qvo6 heeft mij ook te pakken

[geertje]

hallo wie kan mij helpen please

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 9:56:05, on 17/07/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v9.00 (9.00.8112.16470)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\SysWOW64\jmdp\stij.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Delta Homes

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Homes

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Delta Homes

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Homes

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

R3 - URLSearchHook: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: IB Updater Helper - {336D0C35-8A85-403a-B9D2-65C292C39087} - C:\Program Files\IB Updater\Extension32.dll

O2 - BHO: NCH EN - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

O2 - BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O2 - BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\IPS\IPSBHO.DLL

O2 - BHO: Incredibar.com Helper Object - {6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\bh\incredibar.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Vuze Remote - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Vuze Remote Toolbar - {ba14329e-9550-4989-b3f2-9732e92d17cc} - C:\Program Files (x86)\Vuze_Remote\prxtbVuze.dll

O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files (x86)\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: NCH EN Toolbar - {37483b40-c254-4a72-bda4-22ee90182c1e} - C:\Program Files (x86)\NCH_EN\prxtbNCH_.dll

O3 - Toolbar: Incredibar Toolbar - {F9639E4A-801B-4843-AEE3-03D9DA199E77} - C:\Program Files (x86)\Incredibar.com\incredibar\1.5.11.14\incredibarTlbr.dll

O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coIEPlg.dll

O4 - HKLM\..\Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

O4 - HKLM\..\Run: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe

O4 - HKLM\..\Run: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKCU\..\Run: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

O4 - HKCU\..\Run: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

O4 - HKCU\..\Run: [KiesAirMessage] C:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-21-4064551767-2209222074-200328689-1004\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser')

O4 - HKUS\S-1-5-21-4064551767-2209222074-200328689-1004\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser')

O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O20 - AppInit_DLLs: c:\progra~2\contin~1\sprote~1.dll c:\progra~2\websea~1\sprote~1.dll

O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EPSON V5 Service4(04) (EPSON_EB_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE

O23 - Service: EPSON V3 Service4(04) (EPSON_PM_RPCV4_04) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: IB Updater - Unknown owner - C:\Program Files\IB Updater\ExtensionUpdaterService.exe

O23 - Service: IBUpdaterService - Unknown owner - C:\Windows\system32\dmwu.exe (file missing)

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

O23 - Service: @C:\Program Files (x86)\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)

O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: ScsiAccess - Unknown owner - C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe

O23 - Service: ServiceLayer - Nokia - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 13379 bytes

bedankt bij voorbaat

[juisterr]

Hallo en welkom,

Download zoek.exe naar het bureaublad.

• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
  (hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.
  

  emptyclsid;
  firefoxlook; 
  Chromelook; 
  autoclean; 
  iedefaults; 
  

  
  

• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht als bijlage.
  

[geertje]

Zoek.exe Version 4.0.0.4 Updated 17-July-2013

Tool run by geert on wo 17/07/2013 at 22:26:43,63.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{EB1FF8ED-B8C2-4B8B-BDEC-6CAB556D6448} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ib updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ib updater deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ibupdaterservice deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ibupdaterservice deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default

user.js not found

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines CT2801948 removed from prefs.js ----

---- Lines CT2801948 modified from prefs.js ----

---- Lines CT2504091 removed from prefs.js ----

---- Lines CT2504091 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines mystart removed from prefs.js ----

---- Lines mystart modified from prefs.js ----

---- Lines qvo6 removed from prefs.js ----

---- Lines qvo6 modified from prefs.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

user_pref("extensions.BabylonToolbar.prtkDS", 0);

user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

---- Lines babylon modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines asktb removed from prefs.js ----

---- Lines asktb modified from prefs.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines Search Results removed from prefs.js ----

---- Lines Search Results modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.searchguard.enable", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

---- Lines SweetIM modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131707_2231_.backup

ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default

---- Lines delta removed from prefs.js ----

user_pref("browser.newtab.url", "http://www.delta-search.com/?affID=119776&tt=110413_noprt&babsrc=NT_ss&mntrId=94CA00225FA93ECD");

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.bbDpng", "10");

user_pref("extensions.delta.cntry", "BE");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.hdrMd5", "BE21C048787F921F3A4E50CCC285F45F");

user_pref("extensions.delta.id", "94caf93b00000000000000225fa93ecd");

user_pref("extensions.delta.instlDay", "15808");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.lastVrsnTs", "1.8.16.169:20:44");

user_pref("extensions.delta.newTab", false);

