text enhance

[Gast arv]

Wie o wie kan mij helpen om het virus text enhance te verwijderen.

Ik heb allemaal gekreurde, onderstreepte woorden in de teksten.

[Gast arv]

dit is mijn blogje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:02:37, on 7-2-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16457)

Boot mode: Normal

Running processes:

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe

C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\abDevDet.exe

C:\Program Files\Activ Software\Activdriver\activmgr.exe

C:\Program Files\Norman\Nvc\Bin\cclaw.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_146_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = iGoogle Redirect

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = nu.nl | Het laatste nieuws het eerst op nu.nl

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.sweetim.com/?crg=3.1010000.10011&barid={B637CAD0-1B8B-11E2-919C-002511445D71}

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: DataMngr - {9D717F81-9148-4f12-8568-69135F087DB0} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll

O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O4 - HKLM\..\Run: [Packard Bell Photo Frame] "C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe" -A

O4 - HKLM\..\Run: [Norman ZANDA] "C:\Program Files\Norman\Npm\Bin\ZLH.EXE" /LOAD /SPLASH

O4 - HKLM\..\Run: [sSBkgdUpdate] "C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM\..\Run: [PaperPort PTD] "C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM\..\Run: [indexSearch] "C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM\..\Run: [PPort11reminder] "C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE

O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej

O4 - HKLM\..\Run: [sweetIM] C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020

O4 - HKCU\..\Run: [smpcSys] C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe

O4 - HKCU\..\Run: [msnmsgr] ~"C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Packard Bell Auto Backup] "C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe" /run

O4 - HKCU\..\Run: [RockMelt Update] "C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe" /c

O4 - HKCU\..\Run: [bitTorrent] "C:\Program Files (x86)\BitTorrent\bittorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: Application Updater - Unknown owner - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)

O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 18245 bytes

[juisterr]

Momentje ik ga even kijken voor je.

- - - Updated - - -

Uitvoeren als administrator.

Start HijackThis op en klik op scan.

Selecteer alleen de items die hieronder zijn genoemd:

R3 - URLSearchHook: (no name) - {2d8d9acc-f6d7-4362-8876-a275ca929591} - (no file)

R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

O2 - BHO: script helper for ie - {00cbb66b-1d3b-46d3-9577-323a336acb50} - C:\Program Files (x86)\BrowserCompanion\jsloader.dll

O2 - BHO: Web Assistant Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\Web Assistant\Extension32.dll

O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

O2 - BHO: Update Timer - {963B125B-8B21-49A2-A3A8-E37092276531} - C:\Program Files (x86)\BrowserCompanion\updatebhoWin32.dll

O2 - BHO: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O2 - BHO: Yontoo Layers - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll

O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll

O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVD0.dll

O3 - Toolbar: Searchqu Toolbar - {99079a25-328f-4bd4-be04-00955acaa0a7} - C:\PROGRA~2\SEARCH~1\Datamngr\ToolBar\searchqudtx.dll

O3 - Toolbar: SweetPacks Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll

O4 - HKLM\..\Run: [browser companion helper] C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll

O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

O23 - Service: Application Updater - Unknown owner - C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe (file missing)

O23 - Service: Web Assistant Updater - Unknown owner - C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

O23 - Service: WebOptimizer - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

Sluit alle vensters behalve HijackThis

Klik op 'Fix checked' om de items te verwijderen.

[juisterr]

Hallo, we gaan de volgende tool inzetten. zoek.exe ®by smeenk

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  startupall;
  filesrcm;
  emptyclsid;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Standaard Search
    
  • Auto Clean
    
  • Running processes
    
  • Empty All Temp
    
  • IE Defaults
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[Gast arv]

Het is nog steeds niet helemaal over!!

- - - Updated - - -

Het is nog stteds niet helemaal over!

- - - Updated - - -

Het is nog steeds niet helemaal over!!

- - - Updated - - -

Je schrijft hier of hier. Beiden geven error aan, "is crashed" wordt aangegeven.

[kape]

Wil je de gevraagde logjes - zowel van HijackThis als zoek.exe - eens posten in een volgende bericht. Of lukt dat helemaal niet ?

[Gast arv]

Zoek.exe Version 4.0.0.1 Updated 08-February-2013

Tool run by D.Roffel on vr 08-02-2013 at 21:36:51,30.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Norman\Npm\Bin\elogsvc.exe

C:\Program Files\Norman\Ngs\Bin\Nnf.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Norman\Npm\Bin\Zanda.exe

C:\Program Files\Norman\npm\bin\nvoy.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Norman\Nvc\bin\nhs.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

C:\Windows\system32\dmwu.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Norman\Npm\Bin\scheduler.exe

C:\Program Files\Norman\Npm\Bin\Njeeves.exe

C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

C:\Program Files\Norman\npf\bin\npfsvc32.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe

C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Norman\Nvc\Bin\cclaw.exe

C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files\Activ Software\Activdriver\activmgr.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\abDevDet.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\D55BF~1.ROF\AppData\Local\Temp\Rar$EX01.272\zoek.exe

C:\Users\D55BF~1.ROF\AppData\Local\Temp\RarSFX0\zoek.com

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\mshta.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\web assistant updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\web assistant updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\weboptimizer deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\weboptimizer deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

---- Lines incredibar removed from prefs.js ----

user_pref("extensions.incredibar.admin", false);

user_pref("extensions.incredibar.aflt", "orgnl");

user_pref("extensions.incredibar.cntry", "NL");

user_pref("extensions.incredibar.dfltLng", "");

user_pref("extensions.incredibar.dfltSrch", false);

user_pref("extensions.incredibar.did", "10665");

user_pref("extensions.incredibar.envrmnt", "production");

user_pref("extensions.incredibar.excTlbr", false);

user_pref("extensions.incredibar.hdrMd5", "8E403FABA1EB47AFC7CBE965125DBF9B");

user_pref("extensions.incredibar.hmpg", false);

user_pref("extensions.incredibar.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar.installerproductid", "26");

user_pref("extensions.incredibar.instlDay", "15510");

user_pref("extensions.incredibar.instlRef", "");

user_pref("extensions.incredibar.isDcmntCmplt", false);

user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

user_pref("extensions.incredibar.newTab", false);

user_pref("extensions.incredibar.noFFXTlbr", false);

user_pref("extensions.incredibar.ppd", "");

user_pref("extensions.incredibar.prdct", "incredibar");

user_pref("extensions.incredibar.productid", "26");

user_pref("extensions.incredibar.prtnrId", "Incredibar");

user_pref("extensions.incredibar.sg", "none");

user_pref("extensions.incredibar.smplGrp", "none");

user_pref("extensions.incredibar.tlbrId", "base");

user_pref("extensions.incredibar.tlbrSrchUrl", "MyStart by IncrediBar.com=");

user_pref("extensions.incredibar.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar.upn2n", "92824562575763864");

user_pref("extensions.incredibar.vrsn", "1.5.11.14");

user_pref("extensions.incredibar.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.did", "10665");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.instlDay", "15510");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.ppd", "");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.tlbrSrchUrl", "MyStart by IncrediBar.com=");

user_pref("extensions.incredibar_i.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar_i.upn2n", "92824562575763864");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

---- Lines incredibar modified from prefs.js ----

user_pref("extensions.enabledAddons", "ffxtlbr@incredibar.com:1.5.0,{2d8d9acc-f6d7-4362-8876-a275ca929591}:3.15.1.0,{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10,{336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.478,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,plugin@yontoo.com:1.20.00,{EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3,bbrs_002@blabbers.com:1.0.5,{872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.27.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:15.0.1");

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\Web Assistant\\\\Firefox\",\"mtime\":1346237122066}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Searchqu Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1349557381408},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1347022787970}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1351014897024},\"ffxtlbr@incredibar.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\ffxtlbr@incredibar.com\",\"mtime\":1340114362403},\"onlinehdtv@onlinehd.tv\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\onlinehdtv@onlinehd.tv.xpi\",\"mtime\":1350829747858},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\plugin@yontoo.com\",\"mtime\":1350829791434},\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Searchqu Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1349557381408},\"{2d8d9acc-f6d7-4362-8876-a275ca929591}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{2d8d9acc-f6d7-4362-8876-a275ca929591}\",\"mtime\":1346174168922},\"{872b5b88-9db5-4310-bdd0-ac189557e5f5}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\",\"mtime\":1351015015715},\"{99079a25-328f-4bd4-be04-00955acaa0a7}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{99079a25-328f-4bd4-be04-00955acaa0a7}\",\"mtime\":1349557370642},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1345459765239},\"{EEE6C361-6118-11DC-9C72-001320C79847}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi\",\"mtime\":1350852459295}}}]");

---- Lines incredibar removed from user.js ----

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.tlbrSrchUrl", "MyStart by IncrediBar.com=");

user_pref("extensions.incredibar_i.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar_i.instlDay", "15510");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar_i.upn2n", "92824562575763864");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.did", "10665");

user_pref("extensions.incredibar_i.ppd", "");

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines CT2269050 removed from user.js ----

---- Lines CT2849859 removed from prefs.js ----

---- Lines CT2849859 modified from prefs.js ----

---- Lines CT2849859 removed from user.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines conduit removed from user.js ----

---- Lines claro removed from prefs.js ----

---- Lines claro modified from prefs.js ----

---- Lines claro removed from user.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines babylon removed from user.js ----

---- Lines searchqu removed from prefs.js ----

---- Lines searchqu modified from prefs.js ----

---- Lines searchqu removed from user.js ----

---- Lines Toggle removed from prefs.js ----

---- Lines Toggle modified from prefs.js ----

---- Lines Toggle removed from user.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines ask.com removed from user.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines search.com removed from user.js ----

---- Lines search.net removed from prefs.js ----

---- Lines search.net modified from prefs.js ----

---- Lines search.net removed from user.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines Web Search removed from user.js ----

