative\tasks\SMupdate1 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Maintenance\SMupdate2 deleted C:\windows\SysNative\tasks\Microsoft\Windows\Multimedia\SMupdate3 deleted C:\windows\SysNative\tasks\Installer_cr deleted C:\windows\SysNative\tasks\DTReg deleted C:\Windows\SysNative\config\systemprofile\Searches deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\GPT.INI deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\ConduitEngine.tmp deleted C:\Windows\Syswow64\sho289.tmp deleted C:\Windows\Syswow64\sho67B2.tmp deleted C:\Windows\Syswow64\sho7544.tmp deleted C:\Windows\Syswow64\sho8824.tmp deleted C:\Windows\Syswow64\shoD395.tmp deleted C:\Windows\Syswow64\shoF3F5.tmp deleted C:\Windows\Syswow64\shoF6E5.tmp deleted C:\Windows\Syswow64\SafeAppRichList.ocx deleted C:\Windows\Syswow64\CUUpdateComponent.ocx deleted C:\Windows\Syswow64\ComputerUpdaterLM.ocx deleted C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\CT2102399 deleted C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\CT2727678 deleted C:\Users\Public\Desktop\PC Scan & Repair by Reimage.lnk deleted C:\Users\Public\Desktop\DriverScanner.lnk deleted C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE} deleted C:\Users\Jos\Desktop\YTDownloader.lnk deleted C:\Users\Jos\Desktop\Smart Driver Updater.lnk deleted C:\Users\Jos\Desktop\PepperZip.lnk deleted C:\Users\Jos\Desktop\Sync Folder.lnk deleted C:\Users\Jos\Desktop\Smart PC Cleaner.lnk deleted C:\Users\Jos\Desktop\PC Speed Maximizer.lnk deleted C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\conduit deleted C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\conduitCommon deleted C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default\ConduitEngine deleted "C:\Windows\Installer\434120a.msi" deleted "C:\Users\Jos\AppData\Roaming\Classic Thick" deleted "C:\Users\Jos\AppData\Roaming\Classical" deleted "C:\Users\Jos\AppData\Roaming\Clean Electric Guitar" deleted "C:\ProgramData\Cocoa" deleted "C:\ProgramData\ColorSync" deleted "C:\ProgramData\ColorTable" deleted "C:\ProgramData\Contents" deleted "C:\ProgramData\Core Data Application" deleted "C:\ProgramData\Dance" deleted "C:\Program Files\Common Files\System\SysMenu64.dll" deleted "C:\PROGRA~3\GveSCot\info.dat" not deleted "C:\PROGRA~3\GveSCot\oapjrYNkKn.dat" not deleted "C:\PROGRA~3\GveSCot\oapjrYNkKn.exe" deleted "C:\Program Files (x86)\YTDownloader\libeay32.dll" deleted "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" deleted "C:\ProgramData\GveSCot\info.dat" not deleted "C:\ProgramData\GveSCot\oapjrYNkKn.dat" not deleted "C:\ProgramData\GveSCot\oapjrYNkKn.exe" deleted "C:\PROGRA~3\{a11873b3-874d-2ecb-a118-873b3874cece}\400b6a2e2ec9025f" deleted "C:\PROGRA~3\{a11873b3-874d-2ecb-a118-873b3874cece}\8df6cc7b091de58b" deleted "C:\PROGRA~3\{a11873b3-874d-2ecb-a118-873b3874cece}\superoptimizersetup.exe" deleted "C:\PROGRA~2\Uniblue\DriverScanner\dsmonitor.exe" deleted "C:\PROGRA~2\PC Speed Maximizer\SPMReminder.exe" deleted "C:\PROGRA~2\YTDownloader\libeay32.dll" deleted "C:\PROGRA~2\YTDownloader\YTDownloader.exe" deleted "C:\PROGRA~2\Smart PC Cleaner\SPCReminder.exe" deleted "C:\PROGRA~3\GveSCot\dat\BFFWEASaKE.exe" not deleted "C:\PROGRA~3\GveSCot\dat\BFFWEASaKE.exe.config" not deleted "C:\PROGRA~3\GveSCot\dat\jttXchIOzIT.dll" not deleted "C:\PROGRA~3\GveSCot\dat\uGswygtLJKd.exe" not deleted "C:\PROGRA~3\GveSCot\dat\uGswygtLJKd.exe.config" not deleted "C:\PROGRA~3\GveSCot\dat\yZlrkX.dll" not deleted "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe" deleted "C:\ProgramData\GveSCot\dat\BFFWEASaKE.exe" not deleted "C:\ProgramData\GveSCot\dat\BFFWEASaKE.exe.config" not deleted "C:\ProgramData\GveSCot\dat\jttXchIOzIT.dll" not deleted "C:\ProgramData\GveSCot\dat\uGswygtLJKd.exe" not deleted "C:\ProgramData\GveSCot\dat\uGswygtLJKd.exe.config" not deleted "C:\ProgramData\GveSCot\dat\yZlrkX.dll" not deleted "C:\PROGRA~2\PepperZip\shell\PPZShellExtension_x64.dll" deleted "C:\PROGRA~2\Ask.com\Updater\Updater.exe" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" deleted "C:\Users\Jos\AppData\Roaming\Uniblue\DriverScanner\monitor.log" deleted "C:\Users\Jos\AppData\Local\Installer\Installcr_19515\DCytdiegut_gutdc_setup.exe" deleted "C:\PROGRA~3\GveSCot" not deleted "C:\Program Files (x86)\Ask.com" deleted "C:\Program Files (x86)\AskPartnerNetwork" deleted "C:\Program Files\McAfee Security Scan" not deleted "C:\Program Files (x86)\YTDownloader" deleted "C:\ProgramData\GveSCot" not deleted "C:\PROGRA~3\{a11873b3-874d-2ecb-a118-873b3874cece}" deleted "C:\PROGRA~2\Uniblue\DriverScanner" deleted "C:\PROGRA~2\PC Speed Maximizer" deleted "C:\PROGRA~2\YTDownloader" deleted "C:\PROGRA~2\Smart PC Cleaner" deleted "C:\PROGRA~2\PepperZip" not