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.sg", "azb");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.16.16");

user_pref("extensions.delta.vrsnTs", "1.8.16.169:20:44");

user_pref("extensions.delta.vrsni", "1.8.16.16");

---- Lines delta modified from prefs.js ----

user_pref("extensions.enabledAddons", "belgiumeid%40eid.belgium.be:1.0.18,%7BCAFEEFAC-0016-0000-0037-ABCDEFFEDCBA%7D:6.0.37,ffxtlbr%40delta.com:1.5.0,%7B9AA46F4F-4DC7-4c06-97AF-5035170634FE%7D:5.4,personas%40christopher.beard:1.7.2.1,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:20.0.1");

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{BBDA0591-3099-440a-AA10-41764D9DB4DB}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\N360_6.0.0.145\\\\IPSFFPlgn\",\"mtime\":1368167943607},\"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}\":{\"descriptor\":\"C:\\\\ProgramData\\\\Norton\\\\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\\\\N360_6.0.0.145\\\\coFFPlgn\",\"mtime\":1368082906173},\"{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}\":{\"descriptor\":\"C:\\\\Program Files\\\\IB Updater\\\\Firefox\",\"mtime\":1362752332994}}},{\"name\":\"app-global\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\belgiumeid@eid.belgium.be\",\"mtime\":1365761273572},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1365761276575},\"{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}\",\"mtime\":1365761273680},\"{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}\",\"mtime\":1365761273786},\"{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}\",\"mtime\":1365761273846}}},{\"name\":\"app-profile\",\"addons\":{\"belgiumeid@eid.belgium.be\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\belgiumeid@eid.belgium.be.xpi\",\"mtime\":1348766894653},\"en-US@dictionaries.addons.mozilla.org\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\en-US@dictionaries.addons.mozilla.org\",\"mtime\":1364067257703},\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1365837644727},\"GlassMyFox@ArisT2_Noia4dev\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\GlassMyFox@ArisT2_Noia4dev.xpi\",\"mtime\":1366220361066},\"jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack.xpi\",\"mtime\":1366445103801},\"personas@christopher.beard\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\personas@christopher.beard.xpi\",\"mtime\":1367135967788},\"TFToolbarX@torrent-finder\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\TFToolbarX@torrent-finder.xpi\",\"mtime\":1359547810206},\"toolbar@ask.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\toolbar@ask.com\",\"mtime\":1361468229180},\"torntv2@torntv.com\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\torntv2@torntv.com.xpi\",\"mtime\":1365837614151},\"{37483b40-c254-4a72-bda4-22ee90182c1e}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{37483b40-c254-4a72-bda4-22ee90182c1e}\",\"mtime\":1368083814718},\"{9AA46F4F-4DC7-4c06-97AF-5035170634FE}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi\",\"mtime\":1366797619080},\"{ba14329e-9550-4989-b3f2-9732e92d17cc}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{ba14329e-9550-4989-b3f2-9732e92d17cc}\",\"mtime\":1360510785832},\"{DDC359D1-844A-42a7-9AA1-88A850A938A8}\":{\"descriptor\":\"C:\\\\Users\\\\geert\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\8xs9xqdm.default\\\\extensions\\\\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi\",\"mtime\":1365096432401}}}]");

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "94caf93b00000000000000225fa93ecd");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15808");

user_pref("extensions.delta.vrsn", "1.8.16.16");

user_pref("extensions.delta.vrsni", "1.8.16.16");

user_pref("extensions.delta.vrsnTs", "1.8.16.169:20:44");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "en");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines incredibar removed from user.js ----

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.upn2", "6R8QbCmh5A");

user_pref("extensions.incredibar_i.upn2n", "92825682046951662");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.did", "10643");

user_pref("extensions.incredibar_i.ppd", "35");

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6R8QbCmh5A&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar_i.id", "94caf93b00000000000000225fa93ecd");

user_pref("extensions.incredibar_i.instlDay", "15708");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.148:55:19");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.excTlbr", false);

---- Lines CT2801948 removed from prefs.js ----

---- Lines CT2801948 modified from prefs.js ----

---- Lines CT2801948 removed from user.js ----

---- Lines CT2504091 removed from prefs.js ----

---- Lines CT2504091 modified from prefs.js ----

---- Lines CT2504091 removed from user.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from user.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from user.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines conduit removed from user.js ----