---- Lines Customized removed from prefs.js ----

---- Lines Customized modified from prefs.js ----

---- Lines Customized removed from user.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "9c2b3e5c-59d5-46f3-96a8-91e6825e4834");

user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines yontoo removed from user.js ----

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines funmoods removed from user.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines CommunityToolbar removed from user.js ----

---- Lines etype.com removed from prefs.js ----

---- Lines etype.com modified from prefs.js ----

---- Lines etype.com removed from user.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from prefs.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from user.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines SweetIM removed from user.js ----

---- Lines SweetPacks removed from prefs.js ----

---- Lines SweetPacks modified from prefs.js ----

---- Lines SweetPacks removed from user.js ----

---- Lines blabbers.com removed from prefs.js ----

---- Lines blabbers.com modified from prefs.js ----

---- Lines blabbers.com removed from user.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from user.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines mybrowserbar removed from user.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- Lines smartbar removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_08-02-2013_2146_.backup

prefs_08-02-2013_2146_.backup

==== Deleting Files \ Folders ======================

"C:\Windows\system32\dmwu.exe" not found

"C:\user.js" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\conduit.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\sweetim.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\user.js" deleted

"C:\END" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\Search_Results.xml" deleted

"C:\Windows\system32\dmwu.exe" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Program Files (x86)\BrowserCompanion\BCHelper.exe" deleted

"C:\Program Files (x86)\BrowserCompanion\sqlite3.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" not deleted

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe" deleted

"C:\Program Files (x86)\Application Updater" deleted

"C:\Program Files (x86)\DAEMON Tools Toolbar" deleted

"C:\Program Files (x86)\DVDVideoSoftTB" deleted

"C:\Program Files (x86)\BrowserCompanion" deleted

"C:\Program Files (x86)\DealPly" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\Incredibar.com" deleted

"C:\Program Files (x86)\SweetIM" not deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Program Files (x86)\Searchqu Toolbar" not deleted

"C:\Program Files (x86)\Common Files\Spigot" deleted

"C:\Program Files\Web Assistant" deleted

"C:\Users\D.Roffel\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\SweetIM" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Premium" deleted

"C:\Users\D.Roffel\AppData\Local\Ilivid Player" deleted

"C:\Users\D.Roffel\AppData\Local\CRE" deleted

"C:\Users\D.Roffel\AppData\Local\Conduit" deleted

"C:\Users\D.Roffel\AppData\LocalLow\DataMngr" deleted

"C:\Users\D.Roffel\AppData\LocalLow\uTorrentBar_NL" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\D.Roffel\AppData\LocalLow\PriceGong" deleted

"C:\Users\D.Roffel\AppData\LocalLow\searchqutoolbar" deleted

"C:\Users\D.Roffel\AppData\LocalLow\bbrs_002.tb" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Conduit" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Search Settings" deleted

"C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2269050" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2849859" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\ffxtlbr@incredibar.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2269050" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2849859" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\conduitCommon" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchqutoolbar" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\plugin@yontoo.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\SweetPacksToolbarData" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\bbrs_002@blabbers.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\smartbar" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\ffxtlbr@incredibar.com" deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\plugin@yontoo.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\bbrs_002@blabbers.com" deleted

"C:\Program Files (x86)\SweetIM\Communicator" not deleted

"C:\Program Files (x86)\SweetIM\Messenger" not deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 4096 MB

CPU Info: Intel® Core2 Quad CPU Q8300 @ 2.50GHz

CPU Speed: 2497,4 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: NVIDIA GeForce GT 120 | NVIDIA GeForce GT 120 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1280 X 1024 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8101E Family PCI-E FE NIC

CD / DVD Drives: 2x (E: | F: | ) E: HL-DT-STDVDRAM GH40F | F: WBUTU KHY3W1U7

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C: 458,5GB | D: 458,4GB

Hard Disks - Free: C: 105,3GB | D: 457,9GB

Manufacturer *: AMI

BIOS Info: AT/AT COMPATIBLE | 06/10/09 | ACRSYS - 20090610

Time Zone: West-Europa (standaardtijd)

Motherboard *: Packard Bell MCP73PVT-PM

Sun Java version: 1.6.0_22

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\D55BF~1.ROF\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-01-26 22:04:49 27F1BE4A53441C9F1F48B9ADC145B0A5 189248 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe

2013-01-26 22:04:48 3A2BDD76E7D2A5F40A7174793D1BA794 75136 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2013-02-07 15:41:46 500F7002C3A00DBE806B9930523CDABC 1060 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-02-07 15:41:45 933B82FB505C852E311E628D94DA5B7B 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-02-07 15:55:25 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-01-26 21:53:44 -------- d-----w- C:\Program Files (x86)\Ubisoft

======= C: =====

====== C:\Users\D.Roffel\AppData\Roaming ======

2013-02-07 21:57:46 -------- d-----w- C:\users\Moniek\AppData\Locallow\Incredibar.com

2013-02-07 10:33:15 -------- d-----w- C:\users\Moniek\AppData\Local\{29F6DBAD-F8D0-4ACB-BB53-472998BBBD81}

2013-02-06 23:39:19 -------- d-----w- C:\users\D.Roffel\AppData\Roaming\TestApp

2013-02-06 12:32:44 -------- d-----w- C:\users\Moniek\AppData\Local\{C88872A0-B10F-4C2C-8A2B-2439E3F2204F}

2013-02-03 08:40:16 -------- d-----w- C:\users\Moniek\AppData\Local\{58576126-2019-4B68-AC4D-9EC352578E7D}

2013-02-02 11:13:53 -------- d-----w- C:\users\Moniek\AppData\Local\{5DAE5514-C706-414B-8344-1155EBD5A0DD}

2013-01-31 10:07:19 -------- d-----w- C:\users\Moniek\AppData\Local\{B1EED4CF-BD30-4F34-A2E5-C76EEA364042}

2013-01-30 18:20:39 -------- d-----w- C:\users\Moniek\AppData\Local\{A8008A04-8A6D-4BC4-9797-3AF5B4125448}

2013-01-27 18:11:46 -------- d-----w- C:\users\Moniek\AppData\Local\{313688BA-84A5-4670-AADE-1058B19818C8}

2013-01-26 22:04:45 -------- d-----w- C:\users\D.Roffel\AppData\Roaming\PunkBuster

2013-01-26 20:16:14 -------- d-----w- C:\users\Moniek\AppData\Local\{FDA1294F-7E39-44CD-A6C3-D0548690AF8C}

2013-01-24 18:44:56 -------- d-----w- C:\users\Moniek\AppData\Local\{18626400-F127-4BE3-A37A-6863029C3A6E}

2013-01-23 23:14:37 -------- d-----w- C:\users\Moniek\AppData\Local\{F5F6BFBC-1DB5-4107-AA9E-9103A649BBEB}

2013-01-22 11:15:10 -------- d-----w- C:\users\Moniek\AppData\Local\{1422287E-BA40-4131-A3C1-1150B7A5C0BF}

2013-01-21 13:56:55 -------- d-----w- C:\users\Moniek\AppData\Local\{AC01A9EB-1E9C-47D7-94DD-0D67212653CF}

2013-01-19 11:49:49 -------- d-----w- C:\users\Moniek\AppData\Local\{76581039-9AD7-440A-83A3-472F8ADC33AF}

2013-01-17 22:39:18 -------- d-----w- C:\users\Moniek\AppData\Local\{255E32BD-0769-4DA7-9B5E-ECB1C0E748DE}

2013-01-17 09:39:37 -------- d-----w- C:\users\Moniek\AppData\Local\{0D1376B4-12E7-476B-BABD-44B9A9090D1A}

2013-01-14 20:45:37 -------- d-----w- C:\users\Moniek\AppData\Local\{AFAB2D3E-DDC8-48AC-885D-774C971FE0FD}

2013-01-14 08:45:02 -------- d-----w- C:\users\Moniek\AppData\Local\{0831629C-B315-4E63-AF26-B6333F8063FB}

2013-01-12 12:20:26 -------- d-----w- C:\users\Moniek\AppData\Local\{013EED25-85EE-4E0E-AC8D-BD20FB809F3A}

====== C:\Users\D.Roffel ======

2013-02-06 23:39:20 -------- d-----w- C:\ProgramData\TEMP

2013-02-06 23:39:19 -------- d-----w- C:\ProgramData\PC Tools

====== C: exe-files ==

2013-02-07 16:08:52 924173893B3735741B373CA366C37823 398992 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe

2013-02-07 16:01:29 5CA39C1D83B285427FC20044A14F0F4A 1718808 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_0BB4946B2EEAC900.exe

2013-02-07 16:01:25 924173893B3735741B373CA366C37823 398992 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_F5CB933C28B61353.exe

2013-02-07 16:01:21 BAD663957F682F95B22C4E83AB49CB52 308368 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_38F27E698DCE3952.exe

2013-02-07 16:01:17 4A001CFD8565634EC6891B6BFAB04183 1053840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe

2013-02-07 16:00:23 88C48DAAB78EEE9F856C8BFF2141F09B 530464 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3607.2246\GoogleToolbarInstaller_updater_signed.exe

2013-02-07 15:58:25 3A080679A27954B3CB36CC1FB24FE7B0 8423264 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57\24.0.1312.57_22.0.1229.95_chrome_updater.exe

2013-02-07 15:53:23 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-02-07 15:53:23 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-02-07 15:53:22 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-02-07 15:53:19 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-02-07 15:53:19 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-02-07 15:53:18 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-02-07 15:53:17 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe

2013-02-07 15:41:56 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

2013-02-07 15:41:54 BAD663957F682F95B22C4E83AB49CB52 308368 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

2013-02-07 15:41:52 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe

2013-02-07 15:41:51 496B1F34EC5AF59462A4AD49696E12BD 2242080 ----atw- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_full_signed.exe

2013-02-07 15:41:45 F02A533F517EB38333CB12A9E8963773 136176 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2013-02-07 15:14:06 64A40CDDD0B510C60F6EE3BFFC17ED05 4317896 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DKP1LRF\rcpsetup_marim_marm.exe