deleted "C:\PROGRA~2\Ask.com" deleted "C:\PROGRA~2\AskPartnerNetwork" deleted "C:\Users\Jos\AppData\Roaming\Uniblue" deleted "C:\Users\Jos\AppData\Local\Installer" not deleted "C:\PROGRA~3\GveSCot\dat" not deleted "C:\Program Files (x86)\Ask.com\Updater" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar" deleted "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Program Files\McAfee Security Scan\3.8.150" not deleted "C:\ProgramData\GveSCot\dat" not deleted "C:\PROGRA~2\PepperZip\shell" not deleted "C:\PROGRA~2\Ask.com\Updater" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar" deleted "C:\PROGRA~2\AskPartnerNetwork\Toolbar\Updater" deleted "C:\Users\Jos\AppData\Roaming\Uniblue\DriverScanner" deleted "C:\Users\Jos\AppData\Local\Installer\Installcr_19515" not deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 2934 MB CPU Info: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz CPU Speed: 2322,9 MHz Sound Card: Luidsprekers (Realtek High Defi | Display Adapters: Intel(R) HD Graphics | Intel(R) HD Graphics | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Broadcom 4313 (802.11b/g/n) CD / DVD Drives: 1x (E: | ) E: hp DVD RW AD-7701H Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 5 Button Wheel Mouse Present Hard Disks: C: 280,5GB | D: 17,3GB Hard Disks - Free: C: 151,3GB | D: 2,5GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 09/06/10 | HPQOEM - 1 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 1439 Country: Belgi‰ Language: NLB ==== System Specs (Software) ====================== Anti-Virus: Norton Internet Security On-access scanning disabled (Outdated) Anti-Virus: avast! Antivirus On-access scanning disabled (Outdated) Anti-Spyware: Windows Defender disabled (Outdated) Anti-Spyware: avast! Antivirus disabled (Outdated) Anti-Spyware: Norton Internet Security disabled (Outdated) Firewall: Norton Internet Security disabled Internet Explorer Version: 11.0.9600.17239 Mozilla Firefox version: 4.0.1 (x86 nl) Google Chrome version: 40.0.2214.115 Adobe Reader version: 9.5.5.316 Sun Java version: 1.7.0_07 (32-bit) Sun Java version: 1.6.0_20 (64-bit) Flash Player version: 16.0.0.305 Shockwave Player version: 11.5.7r609 ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2015-02-24 11:39:51 B55A7622CBB450F76A1147EBD5877DBF 518095420 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\Jos\AppData\Local\Temp ==== 2015-02-28 20:23:47 8AE1D9232F12B20487A498586A170ADE 295912 ----a-w- C:\Users\Jos\AppData\Local\Temp\ReiSysUpdate.exe 2015-02-28 20:23:33 91C7169A5107E74E753A7C31E148E42F 13360792 ----a-w- C:\Users\Jos\AppData\Local\Temp\ReimagePackage.exe 2015-02-25 14:52:44 742D782C6A5167A68B8937C3EB50895D 209312 ----a-w- C:\Users\Jos\AppData\Local\Temp\Install_1706\ins_iwebar.exe 2015-02-25 14:51:32 BF38660A9125935658CFA3E53FDC7D65 773968 ------w- C:\Users\Jos\AppData\Local\Temp\~rnsetu0\GEMSETUP\msvcr100.dll 2015-02-25 14:51:20 F4E44EF9F8ACD01DEE2EE3D2882A54A8 21576 ------w- C:\Users\Jos\AppData\Local\Temp\~rnsetu0\GEMSETUP\pnrs3260.dll 2015-02-25 14:37:49 856872FE63B73CBC3A8B6299302BC11A 150096 ----a-w- C:\Users\Jos\AppData\Local\Temp\lowproc.exe 2015-02-25 14:37:49 7EC6C8E88BECD3C40AE35AAD1DF6EB0A 90624 ----a-w- C:\Users\Jos\AppData\Local\Temp\stubhelper.dll 2015-02-19 21:13:41 266CC6250B64E4EA388FF351226F812E 11018536 ----a-w- C:\Users\Jos\AppData\Local\Temp\Install_4731\ins_cr.exe 2015-02-19 21:13:40 3D38A48B1509CAAA82222B262A876516 7240716 ----a-w- C:\Users\Jos\AppData\Local\Temp\Install_4731\ins_ytd.exe 2015-02-19 21:13:13 7945F1044656B39232F78C0068DD6327 5478976 ----a-w- C:\Users\Jos\AppData\Local\Temp\supoptsetup.exe 2015-02-19 21:13:07 4EF6DBC0FF6CB0C8C89054CCA438B430 4683155 ----a-w- C:\Users\Jos\AppData\Local\Temp\Install_4731\ins_shopperpro.exe 2015-02-19 21:12:50 BCBA8747AB53932F8613C006444078E9 297672 ----a-w- C:\Users\Jos\AppData\Local\Temp\BackupSetup.exe 2015-02-19 21:12:49 A7E5834FCD3910C6DAA4786C5A04E58C 5838864 ----a-w- C:\Users\Jos\AppData\Local\Temp\528ca665-ed3d-48a5-8285-700f8704ca5d\superoptimizersetup.exe 2015-02-19 21:12:48 AF37247590F4E4B8A8A214A091EA6067 73816 ----a-w- C:\Users\Jos\AppData\Local\Temp\7a796e18-2c14-47e1-b7cb-7f9a913cf7a9\cloud_backup_setup.exe 2015-02-19 21:12:48 A9CAC5FB0F8B62759D4CCAFC1A44B63F 1489555 ----a-w- C:\Users\Jos\AppData\Local\Temp\bc41d827-8ed9-4796-ae1a-74d4d2c787aa\ytdiegut_gutdc_setup.exe 2015-02-19 21:12:46 D67D3058EC11297CC4C078911FF3D05A 2371834 ----a-w- C:\Users\Jos\AppData\Local\Temp\7e680085-95e1-4daf-8ddd-bf27e330082c\setup.exe ====== Java Cache ===== ====== C:\Windows\SysWOW64 ===== ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2015-03-03 19:02:55 8F150396443D1AEAB0DB4BB2C53345CF 140560 ----a-w- C:\Windows\Sysnative\ScanResults.xml 