---- Lines mystart removed from prefs.js ----

---- Lines mystart modified from prefs.js ----

---- Lines mystart removed from user.js ----

---- Lines qvo6 removed from prefs.js ----

---- Lines qvo6 modified from prefs.js ----

---- Lines qvo6 removed from user.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines WebSearch removed from user.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines Torntv removed from user.js ----

---- Lines babylon removed from prefs.js ----

---- Lines babylon modified from prefs.js ----

---- Lines babylon removed from user.js ----

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=109217");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.id", "94caf93b00000000000000225fa93ecd");

user_pref("extensions.BabylonToolbar_i.hardId", "94caf93b00000000000000225fa93ecd");

user_pref("extensions.BabylonToolbar_i.instlDay", "15396");

user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1712:43:44");

user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar_i.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.tlbrId", "base");

user_pref("extensions.BabylonToolbar_i.instlRef", "sst");

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines ask.com removed from user.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines search.com removed from user.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines Web Search removed from user.js ----

---- Lines asktb removed from prefs.js ----

---- Lines asktb modified from prefs.js ----

---- Lines asktb removed from user.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines y2layers removed from user.js ----

user_pref("extentions.y2layers.installId", "60a16b51-bb7c-4cf2-9d6b-c1363a42fc9a");

user_pref("extentions.y2layers.defaultEnableAppsList", "Buzzdock,BuzzdockTease,DropDownDeals,BestVideoDownloader,TopRelatedTopics,BestVideoDownloader,");

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines yontoo removed from user.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines CommunityToolbar removed from user.js ----

---- Lines Search Results removed from prefs.js ----

---- Lines Search Results modified from prefs.js ----

---- Lines Search Results removed from user.js ----

---- Lines SweetIM removed from prefs.js ----

---- Lines SweetIM modified from prefs.js ----

---- Lines SweetIM removed from user.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- Lines smartbar removed from user.js ----

---- FireFox user.js and prefs.js backups ----

user_20131707_2231_.backup

prefs_20131707_2231_.backup

ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000

user.js not found

---- Lines delta removed from prefs.js ----

user_pref("browser.search.defaultenginename", "delta-homes");

user_pref("browser.search.order.1", "delta-homes");

user_pref("browser.search.selectedEngine", "delta-homes");

---- Lines delta modified from prefs.js ----

---- Lines incredibar removed from prefs.js ----

---- Lines incredibar modified from prefs.js ----

---- Lines CT2801948 removed from prefs.js ----

---- Lines CT2801948 modified from prefs.js ----

---- Lines CT2504091 removed from prefs.js ----

---- Lines CT2504091 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091 modified from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 removed from prefs.js ----

---- Lines C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948 modified from prefs.js ----

---- Lines conduit removed from prefs.js ----

---- Lines conduit modified from prefs.js ----

---- Lines mystart removed from prefs.js ----

---- Lines mystart modified from prefs.js ----

---- Lines qvo6 removed from prefs.js ----

user_pref("extensions.ui.lastCategory", "addons://search/qvo6");

---- Lines qvo6 modified from prefs.js ----

---- Lines WebSearch removed from prefs.js ----

---- Lines WebSearch modified from prefs.js ----

---- Lines Torntv removed from prefs.js ----

---- Lines Torntv modified from prefs.js ----

---- Lines babylon removed from prefs.js ----

user_pref("extensions.BabylonToolbar.prtkDS", 0);

user_pref("extensions.BabylonToolbar.prtkHmpg", 0);

---- Lines babylon modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines search.com removed from prefs.js ----

---- Lines search.com modified from prefs.js ----

---- Lines Web Search removed from prefs.js ----

---- Lines Web Search modified from prefs.js ----

---- Lines asktb removed from prefs.js ----

---- Lines asktb modified from prefs.js ----

---- Lines y2layers removed from prefs.js ----

---- Lines y2layers modified from prefs.js ----

---- Lines yontoo removed from prefs.js ----

---- Lines yontoo modified from prefs.js ----

---- Lines CommunityToolbar removed from prefs.js ----

---- Lines CommunityToolbar modified from prefs.js ----

---- Lines Search Results removed from prefs.js ----

---- Lines Search Results modified from prefs.js ----

---- Lines SweetIM removed from prefs.js ----

user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");

user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");

user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");

user_pref("sweetim.toolbar.previous.keyword.URL", "");

user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");

user_pref("sweetim.toolbar.searchguard.enable", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");

user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");