2013-02-06 23:38:46 A82C06DA2EEC898E9D52ECC537B70B0C 4125360 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSZ2AFE0\PCTools_Safe_Install_SDAV.exe

=== C: other files ==

2013-02-07 22:03:48 EC155C323A3B777441BF6A2BF4077FCC 12459888 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll

2013-02-07 21:57:43 9A12114E265F396A72AAD8E086078D45 97072 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll

2013-02-07 21:57:43 8E67DA0D39C3A4D5285E0EB2018B4630 192000 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\npbrowserext.dll

2013-02-07 21:57:43 6F438B6B74D1B532C46D4162F6160458 195072 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CrmAdpt.dll

2013-02-07 21:57:43 6B0DCF7DDF6D84B5EAEC33041F69388E 189440 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CTB.dll

2013-02-07 19:23:32 3181296C1731FD6F4251FE9BF2B5AF0A 155392 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn\2.3.19.11_0\plugins\ChromeAutoApproveTB.dll

2013-02-07 19:23:32 0B45A206990CA3BEA34F527FB2007D0A 116480 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn\2.3.19.11_0\plugins\ChromeApproveTBPlugin.dll

2013-02-07 19:19:53 EC155C323A3B777441BF6A2BF4077FCC 12459888 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll

2013-02-07 16:08:53 917A728A12F25FCF4636858FAC9979FA 1000984 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

2013-02-07 16:08:53 76E7410B3A308F6960D3CE06DC7874AD 150040 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

2013-02-07 16:08:53 6217BCE38E3B1DBA4F1A789189A2616C 346136 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll

2013-02-07 16:08:53 07DCB2037B557BD97EA5F963EA0B9A83 49176 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gth.dll

2013-02-07 16:08:52 9B1B6ECC2F29A4F2448BCFFD9F930E72 253584 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

2013-02-07 16:01:14 4C1B167473577A2B07413458B61FDB58 512144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_nl_63371F198DACB2EB.dll

2013-02-07 16:01:10 58EC0172DA8A00597E93A072F6E7F044 1032848 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll

2013-02-07 16:01:06 CF16087091E3D12A71FBBAC93504CC85 4607120 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_64_EA4317C393845F35.dll

2013-02-07 16:01:01 B53A732C08002F6EDA943DEB8CE91F6E 3053200 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll

2013-02-07 16:00:54 9B1B6ECC2F29A4F2448BCFFD9F930E72 253584 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbar_64_BFF210F947D9DB39.dll

2013-02-07 16:00:50 B9497C5ACAEA521663BFFBB321DD3AFA 192144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbar_32_E4372AF08E5B8B50.dll

2013-02-07 15:53:22 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll

2013-02-07 15:53:22 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

2013-02-07 15:53:22 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll

2013-02-07 15:53:22 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll

2013-02-07 15:53:22 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll

2013-02-07 15:53:22 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll

2013-02-07 15:53:22 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll

2013-02-07 15:53:22 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll

2013-02-07 15:53:22 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll

2013-02-07 15:53:22 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll

2013-02-07 15:53:21 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll

2013-02-07 15:53:21 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll

2013-02-07 15:53:21 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll

2013-02-07 15:53:21 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll

2013-02-07 15:53:21 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll

2013-02-07 15:53:21 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll

2013-02-07 15:53:21 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll

2013-02-07 15:53:21 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll

2013-02-07 15:53:21 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll

2013-02-07 15:53:21 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll

2013-02-07 15:53:21 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll

2013-02-07 15:53:21 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll

2013-02-07 15:53:21 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll

2013-02-07 15:53:21 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll

2013-02-07 15:53:21 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll

2013-02-07 15:53:21 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll

2013-02-07 15:53:21 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll

2013-02-07 15:53:21 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll

2013-02-07 15:53:20 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll

2013-02-07 15:53:20 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll

2013-02-07 15:53:20 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll

2013-02-07 15:53:20 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll

2013-02-07 15:53:20 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll

2013-02-07 15:53:20 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll

2013-02-07 15:53:20 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll

2013-02-07 15:53:20 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll

2013-02-07 15:53:20 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll

2013-02-07 15:53:20 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll

2013-02-07 15:53:20 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll

2013-02-07 15:53:20 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll

2013-02-07 15:53:20 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll

2013-02-07 15:53:20 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll

2013-02-07 15:53:20 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll

2013-02-07 15:53:20 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll

2013-02-07 15:53:20 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll

2013-02-07 15:53:20 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll

2013-02-07 15:53:19 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll

2013-02-07 15:53:19 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll

2013-02-07 15:53:19 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll

2013-02-07 15:53:19 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll

2013-02-07 15:53:19 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll

2013-02-07 15:53:19 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll

2013-02-07 15:53:19 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll

2013-02-07 15:53:19 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll

2013-02-07 15:53:19 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll

2013-02-07 15:53:19 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll

2013-02-07 15:53:19 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll

2013-02-07 15:53:19 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll

2013-02-07 15:53:19 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll

2013-02-07 15:43:44 9A12114E265F396A72AAD8E086078D45 97072 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll

2013-02-07 15:43:43 C88262875A74142F2FDF7A3469EA1366 1679597 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\scoped_dir_5312_30873\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx

2013-02-07 15:43:43 6F438B6B74D1B532C46D4162F6160458 195072 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CrmAdpt.dll

2013-02-07 15:43:43 6B0DCF7DDF6D84B5EAEC33041F69388E 189440 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CTB.dll

2013-02-07 15:41:56 D7B2503FC697B792ABD50C38333B4B52 346096 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll

2013-02-07 15:41:54 B9497C5ACAEA521663BFFBB321DD3AFA 192144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

2013-02-07 11:10:53 FE4FBC4C4DCAEE8B9F81B67F8F1CFAB3 1442539 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSZ2AFE0\schoolnieuws (1).zip

2013-02-06 23:39:19 9ADAA4B92FA77F4B8F33D4411E0CC316 475136 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerAPI.dll

2013-02-06 23:39:19 484846DE2A9176CF7D7D626DF7278DBA 120832 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerWrapper.dll

2013-02-06 23:39:19 42CF24C7E2734EC0B7D6302AAAFCE5CF 47104 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\lang\DUTCH.dll

2013-02-06 23:39:19 3AE0393DC2C5BA415A02B2A1D0409F3C 1135944 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InnoHelpers.dll

2013-02-06 23:39:19 3877C9179BBCF49CDAD4CE89DE59530E 138240 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InstallWrapper.dll

2013-02-06 23:39:19 2529A91BE068CC8B9275EFFDEA3683C7 345088 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\lang\English.dll

2013-02-06 23:39:18 FE845A1F7DE7372648AC4EE33D1162EA 618496 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\tiscript.dll

2013-02-06 23:39:18 C4120B891E509EF1548FE2D4C50057D0 915456 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\htmlayout.dll

2013-02-06 23:39:18 37E549AA9B061E8C1EE0852AC3BA0B35 407040 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\PCTUI.dll

2013-02-06 23:39:16 6B6A6139EE8EB5BD8C08D75FE3D8E000 519128 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InnoSelfProtect.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

"SmpcSys"="C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Packard Bell Auto Backup"="C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe /run"

"RockMelt Update"="C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c"

"BitTorrent"="C:\Program Files (x86)\BitTorrent\bittorrent.exe /MINIMIZED"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Packard Bell Photo Frame"="C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A"

"Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH"

"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"

"PaperPort PTD"="C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"

"IndexSearch"="C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"

"PPort11reminder"="C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE"

"Browser companion helper"="C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej"

"SweetIM"="C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"

"Sweetpacks Communicator"="C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

"SmpcSys"="C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Packard Bell Auto Backup"="C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe /run"

"RockMelt Update"="C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c"

"BitTorrent"="C:\Program Files (x86)\BitTorrent\bittorrent.exe /MINIMIZED"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"

"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"

"FijiKeyboard"="c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe"

"ActivControl"="C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BitTorrent"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe\" /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrMfcWnd]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BrMfcWnd"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe /AUTORUN"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter3]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ControlCenter3"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Brother\\ControlCenter3\\brctrcen.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVDVideoSoft]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DVDVideoSoft"

"hkey"="HKCU"

"command"="C:\\Users\\D.Roffel\\AppData\\Roaming\\FAF75C.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HTC Sync Loader]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HTC Sync Loader"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\HTC\\HTC Sync 3.0\\htcUPCTLoader.exe\" -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="swg"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 18:17]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-02-2013 16:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-02-2013 16:41]

C:\Windows\tasks\ParetoLogic Registration3.job --a------ C:\Windows\system32\rundll32.exe [14-07-2009 02:14]

C:\Windows\tasks\ParetoLogic Update Version3.job --a------ C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [12-10-2009 06:01]

C:\Windows\tasks\PC Health Advisor Defrag.job --a------ C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [30-03-2011 00:17]

C:\Windows\tasks\PC Health Advisor.job --a------ C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [30-03-2011 00:17]

C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1665370618-2561934394-2229486061-1000UA.job --a------ C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [20-06-2012 16:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

- Undetermined - C:\Program Files\Web Assistant\Firefox

- Undetermined - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension

- BittorrentBar_NL Community Toolbar - %ProfilePath%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

- DVDVideoSoftTB - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

- Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

- =Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

A74B2B17FCE088C437312F9E1F6E0324 - C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll - RockMelt Update

2134E14DFB56952F548487898AE63A89 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Deleting Files \ Folders ======================

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bccldkoinakjmmgebambiaggjobhikfg - C:\ProgramData\TheBflix\bccldkoinakjmmgebambiaggjobhikfg.crx[]

bmbgdmijgopggjaelphhajpjldacbnba - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx[]

bodddioamolcibagionmmobehnbhiakf - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\HENDRI~1\AppData\Local\Temp\ccex.crx[]

clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]

dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx[21-10-2012 15:29]