2015-03-03 18:56:51 406E76BE63C65E0BF4B263156320254E 464 ----a-w- C:\Windows\Sysnative\ScannerSettings ====== C:\Windows\Sysnative\drivers ===== 2015-03-03 18:08:30 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\Sysnative\drivers\MBAMSwissArmy.sys 2015-03-03 18:07:58 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\Sysnative\drivers\mbam.sys 2015-03-03 18:07:58 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\Sysnative\drivers\mwac.sys 2015-03-03 18:07:58 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\Sysnative\drivers\mbamchameleon.sys ====== C:\Windows\Tasks ====== 2015-03-05 09:55:44 B9E1A259DC1BA296015066BE8547BA28 3530 ----a-w- C:\Windows\Sysnative\Tasks\Inst_Rep 2015-02-25 15:20:36 CDCE2DC33588AA0E8E6BD5490782A12D 3206 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1003 2015-02-25 15:20:36 81E4143271BF5A893EE08C45960CF6F5 3338 ----a-w- C:\Windows\Sysnative\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1003 2015-02-25 14:55:41 951079CB9FA0E53D22778F7E892DCD8D 3416 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloader Update Check 2015-02-25 14:54:06 4EFB969837AC15A66F25A0868A0B5BEA 3216 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1001 2015-02-25 14:54:05 A3E5ADFB93F996770DDE44C50A35D4FF 3354 ----a-w- C:\Windows\Sysnative\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1001 ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2015-03-03 10:16:03 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2015-03-02 18:57:47 -------- d-----w- C:\PROGRA~2\speed browser 2015-02-25 14:53:08 -------- d-----w- C:\PROGRA~2\RealNetworks 2015-02-19 21:13:34 -------- d-----w- C:\PROGRA~2\Super Optimizer 2015-02-19 21:13:33 -------- d-----w- C:\PROGRA~2\PepperZip ======= C: ===== 2015-02-19 21:12:15 7155B224B88BEBDABFB9D8EFC083D6F2 280178 ----a-w- C:\logFile.txt ====== C:\Users\Jos\AppData\Roaming ====== 2015-03-05 09:50:57 -------- d-----w- C:\Users\Jos\AppData\Local\BrowserHelper 2015-03-02 19:09:42 -------- d-sh--w- C:\Users\Jos\AppData\Local\EmieUserList 2015-03-02 19:09:42 -------- d-sh--w- C:\Users\Jos\AppData\Local\EmieSiteList 2015-03-02 18:58:50 -------- d-----w- C:\Windows\sysWoW64\config\systemprofile\AppData\Local\speed browser 2015-03-02 18:58:50 -------- d-----w- C:\Users\Jos\AppData\Local\speed browser 2015-03-02 18:58:50 -------- d-----w- C:\Users\Gast\AppData\Local\speed browser 2015-03-02 18:58:49 -------- d-----w- C:\Users\chicco\AppData\Local\speed browser 2015-02-25 19:31:35 -------- d-----w- C:\Users\Default\AppData\Roaming\Adobe 2015-02-25 19:31:35 -------- d-----w- C:\Users\Default\AppData\Local\Adobe 2015-02-25 19:31:35 -------- d-----w- C:\Users\Default User\AppData\Roaming\Adobe 2015-02-25 19:31:35 -------- d-----w- C:\Users\Default User\AppData\Local\Adobe 2015-02-25 15:18:02 DB3D71005B9ED2A3FF6FA5797EA1B9ED 116624 ----a-w- C:\Windows\SysNative\config\systemprofile\AppData\Local\GDIPFONTCACHEV1.DAT 2015-02-25 15:01:08 -------- d-----w- C:\Users\chicco\AppData\Roaming\RealNetworks 2015-02-25 14:53:32 -------- d-----w- C:\Users\Jos\AppData\Roaming\RealNetworks 2015-02-19 21:23:46 -------- d-----w- C:\Users\chicco\AppData\Local\MovieWizard 2015-02-19 21:15:16 -------- d-----w- C:\Users\chicco\AppData\Local\BrowserHelper 2015-02-19 21:13:03 -------- d-----w- C:\Users\Jos\AppData\Local\Installer 2015-02-19 21:13:02 -------- d-----w- C:\Users\Jos\AppData\Local\Programs ====== C:\Users\Jos ====== 2015-03-03 18:05:36 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\chicco\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-03 10:14:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\chicco\Downloads\RSITx64.exe 2015-03-02 18:58:35 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser 2015-02-28 20:33:41 C775C588F8E97CEC77C6D37F47678EED 1011948 ----a-w- C:\Users\chicco\Downloads\yet_another_cleaner_mat_setup_152743.exe 2015-02-28 20:22:34 1FC5FD429D95C97074D04B84EB6F6939 781104 ----a-w- C:\Users\chicco\Downloads\ReimageRepair(1).exe 2015-02-25 15:37:26 0FD7F98C1BFEE46EC6203AE44B5870D4 1034036 ----a-w- C:\Users\chicco\Downloads\install_flashplayer16x32_mssa_aaa_aih.exe 2015-02-25 15:33:37 B80F304FB8917E453B64245AD0F53EEE 775264 ----a-w- C:\Users\chicco\Downloads\ReimageRepair.exe 2015-02-25 14:53:08 -------- d-----w- C:\ProgramData\RealNetworks 2015-02-25 14:52:12 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks 2015-02-25 14:34:34 -------- d-----w- C:\ProgramData\Video Accelerator 2015-02-19 21:13:59 -------- d-----w- C:\ProgramData\GveSCot 2015-02-19 21:13:44 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer ====== C: exe-files == 2015-03-03 18:05:36 3BD59D6C407AB1F6DDD7C5D9BD727469 20447072 ----a-w- C:\Users\chicco\Downloads\mbam-setup-2.0.4.1028.exe 