---- Lines SweetIM modified from prefs.js ----

---- Lines smartbar removed from prefs.js ----

---- Lines smartbar modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_20131707_2231_.backup

==== Deleting Files \ Folders ======================

"C:\user.js" deleted

"C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\delta.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\WebSearch.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\torntv2@torntv.com.xpi" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\babylon.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\searchplugins\MyStart Search.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\delta-homes.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Windows\SysNative\roboot64.exe" deleted

"C:\windows\SysNative\dmwu.exe" deleted

"C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted

"C:\windows\SysNative\Tasks\GoforFilesUpdate" deleted

"C:\user.js" deleted

"C:\END" deleted

"C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\babylon.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\MyStart Search.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\searchplugins\WebSearch.xml" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\searchplugins\MyStart Search.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\qvo6.xml" deleted

"C:\Windows\Syswow64\jmdp\lmrn.dll" deleted

"C:\Windows\Syswow64\jmdp\msvcp100.dll" deleted

"C:\Windows\Syswow64\jmdp\msvcr100.dll" deleted

"C:\Windows\Syswow64\jmdp\sqlite3.dll" deleted

"C:\Windows\Syswow64\jmdp\stij.exe" deleted

"C:\Program Files (x86)\TornTV.com" deleted

"C:\Program Files (x86)\NCH_EN" deleted

"C:\Program Files\Babylon" deleted

"C:\Program Files (x86)\Vuze_Remote" deleted

"C:\Program Files (x86)\GoforFiles" deleted

"C:\Program Files (x86)\1ClickDownload" deleted

"C:\Program Files (x86)\WebSearch" deleted

"C:\Program Files (x86)\Incredibar.com" deleted

"C:\Program Files (x86)\Desk 365" deleted

"C:\Program Files (x86)\MyPC Backup" deleted

"C:\Program Files\IB Updater" deleted

"C:\Program Files (x86)\ContinueToSave" deleted

"C:\Program Files (x86)\Wondershare" deleted

"C:\Program Files (x86)\Ask.com" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Program Files (x86)\Common Files\Wondershare" deleted

"C:\Users\geert\AppData\Roaming\GoforFiles" deleted

"C:\Users\geert\AppData\Roaming\eIntaller" deleted

"C:\Users\geert\AppData\Roaming\WebCake" deleted

"C:\Users\geert\AppData\Roaming\Babylon" deleted

"C:\Users\geert\AppData\Roaming\Systweak" deleted

"C:\ProgramData\eSafe" deleted

"C:\ProgramData\InstallMate" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com" deleted

"C:\Users\geert\AppData\Local\CRE" deleted

"C:\Users\geert\AppData\Local\Wondershare" deleted

"C:\Users\geert\AppData\Local\AskToolbar" deleted

"C:\Users\geert\AppData\Local\Conduit" deleted

"C:\Users\geert\AppData\LocalLow\Vuze_Remote" deleted

"C:\Users\geert\AppData\LocalLow\AskToolbar" deleted

"C:\Users\geert\AppData\LocalLow\BabylonToolbar" deleted

"C:\Users\geert\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\geert\AppData\LocalLow\PriceGong" deleted

"C:\Users\geert\AppData\LocalLow\Conduit" deleted

"C:\Users\geert\AppData\LocalLow\NCH_EN" deleted

"C:\Windows\Syswow64\jmdp" deleted

"C:\Windows\Syswow64\ARFC" deleted

"C:\Windows\Syswow64\WNLT" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\jetpack" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948" deleted

"C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\ffxtlbr@delta.com" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2801948" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\CT2504091" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\conduitCommon" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\toolbar@ask.com" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\smartbar" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\ffxtlbr@delta.com" deleted

==== Firefox Extensions ======================

ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default

- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

- United States English Spellchecker - %ProfilePath%\extensions\en-US@dictionaries.addons.mozilla.org

- ciointinuetosave - %ProfilePath%\extensions\lqps7qgtw@rcof-.org

- NCH EN - %ProfilePath%\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}

- Vuze Remote Community Toolbar - %ProfilePath%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}

- Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi

- GlassMyFox - %ProfilePath%\extensions\GlassMyFox@ArisT2_Noia4dev.xpi

- The Pirate Bay Forwarder - %ProfilePath%\extensions\jid0-9ca179gosnzttK9BXz00xyqBxkg@jetpack.xpi

- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi

- Torrent Finder Toolbar - %ProfilePath%\extensions\TFToolbarX@torrent-finder.xpi

- ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

- DownThemAll - %ProfilePath%\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi

ProfilePath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000

- Personas Plus - %ProfilePath%\extensions\personas@christopher.beard.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17

025F127536724D29F5426F624BFB224D - C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

Profilepath: C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000

3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash

D7324EB1EDCB8990F8522DE0311359E9 - C:\Windows\SysWOW64\npdeployJava1.dll - Java Deployment Toolkit 7.0.250.17

025F127536724D29F5426F624BFB224D - C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleting Files \ Folders ======================

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\{37483b40-c254-4a72-bda4-22ee90182c1e}" deleted

"C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\IB Updater\source.crx[]

gclijllifhfpomppedeljakfegbcpojn - C:\Users\geert\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\Exts\Chrome.crx[31/05/2013 03:49]

nbmafkdmkkckhggblphicnnhlgljnoje - C:\Program Files (x86)\TornTV.com\torn2_10.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

gclijllifhfpomppedeljakfegbcpojn - C:\Users\geert\AppData\Local\CRE\gclijllifhfpomppedeljakfegbcpojn.crx[]

Delta Toolbar - geert - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

WebCake - geert - Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh

NCH EN - geert - Default\Extensions\gclijllifhfpomppedeljakfegbcpojn

Norton Identity Protection - geert - Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Torntv 2 - geert - Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje

==== Chrome Fix ======================

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_dlnembnfbcpjnepmfjmngjenhhajpdfd_0.localstorage deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gclijllifhfpomppedeljakfegbcpojn_0.localstorage deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gclijllifhfpomppedeljakfegbcpojn_0 deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_fjoijdanhaiflhibkljeklcghcmmfffh_0.localstorage deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_eooncjejnppfjjklapaamhcdmjbilmde_0.localstorage deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

"Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

"Search Page"="http://www.google.com"

"Search Bar"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

"Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

"Start Page"="http://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

@="http://www.google.com/search?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"SearchAssistant"="http://www.google.com/ie"

"Default_Search_URL"="http://www.google.com/ie"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{33BB0A4E-99AF-4226-BDF6-49120163DE86}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{0A359229-A432-4443-BC32-24FBC64F4D90} Google Url="http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8"

{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} Unknown Url="Not_Found"

{2D78CADC-7256-41E8-8499-011D0E6741C2} AOL Zoeken Url="http://slirsredirect.search.aol.com/slirs_http/sredir?sredir=1547&query={searchTerms}&invocationType=tb50hpcndtie7-nl-be"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{773824FE-657B-456E-85BA-19514CBDEEC2} Yahoo//nl.search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=cb-hp06&type=ie2008"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6E13DDE1-2B6E-46CE-8B66-DC8BF36F6B99} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_USERS\S-1-5-21-4064551767-2209222074-200328689-1001\Software\Microsoft\Internet Explorer\URLSearchHooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{37483b40-c254-4a72-bda4-22ee90182c1e} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{F9639E4A-801B-4843-AEE3-03D9DA199E77} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\fanny\Desktop\FaceOnBody Pro.lnk - C:\Program Files (x86)\FaceOnBody Pro\FaceOnBody.exe

C:\Users\fanny\Desktop\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe

C:\Users\fanny\Desktop\Tony Hawks Pro Skater 3.lnk - C:\Program Files (x86)\Activision\Thps3\Skate3.exe

C:\Users\fanny\Desktop\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Users\fanny\Desktop\ZeallSoft Products.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\Web\ourproducts.htm

C:\Users\geert\Desktop\Blokker Fotoservice.lnk - C:\Program Files (x86)\Blokker Fotoservice\Loader.exe

C:\Users\geert\Desktop\Burn4Free.lnk - C:\Program Files (x86)\Burn4Free\Burn4Free.exe

C:\Users\geert\Desktop\FaceOnBody Pro.lnk - C:\Program Files (x86)\FaceOnBody Pro\FaceOnBody.exe

C:\Users\geert\Desktop\GIMP 2.lnk - C:\Program Files\GIMP 2\bin\gimp-2.8.exe

C:\Users\geert\Desktop\HiJackThis.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

C:\Users\geert\Desktop\Photo DVD Maker Professional.lnk - C:\Program Files (x86)\AnvSoft\Photo DVD Maker Professional\DVDPhotoMaker.exe