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click11.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\D.Roffel\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\D.Roffel\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

undetermined

YouTube - D.Roffel - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Montiera Chrome Toolbar - D.Roffel - Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba

Browser Companion Helper - D.Roffel - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Google Search - D.Roffel - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - D.Roffel - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

DealPly - D.Roffel - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

BittorrentBar_NL - D.Roffel - Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn

Gmail - D.Roffel - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Moniek - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Moniek - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Moniek - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Montiera Chrome Toolbar - Moniek - Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba

Browser Companion Helper - Moniek - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Google Search - Moniek - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - Moniek - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

Web Assistant - Moniek - Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

DealPly - Moniek - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Gmail - Moniek - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="nu.nl | Het laatste nieuws het eerst op nu.nl"

"Default_Page_URL"="iGoogle Redirect"

"Search Page"="Google"

"Search Bar"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.sweetim.com/?crg=3.1010000.10011&barid={B637CAD0-1B8B-11E2-919C-002511445D71}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.sweetim.com/?crg=3.1010000.10011&barid={B637CAD0-1B8B-11E2-919C-002511445D71}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="%s - Google Search"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="Upgrade to Google Chrome"

"Default_Search_URL"="Upgrade to Google Chrome"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="Bing"

"Search Bar"="Bing"

"Default_Search_URL"="Bing"

"Default_Page_URL"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

"Start Page"="nu.nl | Het laatste nieuws het eerst op nu.nl"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="%s - Bing"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="Bing"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing?}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{D693FC58-58C7-4A8B-8743-6C511F332415} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bccldkoinakjmmgebambiaggjobhikfg deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bmbgdmijgopggjaelphhajpjldacbnba deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)

O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Hendri R\AppData\Local\Mozilla\Firefox\Profiles\8tbzooit.default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Mozilla\Firefox\Profiles\dutb8wo1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\D55BF~1.ROF\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" not found

"C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files (x86)\SweetIM" not found

"C:\Program Files (x86)\Searchqu Toolbar" not found

- - - Updated - - -

Zoek.exe Version 4.0.0.1 Updated 08-February-2013

Tool run by D.Roffel on vr 08-02-2013 at 21:36:51,30.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Running Processes ======================

C:\Windows\system32\csrss.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\csrss.exe

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\winlogon.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Program Files\Norman\Npm\Bin\elogsvc.exe

C:\Program Files\Norman\Ngs\Bin\Nnf.exe

C:\Windows\system32\nvvsvc.exe

C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

C:\Windows\system32\svchost.exe -k LocalService

C:\Program Files\Norman\Npm\Bin\Zanda.exe

C:\Program Files\Norman\npm\bin\nvoy.exe

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Norman\Nvc\bin\nhs.exe

C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

C:\Windows\SysWOW64\IoctlSvc.exe

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

C:\Program Files\Web Assistant\ExtensionUpdaterService.exe

C:\Windows\system32\dmwu.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

C:\Program Files\Norman\Npm\Bin\scheduler.exe

C:\Program Files\Norman\Npm\Bin\Njeeves.exe

C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

C:\Program Files\Norman\npf\bin\npfsvc32.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\ABoard.exe

C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe

C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\ACER\Preload\Autorun\DRV\Fiji Keyboard\AOSD.exe

C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe

C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe

C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

C:\Program Files\Norman\Npm\Bin\zlh.exe

C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Norman\Nvc\Bin\cclaw.exe

C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe

C:\Program Files (x86)\BrowserCompanion\BCHelper.exe

C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe

C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe

C:\Program Files\Activ Software\Activdriver\activmgr.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

C:\Program Files (x86)\Packard Bell\AutoBackup\abDevDet.exe

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Windows\system32\DllHost.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\System32\svchost.exe -k secsvcs

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\RockMeltCrashHandler.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_5_502_149_ActiveX.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe

C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\D55BF~1.ROF\AppData\Local\Temp\Rar$EX01.272\zoek.exe

C:\Users\D55BF~1.ROF\AppData\Local\Temp\RarSFX0\zoek.com

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\mshta.exe

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\application updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\web assistant updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\web assistant updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\weboptimizer deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\weboptimizer deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

---- Lines incredibar removed from prefs.js ----

user_pref("extensions.incredibar.admin", false);

user_pref("extensions.incredibar.aflt", "orgnl");

user_pref("extensions.incredibar.cntry", "NL");

user_pref("extensions.incredibar.dfltLng", "");

user_pref("extensions.incredibar.dfltSrch", false);

user_pref("extensions.incredibar.did", "10665");

user_pref("extensions.incredibar.envrmnt", "production");

user_pref("extensions.incredibar.excTlbr", false);

user_pref("extensions.incredibar.hdrMd5", "8E403FABA1EB47AFC7CBE965125DBF9B");

user_pref("extensions.incredibar.hmpg", false);

user_pref("extensions.incredibar.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar.installerproductid", "26");

user_pref("extensions.incredibar.instlDay", "15510");

user_pref("extensions.incredibar.instlRef", "");

user_pref("extensions.incredibar.isDcmntCmplt", false);

user_pref("extensions.incredibar.lastVrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar.mntrvrsn", "1.2.0");

user_pref("extensions.incredibar.newTab", false);

user_pref("extensions.incredibar.noFFXTlbr", false);

user_pref("extensions.incredibar.ppd", "");

user_pref("extensions.incredibar.prdct", "incredibar");

user_pref("extensions.incredibar.productid", "26");

user_pref("extensions.incredibar.prtnrId", "Incredibar");

user_pref("extensions.incredibar.sg", "none");

user_pref("extensions.incredibar.smplGrp", "none");

user_pref("extensions.incredibar.tlbrId", "base");

user_pref("extensions.incredibar.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8wtFhfVC&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar.upn2n", "92824562575763864");

user_pref("extensions.incredibar.vrsn", "1.5.11.14");

user_pref("extensions.incredibar.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.did", "10665");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.instlDay", "15510");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.ppd", "");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8wtFhfVC&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar_i.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar_i.upn2n", "92824562575763864");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

---- Lines incredibar modified from prefs.js ----

user_pref("extensions.enabledAddons", "ffxtlbr@incredibar.com:1.5.0,{2d8d9acc-f6d7-4362-8876-a275ca929591}:3.15.1.0,{ACAA314B-EEBA-48e4-AD47-84E31C44796C}:1.0.10,{336D0C35-8A85-403a-B9D2-65C292C39087}:2.0.0.478,{1FD91A9C-410C-4090-BBCC-55D3450EF433}:1.0,plugin@yontoo.com:1.20.00,{EEE6C361-6118-11DC-9C72-001320C79847}:1.6.0.3,bbrs_002@blabbers.com:1.0.5,{872b5b88-9db5-4310-bdd0-ac189557e5f5}:10.10.27.6,{972ce4c6-7e08-4474-a285-3208198ce6fd}:15.0.1");

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\Web Assistant\\\\Firefox\",\"mtime\":1346237122066}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Searchqu Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1349557381408},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1347022787970}}},{\"name\":\"app-profile\",\"addons\":{\"bbrs_002@blabbers.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\bbrs_002@blabbers.com\",\"mtime\":1351014897024},\"ffxtlbr@incredibar.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\ffxtlbr@incredibar.com\",\"mtime\":1340114362403},\"onlinehdtv@onlinehd.tv\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\onlinehdtv@onlinehd.tv.xpi\",\"mtime\":1350829747858},\"plugin@yontoo.com\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\plugin@yontoo.com\",\"mtime\":1350829791434},\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Searchqu Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1349557381408},\"{2d8d9acc-f6d7-4362-8876-a275ca929591}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{2d8d9acc-f6d7-4362-8876-a275ca929591}\",\"mtime\":1346174168922},\"{872b5b88-9db5-4310-bdd0-ac189557e5f5}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{872b5b88-9db5-4310-bdd0-ac189557e5f5}\",\"mtime\":1351015015715},\"{99079a25-328f-4bd4-be04-00955acaa0a7}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{99079a25-328f-4bd4-be04-00955acaa0a7}\",\"mtime\":1349557370642},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1345459765239},\"{EEE6C361-6118-11DC-9C72-001320C79847}\":{\"descriptor\":\"C:\\\\Users\\\\D.Roffel\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\vhoxv8vm.default\\\\extensions\\\\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi\",\"mtime\":1350852459295}}}]");

---- Lines incredibar removed from user.js ----

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8wtFhfVC&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar_i.id", "beaed163000000000000002511445d71");

user_pref("extensions.incredibar_i.instlDay", "15510");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1415:59:22");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.upn2", "6R8wtFhfVC");

user_pref("extensions.incredibar_i.upn2n", "92824562575763864");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.did", "10665");

user_pref("extensions.incredibar_i.ppd", "");

---- Lines CT2269050 removed from prefs.js ----

---- Lines CT2269050 modified from prefs.js ----

---- Lines CT2269050 removed from user.js ----

---- Lines CT2849859 removed from prefs.js ----

---- Lines CT2849859 modified from prefs.js ----

---- Lines CT2849859 removed from user.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines conduit removed from user.js ----

---- Lines claro removed from prefs.js ----

---- Lines claro modified from prefs.js ----

---- Lines claro removed from user.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines babylon removed from user.js ----

---- Lines searchqu removed from prefs.js ----

---- Lines searchqu modified from prefs.js ----

---- Lines searchqu removed from user.js ----

---- Lines Toggle removed from prefs.js ----

---- Lines Toggle modified from prefs.js ----

---- Lines Toggle removed from user.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines ask.com removed from user.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines search.com removed from user.js ----

---- Lines search.net removed from prefs.js ----

---- Lines search.net modified from prefs.js ----

---- Lines search.net removed from user.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines Web Search removed from user.js ----