2015-03-03 10:16:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Jos.exe 2015-03-03 10:14:54 8045ABB21A3BDD66A48E1ED5C0F0EF6A 1222144 ----a-w- C:\Users\chicco\Downloads\RSITx64.exe 2015-03-03 09:20:28 B1E633FB7C012325ADDC04659FD7BBE9 49648 ----a-w- C:\ProgramData\GveSCot\dat\uGswygtLJKd.exe 2015-03-03 09:20:28 5CC216B55B48DD71D93EFD1AAD8F1CEE 48112 ----a-w- C:\ProgramData\GveSCot\dat\BFFWEASaKE.exe 2015-02-28 20:33:41 C775C588F8E97CEC77C6D37F47678EED 1011948 ----a-w- C:\Users\chicco\Downloads\yet_another_cleaner_mat_setup_152743.exe 2015-02-28 20:22:34 1FC5FD429D95C97074D04B84EB6F6939 781104 ----a-w- C:\Users\chicco\Downloads\ReimageRepair(1).exe === C: other files == 2015-03-03 18:08:30 26C43960C99EE861A5D0EDC4DCF3B1C3 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys 2015-03-03 18:07:58 CA43F8904E24BBE49982E4C0B29E6579 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys 2015-03-03 18:07:58 A646C2DDB8C46E9B20A326FAF566646C 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys 2015-03-03 18:07:58 478CC94C937D235CB0A96AB8F2359D81 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2236943292-2479982780-3799568378-1001\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" "Smart PC Cleaner"="C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe" "DriverScanner"="C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe delay 20000 " "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe" "Super Optimizer"="C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe" [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:http://go.microsoft.com/fwlink/?LinkID=122915 /build:7601" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IAStorIcon"="C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "Norton Online Backup"="C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" "Easybits Recovery"="C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe" "ApnUpdater"="C:\Program Files (x86)\Ask.com\Updater\Updater.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "HFALoader"="C:\Program Files (x86)\HamsterSoft\Free ZIP Archiver\Hamster.Archiver.UI.exe -loader" "APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" "QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime" "Nikon Message Center 2"="C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "ArcSoft Connection Service"="C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe" "AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui" "TkBellExe"="c:\program files (x86)\real\realplayer\Update\realsched.exe -osboot" "RealDownloader"="C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "HPAdvisorDock"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe" "LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun" "MyTomTomSA.exe"="C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" "Smart PC Cleaner"="C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe" "DriverScanner"="C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe delay 20000 " "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "Smart Driver Updater"="C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe" "Super Optimizer"="C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s" "HPWirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " ==== Startup Folders ====================== 2015-02-25 14:52:24 1252 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [07/02/2015 16:55] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/10/2014 21:15] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/10/2014 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\Inst_Rep" [C:\Users\Jos\AppData\Local\Installer\Install_18809\DCytdiegut_gutdc_setup.exe] "C:\Windows\SysNative\tasks\RealDownloader Update Check" [C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1001" [C:\Program Files (x86)\RealNetworks\RealDownloader\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeLogonTaskS-1-5-21-2236943292-2479982780-3799568378-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1001" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RealUpgradeScheduledTaskS-1-5-21-2236943292-2479982780-3799568378-1003" [C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe] "C:\Windows\SysNative\tasks\RecoveryCDWin7" ["C:\Program Files (x86)\Hewlett-Packard\HP Setup\RemEngine.exe"] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{4D8FAC16-9C5D-4BB1-9020-C33502CCB205}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\User_Feed_Synchronization-{76D8FAE1-E6AE-44C7-9C5D-83957C10BE86}" [C:\Windows\system32\msfeedssync.exe] "C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\chicco\AppData\Roaming\Mozilla\Firefox\Profiles\7m2qk5rk.default-1424184591928 user_pref("browser.startup.homepage", "www.google.be/?gws_rd=ssl"); ProfilePath: C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default user_pref("browser.search.defaulturl", "https://www.google.com/search/?trackid=sp-006"); user_pref("browser.search.defaultengine", "Google (avast)"); user_pref("keyword.URL", "https://www.google.com/search/?trackid=sp-006"); ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "{338950EA-82DB-44C1-930D-0C28E023C9F0}"="C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext" [25/02/2015 15:53] ==== Firefox Extensions ====================== ProfilePath: C:\Users\chicco\AppData\Roaming\Mozilla\Firefox\Profiles\7m2qk5rk.default-1424184591928 - RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext - Undetermined - {338950EA-82DB-44C1-930D-0C28E023C9F0} ProfilePath: C:\Users\chicco\AppData\Roaming\TomTom\HOME\Profiles\xsczw2sg.default - Map status indicator - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com - TomTom HOME default theme - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\baseTheme@tomtom.com - Carminat TomTom - %ProfilePath%\extensions\RenaultTheme@tomtom.com ProfilePath: C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default - Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF - Undetermined - wrc@avast.com AppDir: C:\Program Files (x86)\Mozilla Firefox - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Skype Click to Call - %AppDir%\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\Jos\AppData\Roaming\Mozilla\Firefox\Profiles\1r5t0w1p.default C62322C77D1AAB77B1CF1130FCC3673A - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll - Shockwave Flash 252949179FE1C491B7D16A9AA376B29B - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealPlayer Video Downloader for HTML5 (32-bit) 96C406EC877EB23BB753E59B776C6BC7 - C:\Windows\SysWOW64\npDeployJava1.dll - Java Deployment Toolkit 7.0.70.10 530A06C01452EB3E776397ECAA4DBB42 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll - RealNetworks(tm) RealPlayer Chrome Background Extension Plug-In (32-bit) 3ED1D8A73CFAD9D68085C5279B0B72C0 - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll - RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) 31DA97B4682187C6639BBE2215814FDA - C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System ==== Chromium Look ====================== Google Chrome Version: 40.0.2214.115 (Up to date, latest Stable version: 40.0.2214.115) HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaadgepjkdffhjbkfjgnnffnfcffbg - C:\ProgramData\AskPartnerNetwork\Toolbar\Shared\CRX\aaaaadgepjkdffhjbkfjgnnffnfcffbg.crx[] bopakagnckmlgajfccecajhnimjiiedh - No path found[] gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[24/11/2014 19:15] lifbcibllhkdhoafpjfnlhfpfgnpldfl - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx[14/07/2014 17:22] MSS+ Extension - chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bopakagnckmlgajfccecajhnimjiiedh RealPlayer HTML5Video Downloader Extension - chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk Google Wallet - chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Avast Online Security - Jos\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Skype Click to Call - Jos\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl Google Wallet - Jos\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Google Docs - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf PriceGong - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok YouTube - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Babylon Translator - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb RealPlayer HTML5Video Downloader Extension - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk DefaultTab - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc Google Wallet - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Chromium Startpages ====================== C:\Users\chicco\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "startup_urls": [ "http://www.google.com" ], C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Preferences "homepage": "http://www.google.com", "urls_to_restore_on_startup": [ "http://www.google.com" ] ==== Chromium Fix ====================== C:\Users\chicco\AppData\Local\speed browser\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage deleted successfully C:\Users\chicco\AppData\Local\speed browser\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal deleted successfully C:\Users\chicco\AppData\Local\speed browser\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage deleted successfully C:\Users\chicco\AppData\Local\speed browser\User Data\Default\Local Storage\https_inst.shoppingate.info_0.localstorage-journal deleted successfully