---- Lines Customized removed from prefs.js ----

---- Lines Customized modified from prefs.js ----

---- Lines Customized removed from user.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "9c2b3e5c-59d5-46f3-96a8-91e6825e4834");

user_pref("extentions.y2layers.defaultEnableAppsList", "twittube,buzzdock,YontooNewOffers");

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines yontoo removed from user.js ----

---- Lines funmoods removed from prefs.js ----

---- Lines funmoods modified from prefs.js ----

---- Lines funmoods removed from user.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines CommunityToolbar removed from user.js ----

---- Lines etype.com removed from prefs.js ----

---- Lines etype.com modified from prefs.js ----

---- Lines etype.com removed from user.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from prefs.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ----

---- Lines EEE6C361-6118-11DC-9C72-001320C79847 removed from user.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines SweetIM removed from user.js ----

---- Lines SweetPacks removed from prefs.js ----

---- Lines SweetPacks modified from prefs.js ----

---- Lines SweetPacks removed from user.js ----

---- Lines blabbers.com removed from prefs.js ----

---- Lines blabbers.com modified from prefs.js ----

---- Lines blabbers.com removed from user.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from user.js ----

---- Lines mybrowserbar removed from prefs.js ----

---- Lines mybrowserbar modified from prefs.js ----

---- Lines mybrowserbar removed from user.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- Lines smartbar removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_08-02-2013_2146_.backup

prefs_08-02-2013_2146_.backup

==== Deleting Files \ Folders ======================

"C:\Windows\system32\dmwu.exe" not found

"C:\user.js" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\conduit.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\sweetim.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\user.js" deleted

"C:\END" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchplugins\Search_Results.xml" deleted

"C:\Windows\system32\dmwu.exe" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi" deleted

"C:\Program Files (x86)\BrowserCompanion\BCHelper.exe" deleted

"C:\Program Files (x86)\BrowserCompanion\sqlite3.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgAdaptersProxy.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgArchive.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgcommunication.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgconfig.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgFlashPlayer.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mghooking.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgMsnAuto.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgMsnMessengerAdapter.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgsimcommon.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgSweetIM.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgUpdateSupport.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\mgxml_wrapper.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcp71.dll" deleted

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" not deleted

"C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe" deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr\datamngrUI.exe" deleted

"C:\Program Files (x86)\Application Updater" deleted

"C:\Program Files (x86)\DAEMON Tools Toolbar" deleted

"C:\Program Files (x86)\DVDVideoSoftTB" deleted

"C:\Program Files (x86)\BrowserCompanion" deleted

"C:\Program Files (x86)\DealPly" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\Incredibar.com" deleted

"C:\Program Files (x86)\SweetIM" not deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Program Files (x86)\Searchqu Toolbar" not deleted

"C:\Program Files (x86)\Common Files\Spigot" deleted

"C:\Program Files\Web Assistant" deleted

"C:\Users\D.Roffel\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\SweetIM" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Premium" deleted

"C:\Users\D.Roffel\AppData\Local\Ilivid Player" deleted

"C:\Users\D.Roffel\AppData\Local\CRE" deleted

"C:\Users\D.Roffel\AppData\Local\Conduit" deleted

"C:\Users\D.Roffel\AppData\LocalLow\DataMngr" deleted

"C:\Users\D.Roffel\AppData\LocalLow\uTorrentBar_NL" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\D.Roffel\AppData\LocalLow\PriceGong" deleted

"C:\Users\D.Roffel\AppData\LocalLow\searchqutoolbar" deleted

"C:\Users\D.Roffel\AppData\LocalLow\bbrs_002.tb" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Conduit" deleted

"C:\Users\D.Roffel\AppData\LocalLow\Search Settings" deleted

"C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2269050" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2849859" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\ffxtlbr@incredibar.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2269050" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\CT2849859" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\conduitCommon" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\searchqutoolbar" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\plugin@yontoo.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\SweetPacksToolbarData" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\bbrs_002@blabbers.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\smartbar" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\ffxtlbr@incredibar.com" deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\plugin@yontoo.com" deleted

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\bbrs_002@blabbers.com" deleted

"C:\Program Files (x86)\SweetIM\Communicator" not deleted

"C:\Program Files (x86)\SweetIM\Messenger" not deleted

"C:\Program Files (x86)\Searchqu Toolbar\Datamngr" not deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)

Internet Explorer: 9.0.8112.16421

Memory (RAM): 4096 MB

CPU Info: Intel® Core2 Quad CPU Q8300 @ 2.50GHz

CPU Speed: 2497,4 MHz

Sound Card: Luidsprekers (Realtek High Defi |

Realtek Digital Output (Realtek |

Display Adapters: NVIDIA GeForce GT 120 | NVIDIA GeForce GT 120 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver

Monitors: 1x; Algemeen PnP-beeldscherm |

Screen Resolution: 1280 X 1024 - 32 bit

Network: Network Present

Network Adapters: Realtek RTL8101E Family PCI-E FE NIC

CD / DVD Drives: 2x (E: | F: | ) E: HL-DT-STDVDRAM GH40F | F: WBUTU KHY3W1U7

Ports: COM Ports NOT Present. LPT Port NOT Present.

Mouse: 16 Button Wheel Mouse Present

Hard Disks: C: 458,5GB | D: 458,4GB

Hard Disks - Free: C: 105,3GB | D: 457,9GB

Manufacturer *: AMI

BIOS Info: AT/AT COMPATIBLE | 06/10/09 | ACRSYS - 20090610

Time Zone: West-Europa (standaardtijd)

Motherboard *: Packard Bell MCP73PVT-PM

Sun Java version: 1.6.0_22

Country: Nederland

Language: NLD

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\D55BF~1.ROF\AppData\Local\Temp ====

====== C:\Windows\SysWOW64 =====

2013-01-26 22:04:49 27F1BE4A53441C9F1F48B9ADC145B0A5 189248 ----a-w- C:\Windows\SysWOW64\PnkBstrB.exe

2013-01-26 22:04:48 3A2BDD76E7D2A5F40A7174793D1BA794 75136 ----a-w- C:\Windows\SysWOW64\PnkBstrA.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2013-02-07 15:41:46 500F7002C3A00DBE806B9930523CDABC 1060 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2013-02-07 15:41:45 933B82FB505C852E311E628D94DA5B7B 1056 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\Program Files (x86) =====

2013-02-07 15:55:25 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-01-26 21:53:44 -------- d-----w- C:\Program Files (x86)\Ubisoft

======= C: =====

====== C:\Users\D.Roffel\AppData\Roaming ======

2013-02-07 21:57:46 -------- d-----w- C:\users\Moniek\AppData\Locallow\Incredibar.com

2013-02-07 10:33:15 -------- d-----w- C:\users\Moniek\AppData\Local\{29F6DBAD-F8D0-4ACB-BB53-472998BBBD81}

2013-02-06 23:39:19 -------- d-----w- C:\users\D.Roffel\AppData\Roaming\TestApp

2013-02-06 12:32:44 -------- d-----w- C:\users\Moniek\AppData\Local\{C88872A0-B10F-4C2C-8A2B-2439E3F2204F}

2013-02-03 08:40:16 -------- d-----w- C:\users\Moniek\AppData\Local\{58576126-2019-4B68-AC4D-9EC352578E7D}

2013-02-02 11:13:53 -------- d-----w- C:\users\Moniek\AppData\Local\{5DAE5514-C706-414B-8344-1155EBD5A0DD}

2013-01-31 10:07:19 -------- d-----w- C:\users\Moniek\AppData\Local\{B1EED4CF-BD30-4F34-A2E5-C76EEA364042}

2013-01-30 18:20:39 -------- d-----w- C:\users\Moniek\AppData\Local\{A8008A04-8A6D-4BC4-9797-3AF5B4125448}

2013-01-27 18:11:46 -------- d-----w- C:\users\Moniek\AppData\Local\{313688BA-84A5-4670-AADE-1058B19818C8}

2013-01-26 22:04:45 -------- d-----w- C:\users\D.Roffel\AppData\Roaming\PunkBuster

2013-01-26 20:16:14 -------- d-----w- C:\users\Moniek\AppData\Local\{FDA1294F-7E39-44CD-A6C3-D0548690AF8C}

2013-01-24 18:44:56 -------- d-----w- C:\users\Moniek\AppData\Local\{18626400-F127-4BE3-A37A-6863029C3A6E}

2013-01-23 23:14:37 -------- d-----w- C:\users\Moniek\AppData\Local\{F5F6BFBC-1DB5-4107-AA9E-9103A649BBEB}

2013-01-22 11:15:10 -------- d-----w- C:\users\Moniek\AppData\Local\{1422287E-BA40-4131-A3C1-1150B7A5C0BF}

2013-01-21 13:56:55 -------- d-----w- C:\users\Moniek\AppData\Local\{AC01A9EB-1E9C-47D7-94DD-0D67212653CF}

2013-01-19 11:49:49 -------- d-----w- C:\users\Moniek\AppData\Local\{76581039-9AD7-440A-83A3-472F8ADC33AF}

2013-01-17 22:39:18 -------- d-----w- C:\users\Moniek\AppData\Local\{255E32BD-0769-4DA7-9B5E-ECB1C0E748DE}

2013-01-17 09:39:37 -------- d-----w- C:\users\Moniek\AppData\Local\{0D1376B4-12E7-476B-BABD-44B9A9090D1A}

2013-01-14 20:45:37 -------- d-----w- C:\users\Moniek\AppData\Local\{AFAB2D3E-DDC8-48AC-885D-774C971FE0FD}

2013-01-14 08:45:02 -------- d-----w- C:\users\Moniek\AppData\Local\{0831629C-B315-4E63-AF26-B6333F8063FB}

2013-01-12 12:20:26 -------- d-----w- C:\users\Moniek\AppData\Local\{013EED25-85EE-4E0E-AC8D-BD20FB809F3A}

====== C:\Users\D.Roffel ======

2013-02-06 23:39:20 -------- d-----w- C:\ProgramData\TEMP

2013-02-06 23:39:19 -------- d-----w- C:\ProgramData\PC Tools

====== C: exe-files ==

2013-02-07 16:08:52 924173893B3735741B373CA366C37823 398992 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_64.exe

2013-02-07 16:01:29 5CA39C1D83B285427FC20044A14F0F4A 1718808 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\SearchWithGoogleUpdate_0BB4946B2EEAC900.exe

2013-02-07 16:01:25 924173893B3735741B373CA366C37823 398992 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_64_F5CB933C28B61353.exe

2013-02-07 16:01:21 BAD663957F682F95B22C4E83AB49CB52 308368 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarUser_32_38F27E698DCE3952.exe

2013-02-07 16:01:17 4A001CFD8565634EC6891B6BFAB04183 1053840 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarManager_94DDE1EDD1CDF6A3.exe

2013-02-07 16:00:23 88C48DAAB78EEE9F856C8BFF2141F09B 530464 ----a-w- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\7.4.3607.2246\GoogleToolbarInstaller_updater_signed.exe

2013-02-07 15:58:25 3A080679A27954B3CB36CC1FB24FE7B0 8423264 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\24.0.1312.57\24.0.1312.57_22.0.1229.95_chrome_updater.exe

2013-02-07 15:53:23 74E337FFEB2B34043F8499D2F3DE03A8 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe

2013-02-07 15:53:23 376ECCCE33C2C232112DE830E3C81763 59784 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateBroker.exe

2013-02-07 15:53:22 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdateSetup.exe

2013-02-07 15:53:19 BECDDA0990DEBD72A30096533521AD73 213384 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler.exe

2013-02-07 15:53:19 B676429E44F2F8ACC3BAE7C89F46B212 281480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleCrashHandler64.exe

2013-02-07 15:53:18 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\GoogleUpdate.exe

2013-02-07 15:53:17 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.135\GoogleUpdateSetup.exe

2013-02-07 15:41:56 5D61BE7DB55B026A5D61A3EED09D0EAD 39408 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

2013-02-07 15:41:54 BAD663957F682F95B22C4E83AB49CB52 308368 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbarUser_32.exe

2013-02-07 15:41:52 4BEAF576CB43358C4DB9F45AC7C09CDB 194032 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleUpdaterService_B33FC4DD36A473C6.exe

2013-02-07 15:41:51 496B1F34EC5AF59462A4AD49696E12BD 2242080 ----atw- C:\Program Files (x86)\Google\Update\Download\{F69EABDD-A4BB-4555-BE7E-1EA5F59BBA24}\0.0.0.0\googletoolbarinstaller_full_signed.exe

2013-02-07 15:41:45 F02A533F517EB38333CB12A9E8963773 136176 ----atw- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

2013-02-07 15:14:06 64A40CDDD0B510C60F6EE3BFFC17ED05 4317896 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2DKP1LRF\rcpsetup_marim_marm.exe

2013-02-06 23:38:46 A82C06DA2EEC898E9D52ECC537B70B0C 4125360 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSZ2AFE0\PCTools_Safe_Install_SDAV.exe

=== C: other files ==

2013-02-07 22:03:48 EC155C323A3B777441BF6A2BF4077FCC 12459888 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll

2013-02-07 21:57:43 9A12114E265F396A72AAD8E086078D45 97072 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll

2013-02-07 21:57:43 8E67DA0D39C3A4D5285E0EB2018B4630 192000 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd\2.0.0.478_0\npbrowserext.dll

2013-02-07 21:57:43 6F438B6B74D1B532C46D4162F6160458 195072 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CrmAdpt.dll

2013-02-07 21:57:43 6B0DCF7DDF6D84B5EAEC33041F69388E 189440 ----a-w- C:\Users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CTB.dll

2013-02-07 19:23:32 3181296C1731FD6F4251FE9BF2B5AF0A 155392 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn\2.3.19.11_0\plugins\ChromeAutoApproveTB.dll

2013-02-07 19:23:32 0B45A206990CA3BEA34F527FB2007D0A 116480 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn\2.3.19.11_0\plugins\ChromeApproveTBPlugin.dll

2013-02-07 19:19:53 EC155C323A3B777441BF6A2BF4077FCC 12459888 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\PepperFlash\11.5.31.139\pepflashplayer.dll

2013-02-07 16:08:53 917A728A12F25FCF4636858FAC9979FA 1000984 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

2013-02-07 16:08:53 76E7410B3A308F6960D3CE06DC7874AD 150040 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gtn.dll

2013-02-07 16:08:53 6217BCE38E3B1DBA4F1A789189A2616C 346136 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg64.dll

2013-02-07 16:08:53 07DCB2037B557BD97EA5F963EA0B9A83 49176 ----a-w- C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.7.8313.1002\gth.dll

2013-02-07 16:08:52 9B1B6ECC2F29A4F2448BCFFD9F930E72 253584 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll

2013-02-07 16:01:14 4C1B167473577A2B07413458B61FDB58 512144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_nl_63371F198DACB2EB.dll

2013-02-07 16:01:10 58EC0172DA8A00597E93A072F6E7F044 1032848 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_C9EDDF0B6984A451.dll

2013-02-07 16:01:06 CF16087091E3D12A71FBBAC93504CC85 4607120 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_64_EA4317C393845F35.dll

2013-02-07 16:01:01 B53A732C08002F6EDA943DEB8CE91F6E 3053200 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbarDynamic_32_68D43262AB91CB4A.dll

2013-02-07 16:00:54 9B1B6ECC2F29A4F2448BCFFD9F930E72 253584 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbar_64_BFF210F947D9DB39.dll

2013-02-07 16:00:50 B9497C5ACAEA521663BFFBB321DD3AFA 192144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\Component\GoogleToolbar_32_E4372AF08E5B8B50.dll

2013-02-07 15:53:22 EA1848EFE8F3B60C687D003977945289 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_th.dll

2013-02-07 15:53:22 E0FF893763BA82BAABB869A351F0C455 572808 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\npGoogleUpdate3.dll

2013-02-07 15:53:22 DF1FAEC09D59CF8CDBC30D3455648F8C 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_uk.dll

2013-02-07 15:53:22 C56DE8185672B9F17F127EA282DD5E07 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psmachine.dll

2013-02-07 15:53:22 A613AEA586B0ADF6902A59F39C547DA6 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_tr.dll

2013-02-07 15:53:22 59CBFB54ECC5FE93C74ECB2E4A1FF9A2 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-TW.dll

2013-02-07 15:53:22 51B96D72840AB9232225521102AB4962 22408 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_zh-CN.dll

2013-02-07 15:53:22 1C074E661B522E7F40D3534089FC225E 160136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\psuser.dll

2013-02-07 15:53:22 17EBF25727C05C7273AD72BADF1F7058 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ur.dll

2013-02-07 15:53:22 0A6FD6C1F1E21A54CDC342616E8E4F82 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_vi.dll

2013-02-07 15:53:21 E849D447E038462CBE0B79655865CBB8 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_mr.dll

2013-02-07 15:53:21 E534BB37BF5C43826E748E1D89910253 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sk.dll

2013-02-07 15:53:21 956C7CFAE0FCA13AE6592A72E681325A 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-BR.dll

2013-02-07 15:53:21 8AAFF4EE2151DC1DBE13B1B42189A9A4 32136 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ml.dll

2013-02-07 15:53:21 787B22D1B3551214EA18A438EB497BC2 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sr.dll

2013-02-07 15:53:21 6E67575379F7CE795FF77CEC74F6D769 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lv.dll

2013-02-07 15:53:21 6D9CDB9FE405DB672187CA1F85B148FA 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pt-PT.dll

2013-02-07 15:53:21 6D8879BF56B5875E70508A6A20812BB1 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ms.dll

2013-02-07 15:53:21 6B3640EFF0DD461E27C36AD7EB469D44 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ro.dll

2013-02-07 15:53:21 6A2929FC5F24464DBDC0577DB6766DC1 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ru.dll

2013-02-07 15:53:21 52E4EDF65BA65BEC4BA56D0B6E326F9E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_no.dll

2013-02-07 15:53:21 3ABFB1E60F232142271FAB79253786F4 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sl.dll

2013-02-07 15:53:21 326DC32156A3587395B6858C10D34B0E 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sw.dll

2013-02-07 15:53:21 2A0309B546700308E7DF9ED9302E8E94 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_te.dll

2013-02-07 15:53:21 172724B5A3F3988A7FA0F038A92FF11E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_nl.dll

2013-02-07 15:53:21 1359046E906BFC1147702E78442ADB1E 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ta.dll

2013-02-07 15:53:21 0B09837C01231654CEA36BAD94F88994 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_sv.dll

2013-02-07 15:53:21 00F8FEEFD4AE00EC5065B937BE00C595 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_pl.dll

2013-02-07 15:53:20 F7281230459DA9BF21EC099CA833CA03 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_id.dll

2013-02-07 15:53:20 F1B3D5D1D7A332FD6E24C4EB4844C7D5 23944 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ko.dll

2013-02-07 15:53:20 DE939A1A8F7EA3C0E41E46F87A4F6EF5 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fil.dll

2013-02-07 15:53:20 D87B79DF28588640F027686FD1209DD4 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fi.dll

2013-02-07 15:53:20 C164FE32626724656C77362A88156684 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fa.dll

2013-02-07 15:53:20 AD7C821EDB54639DD23D745173938ED4 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_is.dll

2013-02-07 15:53:20 93545A29801793646159E248D69D337E 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_kn.dll

2013-02-07 15:53:20 8D70A5894C60E412B4DF74B4EC049F13 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_et.dll

2013-02-07 15:53:20 73CF46B4F2B54AF8D0BF940B12DF10A5 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hr.dll

2013-02-07 15:53:20 648544BA93B4DD273DF243F9E72948EF 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_it.dll

2013-02-07 15:53:20 4CB3C4616DA0DDF3D03829D8B18C640E 24968 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ja.dll