C:\Users\chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhkplhfnhceodhffomolpfigojocbpcb deleted successfully C:\Users\Jos\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dhkplhfnhceodhffomolpfigojocbpcb_0.localstorage deleted successfully C:\Users\chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully C:\Users\chicco\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Start Page"="https://www.google.com/?trackid=sp-006" "Search Page"="https://www.google.com/search?trackid=sp-006&q={searchTerms}" "Search Bar"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b8f7c6d2000000000000c0cb382bfafd&tlver=1.4.19.19&affID=18606" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=b8f7c6d2000000000000c0cb382bfafd&tlver=1.4.19.19&affID=18606" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="https://www.google.com/?trackid=sp-006" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Search] "SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{E9410C70-B6AE-41FF-AB71-32F4B279EA5F}" {012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}" {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== shortcuts on Users Desktops ====================== C:\Users\chicco\Desktop\FrostWire 4.21.5.lnk - C:\Program Files (x86)\FrostWire\FrostWire.exe C:\Users\chicco\Desktop\PepperZip.lnk - C:\Program Files (x86)\PepperZip\PepperZip.exe C:\Users\chicco\Desktop\Popcorn Time.lnk - C:\Users\chicco\AppData\Local\Popcorn Time\node-webkit\Popcorn Time.exe . C:\Users\Gast\Desktop\PepperZip.lnk - C:\Program Files (x86)\PepperZip\PepperZip.exe C:\Users\Jos\Desktop\FrostWire 4.21.7.lnk - C:\Program Files (x86)\FrostWire\FrostWire.exe C:\Users\Jos\Desktop\FrostWire 5.1.4.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe C:\Users\Jos\Desktop\Hamster Free ZIP Archiver.lnk - C:\Program Files (x86)\HamsterSoft\Free ZIP Archiver\Hamster.Archiver.UI.exe C:\Users\Jos\Desktop\Super Optimizer.lnk - C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\Adobe Reader 9.lnk - C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe C:\Users\Public\Desktop\ArcSoft ShowBiz.lnk - C:\Program Files (x86)\ArcSoft\TotalMedia ShowBiz\TMShowBiz.exe C:\Users\Public\Desktop\Avast Free Antivirus.lnk - C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Public\Desktop\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe http://redirect.hp.com/svs/rdr?TYPE=4&tp=dticon&s=ebay&pf=cnnb&locale=nl_be&bd=all&c=104 C:\Users\Public\Desktop\eID Viewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eID Viewer.exe C:\Users\Public\Desktop\EPSON File Manager.lnk - C:\Program Files (x86)\epson\Creativity Suite\File Manager\EFileManager.exe C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe C:\Users\Public\Desktop\EPSON Stylus SX200_SX400_TX200_TX400 Handboek.lnk - C:\Program Files (x86)\epson\TPMANUAL\ES_SX_TX\NLD\USE_G\INDEX.HTM C:\Users\Public\Desktop\Free Offers.lnk - C:\Program Files (x86)\Real\RealPlayer\freeoffers.rnx C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Users\Public\Desktop\HP Support Assistant.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe C:\Users\Public\Desktop\Internetbrowser selecteren.lnk - C:\Windows\System32\browserchoice.exe /launch C:\Users\Public\Desktop\Magic Desktop.lnk - C:\Program Files (x86)\EasyBits For Kids\ezSecShield.exe C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Users\Public\Desktop\McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.150\McUICnt.exe SecurityScanner.dll C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\Users\Public\Desktop\MusicStation.lnk - C:\Program Files (x86)\MusicStation\MusicStation.exe C:\Users\Public\Desktop\Nitro PDF Reader.lnk - C:\Program Files (x86)\Nitro PDF\Reader\NitroPDFReader.exe C:\Users\Public\Desktop\Norton Internet Security.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS\A5E82D02\18.0.0.128\InstStub.exe /FORCECONFIG C:\Users\Public\Desktop\Panorama Maker 6.lnk - C:\Program Files (x86)\ArcSoft\Panorama Maker 6\PMK.exe C:\Users\Public\Desktop\Play HP Games.lnk - C:\Program Files (x86)\HP Games\onplay\onplay.exe "C:\Program Files (x86)\HP Games\HP Game Console\GameConsole-wt.exe" /src desktopoem C:\Users\Public\Desktop\QuickTime Player.lnk - C:\Program Files (x86)\QuickTime\QuickTimePlayer.exe C:\Users\Public\Desktop\RealPlayer Cloud.lnk - C:\program files (x86)\real\realplayer\RealPlay.exe /launch:desktop C:\Users\Public\Desktop\RealPlayer.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:desktop C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}\SkypeIcon.exe C:\Users\Public\Desktop\speed browser.lnk - C:\Program Files (x86)\speed browser\Application\browser.exe C:\Users\Public\Desktop\ViewNX 2.lnk - C:\Program Files (x86)\Nikon\ViewNX 2\ViewNX 2\ViewNX2.exe C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Users Start Menu ====================== C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Verwijder Malwarebytes Anti-Malware.