2013-02-07 15:53:20 3CC2D1834C1292A11C963FD9523CC4EF 26504 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_iw.dll

2013-02-07 15:53:20 2E1685D3B946B8D4D199494AF700CD2E 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_gu.dll

2013-02-07 15:53:20 2D39FA2E03FCCBB4D76A33FA03C76FE9 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hu.dll

2013-02-07 15:53:20 2C42FE9ACCA5654AEA2D0C7734531DDA 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_fr.dll

2013-02-07 15:53:20 0ABF233C089FB7E8191D29DA2C6AC0AF 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es-419.dll

2013-02-07 15:53:20 0A119E73AB9ABCB87107B816B0FA74F9 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_lt.dll

2013-02-07 15:53:20 050448DEA40A5CED634C914DBE6336DE 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_hi.dll

2013-02-07 15:53:19 FC5D9F5CBC46B3662DE958C682611296 28552 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en-GB.dll

2013-02-07 15:53:19 F7C88FA49453C948D52D5350F16720D5 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_es.dll

2013-02-07 15:53:19 EC724DAA39BEB13862324594100C1052 27016 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ar.dll

2013-02-07 15:53:19 DB9BE127989AF7386234BE8D746CE65D 29576 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_da.dll

2013-02-07 15:53:19 A8D817072D08DB41F0BB193F234F43BB 31624 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_de.dll

2013-02-07 15:53:19 98A4DF0939A0ECB3A1A7C7F9C3AA318F 25480 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_am.dll

2013-02-07 15:53:19 8F1E180AF2F5B9AF234196DAFAB07E11 31112 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_el.dll

2013-02-07 15:53:19 8B572945FF7BED636A05A219DD78EC95 30600 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bg.dll

2013-02-07 15:53:19 8ABBEF4327C86834E25E979CEEB19605 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_cs.dll

2013-02-07 15:53:19 43BC38087C79995F7BEDEF8648D5B790 29064 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_bn.dll

2013-02-07 15:53:19 3781763F294C34D9F8A993B384A88FA2 30088 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_ca.dll

2013-02-07 15:53:19 35DB83C4DE9FA3889E937125D115EAA0 28040 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdateres_en.dll

2013-02-07 15:53:19 2E5672EEA419A4DC9DACD714632E1DC3 835464 ----atw- C:\Program Files (x86)\Google\Update\1.3.21.135\goopdate.dll

2013-02-07 15:43:44 9A12114E265F396A72AAD8E086078D45 97072 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\chromeNPAPI.dll

2013-02-07 15:43:43 C88262875A74142F2FDF7A3469EA1366 1679597 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\scoped_dir_5312_30873\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx

2013-02-07 15:43:43 6F438B6B74D1B532C46D4162F6160458 195072 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CrmAdpt.dll

2013-02-07 15:43:43 6B0DCF7DDF6D84B5EAEC33041F69388E 189440 ----a-w- C:\Users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba\1.0_0\CTB.dll

2013-02-07 15:41:56 D7B2503FC697B792ABD50C38333B4B52 346096 ----a-w- C:\Program Files\Google\GoogleToolbarNotifier\5.7.7529.1424\swg64.dll

2013-02-07 15:41:54 B9497C5ACAEA521663BFFBB321DD3AFA 192144 ----a-w- C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

2013-02-07 11:10:53 FE4FBC4C4DCAEE8B9F81B67F8F1CFAB3 1442539 ----a-w- C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PSZ2AFE0\schoolnieuws (1).zip

2013-02-06 23:39:19 9ADAA4B92FA77F4B8F33D4411E0CC316 475136 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerAPI.dll

2013-02-06 23:39:19 484846DE2A9176CF7D7D626DF7278DBA 120832 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\DownloadManagerWrapper.dll

2013-02-06 23:39:19 42CF24C7E2734EC0B7D6302AAAFCE5CF 47104 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\lang\DUTCH.dll

2013-02-06 23:39:19 3AE0393DC2C5BA415A02B2A1D0409F3C 1135944 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InnoHelpers.dll

2013-02-06 23:39:19 3877C9179BBCF49CDAD4CE89DE59530E 138240 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InstallWrapper.dll

2013-02-06 23:39:19 2529A91BE068CC8B9275EFFDEA3683C7 345088 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\lang\English.dll

2013-02-06 23:39:18 FE845A1F7DE7372648AC4EE33D1162EA 618496 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\tiscript.dll

2013-02-06 23:39:18 C4120B891E509EF1548FE2D4C50057D0 915456 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\htmlayout.dll

2013-02-06 23:39:18 37E549AA9B061E8C1EE0852AC3BA0B35 407040 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\PCTUI.dll

2013-02-06 23:39:16 6B6A6139EE8EB5BD8C08D75FE3D8E000 519128 ----a-w- C:\Users\D.Roffel\AppData\Local\Temp\PC Tools Download Manager\InnoSelfProtect.dll

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

"SmpcSys"="C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Packard Bell Auto Backup"="C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe /run"

"RockMelt Update"="C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c"

"BitTorrent"="C:\Program Files (x86)\BitTorrent\bittorrent.exe /MINIMIZED"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1005\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1005\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Packard Bell Photo Frame"="C:\Program Files (x86)\Packard Bell Photo Frame\ButtonMonitor.exe -A"

"Norman ZANDA"="C:\Program Files\Norman\Npm\Bin\ZLH.EXE /LOAD /SPLASH"

"SSBkgdUpdate"="C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe -Embedding -boot"

"PaperPort PTD"="C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe"

"IndexSearch"="C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe"

"PPort11reminder"="C:\Program Files (x86)\ScanSoft\PaperPort\Ereg\Ereg.exe -r C:\ProgramData\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"DATAMNGR"="C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE"

"Browser companion helper"="C:\Program Files (x86)\BrowserCompanion\BCHelper.exe /T=3 /CHI=clbfjfbnelcflpgpklppgplejolacbej"

"SweetIM"="C:\Program Files (x86)\SweetIM\Messenger\SweetIM.exe"

"Sweetpacks Communicator"="C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe ASO-616B5711-6DAE-4795-A05F-39A1E5104020"

"SmpcSys"="C:\Program Files (x86)\Packard Bell\SetupMyPC\SmpSys.exe"

"msnmsgr"="~C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe /background"

"Packard Bell Auto Backup"="C:\Program Files (x86)\Packard Bell\AutoBackup\AutoBackup.exe /run"

"RockMelt Update"="C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe /c"

"BitTorrent"="C:\Program Files (x86)\BitTorrent\bittorrent.exe /MINIMIZED"

"TomTomHOME.exe"="C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe"

"Skytel"="C:\Program Files\Realtek\Audio\HDA\Skytel.exe"

"FijiKeyboard"="c:\Acer\Preload\Autorun\DRV\FIJI Keyboard\ABoard.exe"

"ActivControl"="C:\Program Files\Activ Software\Activdriver\ActivControl2x64.exe"

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BitTorrent]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BitTorrent"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\BitTorrent\\bittorrent.exe\" /MINIMIZED"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BrMfcWnd]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BrMfcWnd"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Brother\\Brmfcmon\\BrMfcWnd.exe /AUTORUN"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ControlCenter3]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="ControlCenter3"

"hkey"="HKLM"

"command"="C:\\Program Files (x86)\\Brother\\ControlCenter3\\brctrcen.exe /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\DVDVideoSoft]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="DVDVideoSoft"

"hkey"="HKCU"

"command"="C:\\Users\\D.Roffel\\AppData\\Roaming\\FAF75C.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HTC Sync Loader]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="HTC Sync Loader"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\HTC\\HTC Sync 3.0\\htcUPCTLoader.exe\" -startup"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\NBKeyScan]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="NBKeyScan"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Nero\\Nero8\\Nero BackItUp\\NBKeyScan.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Skype]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Skype"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Skype\\Phone\\Skype.exe\" /minimized /regrun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="swg"

"hkey"="HKCU"

"command"="\"C:\\Program Files (x86)\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe\""

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [08-02-2013 18:17]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-02-2013 16:41]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07-02-2013 16:41]

C:\Windows\tasks\ParetoLogic Registration3.job --a------ C:\Windows\system32\rundll32.exe [14-07-2009 02:14]

C:\Windows\tasks\ParetoLogic Update Version3.job --a------ C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [12-10-2009 06:01]

C:\Windows\tasks\PC Health Advisor Defrag.job --a------ C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [30-03-2011 00:17]

C:\Windows\tasks\PC Health Advisor.job --a------ C:\Program Files (x86)\ParetoLogic\PCHA\PCHA.exe [30-03-2011 00:17]

C:\Windows\tasks\RockMeltUpdateTaskUserS-1-5-21-1665370618-2561934394-2229486061-1000UA.job --a------ C:\Users\D.Roffel\AppData\Local\RockMelt\Update\RockMeltUpdate.exe [20-06-2012 16:15]

==== Firefox Extensions ======================

ProfilePath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

- Undetermined - C:\Program Files\Web Assistant\Firefox

- Undetermined - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension

- BittorrentBar_NL Community Toolbar - %ProfilePath%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

- DVDVideoSoftTB - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

- Searchqu Toolbar - %ProfilePath%\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}

- =Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

A74B2B17FCE088C437312F9E1F6E0324 - C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll - RockMelt Update

2134E14DFB56952F548487898AE63A89 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Deleting Files \ Folders ======================

"C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bccldkoinakjmmgebambiaggjobhikfg - C:\ProgramData\TheBflix\bccldkoinakjmmgebambiaggjobhikfg.crx[]

bmbgdmijgopggjaelphhajpjldacbnba - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibar.crx[]

bodddioamolcibagionmmobehnbhiakf - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\HENDRI~1\AppData\Local\Temp\ccex.crx[]

clbfjfbnelcflpgpklppgplejolacbej - C:\Program Files (x86)\BrowserCompanion\blabbers-ch.crx[]

dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx[21-10-2012 15:29]

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click11.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\D.Roffel\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

niapdbllcanepiiimjjndipklodoedlc - C:\Program Files (x86)\Yontoo\YontooLayers.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gaiilaahiahdejapggenmdmafpmbipje - C:\Program Files (x86)\DealPly\DealPly.crx[]

ndgonipadfipmlmdfofnjnhhlgojnjdn - C:\Users\D.Roffel\AppData\Local\CRE\ndgonipadfipmlmdfofnjnhhlgojnjdn.crx[]

undetermined

YouTube - D.Roffel - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Montiera Chrome Toolbar - D.Roffel - Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba

Browser Companion Helper - D.Roffel - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Google Search - D.Roffel - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - D.Roffel - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

DealPly - D.Roffel - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

BittorrentBar_NL - D.Roffel - Default\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn

Gmail - D.Roffel - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Moniek - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Moniek - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Moniek - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Montiera Chrome Toolbar - Moniek - Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba

Browser Companion Helper - Moniek - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Google Search - Moniek - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - Moniek - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

Web Assistant - Moniek - Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

DealPly - Moniek - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Gmail - Moniek - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.nu.nl/"

"Default_Page_URL"="http://homepage.packardbell.com/rdr.aspx?b=ACPW&l=0413&m=ixtreme_m3720&r=1v3601100006p0305vqm5y47919328"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.sweetim.com/?crg=3.1010000.10011&barid={B637CAD0-1B8B-11E2-919C-002511445D71}"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://home.sweetim.com/?crg=3.1010000.10011&barid={B637CAD0-1B8B-11E2-919C-002511445D71}"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.nu.nl/"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7SKPT_nlNL418"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D693FC58-58C7-4A8B-8743-6C511F332415} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00CBB66B-1D3B-46D3-9577-323A336ACB50} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{963B125B-8B21-49A2-A3A8-E37092276531} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9D717F81-9148-4f12-8568-69135F087DB0} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{872b5b88-9db5-4310-bdd0-ac189557e5f5} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bccldkoinakjmmgebambiaggjobhikfg deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bmbgdmijgopggjaelphhajpjldacbnba deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bodddioamolcibagionmmobehnbhiakf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\clbfjfbnelcflpgpklppgplejolacbej deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ndgonipadfipmlmdfofnjnhhlgojnjdn deleted successfully

==== HijackThis Entries ======================

F2 - REG:system.ini: UserInit=userinit.exe,

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Free YouTube Download - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\D.Roffel\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll

O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O16 - DPF: {1FEC8B6F-250A-4293-B12C-67A7EF0B758A} (sIKN Speler) - http://www.kerkomroep.nl/ocx/sIKNPlayer.cab

O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab

O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/MessengerGamesContent/GameContent/nl/uno1/GAME_UNO1.cab

O16 - DPF: {9BDF4724-10AA-43D5-BD15-AEA0D2287303} (MSN Games – Texas Holdem Poker) - http://zone.msn.com/bingame/zpagames/zpa_txhe.cab79352.cab

O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {EDFCB7CB-942C-4822-AF14-F0B687409848} (Image Uploader Control) - http://cache.hyves-static.net/statics/Aurigma/ImageUploader4.cab

O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab

O18 - Protocol: base64 - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: chrome - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: prox - {5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} - C:\Program Files (x86)\BrowserCompanion\tdataprotocol.dll (file missing)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: Norman eLogger Service (eLoggerSvc6) - Norman ASA - C:\Program Files\Norman\Npm\Bin\elogsvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Hash Server (NHS) - Unknown owner - C:\Program Files\Norman\Nvc\bin\nhs.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe

O23 - Service: Norman Network Filtering service (NNFSVC) - Norman ASA - C:\Program Files\Norman\Ngs\Bin\Nnf.exe

O23 - Service: Norman NJeeves - Unknown owner - C:\Program Files\Norman\Npm\Bin\Njeeves.exe

O23 - Service: Norman ZANDA - Norman ASA - C:\Program Files\Norman\Npm\Bin\Zanda.exe

O23 - Service: Norton Internet Security - Unknown owner - C:\Program Files (x86)\Norton Internet Security\Engine\16.0.0.125\ccSvcHst.exe (file missing)

O23 - Service: Norman Personal Firewall Service (NPFSvc32) - Norman ASA - C:\Program Files\Norman\npf\bin\npfsvc32.exe

O23 - Service: Norman Scanner Engine Service (nsesvc) - Norman ASA - C:\Program Files\Norman\Nse\Bin\NSESVC.EXE

O23 - Service: Norman Virus Control on-access component (nvcoas) - Norman ASA - C:\Program Files\Norman\Nvc\Bin\nvcoas.exe

O23 - Service: Norman Resource Provider (NVOY) - Norman ASA - C:\Program Files\Norman\npm\bin\nvoy.exe

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\Windows\SysWOW64\IoctlSvc.exe

O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Norman Scheduler Service (Scheduler) - Norman ASA - C:\Program Files\Norman\Npm\Bin\scheduler.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

O23 - Service: TomTomHOMEService - TomTom - C:\Program Files (x86)\TomTom HOME 2\TomTomHOMEService.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: UMVPFSrv - Logitech Inc. - C:\Program Files (x86)\Common Files\logishrd\LVMVFM\UMVPFSrv.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Hendri R\AppData\Local\Mozilla\Firefox\Profiles\8tbzooit.default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Mozilla\Firefox\Profiles\dutb8wo1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\D55BF~1.ROF\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Program Files (x86)\SweetIM\Messenger\msvcr71.dll" not found

"C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Program Files (x86)\SweetIM" not found

"C:\Program Files (x86)\Searchqu Toolbar" not found

[juisterr]

Momentje, er is al heel veel verwijderd.

- - - Updated - - -

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je dat doet.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  autoclean;
  chromelook; 
  emptyclsid;
  

  
  

• Vink nu de onderstaande opties aan.
  
  • 
    
    
  • Reset Chrome
    
  • Firefox Look
    
  • Firefox Defaults
    
    

  [*] Klik nu op de knop "Run script".

  [*] Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).

  [*] Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.

  [*] Post nu de inhoud van het geopende logje in het volgende bericht.

[Gast arv]

Zoek.exe Version 4.0.0.1 Updated 09-February-2013

Tool run by D.Roffel on za 09-02-2013 at 23:57:29,33.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{46735DEE-F862-49D1-876D-6382794DC625} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{46735DEE-F862-49D1-876D-6382794DC625} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{5ACE96C0-C70A-4A4D-AF14-2E7B869345E1} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2BAE58C2-79F9-45D1-A286-81F911301C3A} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2BAE58C2-79F9-45D1-A286-81F911301C3A} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46735DEE-F862-49D1-876D-6382794DC625} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{46735DEE-F862-49D1-876D-6382794DC625} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-1665370618-2561934394-2229486061-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{2BAE58C2-79F9-45D1-A286-81F911301C3A} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{87775fdb-6972-41f9-ae51-8326e38cb206} deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\prefs.js:

Added to C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

==== Deleting Files \ Folders ======================

"C:\Windows\system32\dmwu.exe" not found

"C:\Windows\system32\dmwu.exe" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

- Undetermined - C:\Program Files\Web Assistant\Firefox

- Undetermined - C:\Program Files (x86)\Searchqu Toolbar\Datamngr\FirefoxExtension

- BittorrentBar_NL Community Toolbar - %ProfilePath%\extensions\{2d8d9acc-f6d7-4362-8876-a275ca929591}

- DVDVideoSoftTB - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}

- =Free YouTube Download Free Studio Menu - %ProfilePath%\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}

- Online HD TV - %ProfilePath%\extensions\onlinehdtv@onlinehd.tv.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\D.Roffel\AppData\Roaming\Mozilla\Firefox\Profiles\vhoxv8vm.default

A74B2B17FCE088C437312F9E1F6E0324 - C:\Users\D.Roffel\AppData\Local\RockMelt\Update\1.2.189.1\npRockMeltOneClick8.dll - RockMelt Update

2134E14DFB56952F548487898AE63A89 - C:\Windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dkinklhnkmkhkhofcnapakaoehijaoih - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx[21-10-2012 15:29]

undetermined

YouTube - D.Roffel - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - D.Roffel - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - D.Roffel - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

Gmail - D.Roffel - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Moniek - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Moniek - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Moniek - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Montiera Chrome Toolbar - Moniek - Default\Extensions\bmbgdmijgopggjaelphhajpjldacbnba

Browser Companion Helper - Moniek - Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej

Google Search - Moniek - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Online HD TV - Moniek - Default\Extensions\dkinklhnkmkhkhofcnapakaoehijaoih

Web Assistant - Moniek - Default\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

DealPly - Moniek - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje

Gmail - Moniek - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="nu.nl | Het laatste nieuws het eerst op nu.nl"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="nu.nl | Het laatste nieuws het eerst op nu.nl"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{67A2568C-7A0A-4EED-AECC-B5405DE63B64}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing?}"

{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Google Url="{searchTerms} - Google Search"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

{D693FC58-58C7-4A8B-8743-6C511F332415} Yahoo//nl.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&type=827316&p={searchTerms}"

==== Reset Google Chrome ======================

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\base64 deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\chrome deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Classes\PROTOCOLS\Handler\prox deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Hendri R\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Moniek\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\UpdatusUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHU0YJVP will be deleted at reboot

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBNV07WC will be deleted at reboot

C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\Hendri R\AppData\Local\Mozilla\Firefox\Profiles\8tbzooit.default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Mozilla\Firefox\Profiles\dutb8wo1.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\D.Roffel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\users\Moniek\AppData\Local\Google\Chrome\User Data\Default\Extensions\clbfjfbnelcflpgpklppgplejolacbej\1.0.5_0\cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

After Reboot

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\D55BF~1.ROF\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\Moniek\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\FHU0YJVP" not found

"C:\Users\D.Roffel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PBNV07WC" not found

[juisterr]

Mooi zo, mag ik een nieuw HijackThis logje ter controle en vertel even hoe het nu gaat.