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware\Tools\Malwarebytes Anti-Malware Chameleon.lnk - C:\Program Files (x86)\Malwarebytes Anti-Malware\Chameleon\Windows\chameleon.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Cloud.lnk - C:\Program Files (x86)\Real\RealPlayer\realplay.exe /launch:start_menu C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Converter.lnk - C:\Program Files (x86)\Real\RealPlayer\realconverter.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Downloader.lnk - C:\Windows\Installer\{6FCD4D5A-20B9-4D79-ABA5-4E7048944025}\recordingmanager.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RealNetworks\RealPlayer Trimmer.lnk - C:\Program Files (x86)\Real\RealPlayer\realtrimmer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\speed browser\speed browser.lnk - C:\Program Files (x86)\speed browser\Application\browser.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Help.lnk - C:\Program Files (x86)\Super Optimizer\SuperOptimizer.chm C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer op het Web.lnk - C:\Program Files (x86)\Super Optimizer\HomePage.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Super Optimizer.lnk - C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Updates controleren.lnk - C:\Program Files (x86)\Super Optimizer\SuperOptimizer.exe /checkupdate C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer\Verwijder Super Optimizer.lnk - C:\Program Files (x86)\Super Optimizer\unins000.exe /VERYSILENT C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player - reset preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe ==== shortcuts in Quick Launch ====================== C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.5.lnk - C:\Program Files (x86)\FrostWire\FrostWire.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\speed browser.lnk - C:\Program Files (x86)\speed browser\Application\browser.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\5d696d521de238c3\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --profile-directory=Default C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\chicco\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Gast\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 4.21.7.lnk - C:\Program Files (x86)\FrostWire\FrostWire.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\FrostWire 5.1.4.lnk - C:\Program Files (x86)\FrostWire 5\FrostWire.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HPAdvisor.lnk - C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istartsurf.com/?type=sc&ts=1424380404&from=tugs&uid=WDCXWD3200BEKT-60KA9T0_WD-WX41A708302283022 C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1 ==== shortcuts After Repair ====================== C:\Users\Public\Desktop\Bezoek eBay.be.lnk - C:\Program Files (x86)\Hewlett-Packard\Shared\WizLink.exe C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Jos\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe C:\Users\Jos\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\C4145425D2130535007A7A857BC09110 deleted successfully HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully HKEY_CURRENT_USER\Software\Policies\Google deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaadgepjkdffhjbkfjgnnffnfcffbg deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Repair deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{5245414C-312D-5350-00A7-A758B70C1901} deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\YTDownloader deleted successfully HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PepperZip deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Installer\Products\C4145425D2130535007A7A857BC09110 deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe O4 - HKLM\..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files (x86)\Ask.com\Updater\Updater.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [HFALoader] C:\Program Files (x86)\HamsterSoft\Free ZIP Archiver\Hamster.Archiver.UI.exe -loader O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe -s O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui O4 - HKLM\..\Run: [TkBellExe] "c:\program files (x86)\real\realplayer\Update\realsched.exe" -osboot O4 - HKLM\..\Run: [RealDownloader] C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe O4 - HKCU\..\Run: [HPAdvisorDock] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [MyTomTomSA.exe] "C:\Program Files (x86)\MyTomTom 3\MyTomTomSA.exe" O4 - HKCU\..\Run: [Smart PC Cleaner] C:\Program Files (x86)\Smart PC Cleaner\SPCLauncher.exe O4 - HKCU\..\Run: [DriverScanner] "C:\Program Files (x86)\Uniblue\DriverScanner\launcher.exe" delay 20000 O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [Smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe O4 - HKCU\..\Run: [Super Optimizer] C:\Program Files (x86)\Super Optimizer\SupOptLauncher.exe O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Global Startup: RealPlayer Cloud Service UI.lnk = C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype Click to Call settings - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing) O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: AvastVBox COM Service (AvastVBoxSvc) - Avast Software - C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: EPSON V5 Service4(01) (EPSON_EB_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE O23 - Service: EPSON V3 Service4(01) (EPSON_PM_RPCV4_01) - SEIKO EPSON CORPORATION - C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE O23 - Service: Easybits Services for Windows (ezSharedSvc) - EasyBits Software AS - C:\Windows\System32\ezSharedSvcHost.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files (x86)\HP Games\HP Game Console\GameConsoleService.exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe O23 - Service: HP Wireless Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HPWMISVC - Unknown owner - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe O23 - Service: NitroPDFReaderDriverCreatorReadSpool (NitroReaderDriverReadSpool) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\1.0\NitroPDFReaderDriverServicex64.exe O23 - Service: Norton Online Backup (NOBU) - Symantec Corporation - C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: RealNetworks Downloader Resolver Service - Unknown owner - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe O23 - Service: RealPlayer Cloud Service - RealNetworks, Inc. - c:\program files (x86)\real\realplayer\RPDS\Bin\rpdsvc.exe O23 - Service: RealPlayer Update Service (RealPlayerUpdateSvc) - Unknown owner - C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: RtVOsdService Installer (RtVOsdService) - Realtek Semiconductor Corp. - C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\chicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\chicco\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\chicco\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Jos\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Jos\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\chicco\AppData\Local\Mozilla\Firefox\Profiles\7m2qk5rk.default-1424184591928\cache2 emptied successfully C:\Users\Jos\AppData\Local\Mozilla\Firefox\Profiles\1r5t0w1p.default\cache2 emptied successfully ==== Empty Chrome Cache ====================== C:\Users\chicco\AppData\Local\speed browser\User Data\Default\Cache emptied successfully C:\Users\Jos\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache is not empty, a reboot is needed ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=1651 folders=551 488160756 bytes) ==== Empty Temp Folders ====================== C:\Users\chicco\AppData\Local\Temp emptied successfully C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Gast\AppData\Local\Temp emptied successfully C:\Users\Jos\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Jos\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\PROGRA~3\GveSCot\info.dat" not found "C:\PROGRA~3\GveSCot\oapjrYNkKn.dat" not found "C:\ProgramData\GveSCot\info.dat" not found "C:\ProgramData\GveSCot\oapjrYNkKn.dat" not found "C:\PROGRA~3\GveSCot\dat\BFFWEASaKE.exe" not found "C:\PROGRA~3\GveSCot\dat\BFFWEASaKE.exe.config" not found "C:\PROGRA~3\GveSCot\dat\jttXchIOzIT.dll" not found "C:\PROGRA~3\GveSCot\dat\uGswygtLJKd.exe" not found "C:\PROGRA~3\GveSCot\dat\uGswygtLJKd.exe.config" not found "C:\PROGRA~3\GveSCot\dat\yZlrkX.dll" not found "C:\ProgramData\GveSCot\dat\BFFWEASaKE.exe" not found "C:\ProgramData\GveSCot\dat\BFFWEASaKE.exe.config" not found "C:\ProgramData\GveSCot\dat\jttXchIOzIT.dll" not found "C:\ProgramData\GveSCot\dat\uGswygtLJKd.exe" not found "C:\ProgramData\GveSCot\dat\uGswygtLJKd.exe.config" not found "C:\ProgramData\GveSCot\dat\yZlrkX.dll" not found "C:\PROGRA~3\GveSCot" not found "C:\Program Files\McAfee Security Scan" not found "C:\ProgramData\GveSCot" not found "C:\PROGRA~2\PepperZip" not found "C:\Users\Jos\AppData\Local\Installer" not found "C:\Users\chicco\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VPXR28E2\static.muzu.tv" not found "C:\Users\chicco\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\VPXR28E2\www.hubo.be" not found "C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp\Low" not deleted ==== EOF on do 05/03/2015 at 13:13:41,76 ======================