C:\Users\geert\Desktop\Photo DVD Slideshow Professional.lnk - C:\Program Files (x86)\Photo DVD Slideshow Professional\DVDPhotoMaker.exe

C:\Users\geert\Desktop\PlayMemories Home.lnk - C:\Program Files (x86)\Sony\PlayMemories Home\PMBBrowser.exe

C:\Users\geert\Desktop\Spotify.lnk - C:\Users\geert\AppData\Roaming\Spotify\spotify.exe

C:\Users\geert\Desktop\WBFS Manager 3.0.lnk - C:\Program Files\WBFS\WBFS Manager 3.0\WBFSManager.exe

C:\Users\geert\Desktop\Windows Live Mail.lnk - C:\Program Files (x86)\Windows Live\Mail\wlmail.exe

C:\Users\geert\Desktop\Wondershare DVD Slideshow Builder Deluxe.lnk - C:\Program Files (x86)\Wondershare\DVD Slideshow Builder\DSB.exe

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\Adobe Photoshop Elements 6.0.lnk - C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\Photoshop Elements 6.0.exe

C:\Users\Public\Desktop\Adobe Reader XI.lnk - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe

C:\Users\Public\Desktop\Belgium EidViewer.lnk - C:\Program Files (x86)\Belgium Identity Card\EidViewer\eid-viewer.exe

C:\Users\Public\Desktop\Blokker.lnk - C:\Program Files (x86)\Blokker\Blokker.exe

C:\Users\Public\Desktop\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe

C:\Users\Public\Desktop\Doxillion Document Converter.lnk - C:\Program Files (x86)\NCH Software\Doxillion\doxillion.exe

C:\Users\Public\Desktop\Epson Easy Photo Print.lnk - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPQuicker.exe

C:\Users\Public\Desktop\EPSON Scan.lnk - C:\Windows\twain_32\escndv\escndv.exe

C:\Users\Public\Desktop\Fotoshow.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Fotoshow.exe

C:\Users\Public\Desktop\Go for Files.lnk - C:\Program Files (x86)\GoforFiles\GoforFiles.exe

C:\Users\Public\Desktop\GoforFiles.lnk - C:\Program Files (x86)\GoforFiles\GoforFiles.exe

C:\Users\Public\Desktop\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com

C:\Users\Public\Desktop\ImageShack Uploader.lnk - C:\Windows\Installer\{8BCD7AE7-F713-4D50-BAB9-7839B9386870}\ImageShackUploader.exe

C:\Users\Public\Desktop\Kruidvat fotoservice.lnk - C:\Program Files (x86)\Fotoservice\Kruidvat fotoservice\Kruidvat fotoservice.exe

C:\Users\Public\Desktop\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com

C:\Users\Public\Desktop\Nero StartSmart 10.lnk - C:\Windows\Installer\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}\ScStartSmartDeskto_3AF47A4E14DF4546B1449D27245505A0.exe

C:\Users\Public\Desktop\Nokia Suite.lnk - C:\Program Files (x86)\Nokia\Nokia Suite\NokiaSuite.exe

C:\Users\Public\Desktop\Norton 360.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe

C:\Users\Public\Desktop\OpenOffice.org 3.4.lnk - C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe

C:\Users\Public\Desktop\Photoupz.lnk - C:\Program Files (x86)\Photoupz\PhotoUpz.exe

C:\Users\Public\Desktop\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

C:\Users\Public\Desktop\Print Artist Platinum 24.lnk - C:\Windows\Installer\{7568CBAC-FC7F-4EE9-8CAC-B4274FC93B4E}\NewShortcut4_65415E4819CB4F309BC9AE8A2E4D21FC.exe

C:\Users\Public\Desktop\PrintMaster 2012 Platinum.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\PrintMaster.exe

C:\Users\Public\Desktop\ProShow Producer.lnk - C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe

C:\Users\Public\Desktop\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\Users\Public\Desktop\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\Users\Public\Desktop\SketchUp 8.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe

C:\Users\Public\Desktop\Skype.lnk - C:\Windows\Installer\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}\SkypeIcon.exe

C:\Users\Public\Desktop\Smilebox Trial.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\Smilebox Trial\PC\Autorun\autorun.exe

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\Users\Public\Desktop\WBFS to ISO.lnk - C:\Program Files (x86)\WBFS to ISO\wbfstoiso.exe

C:\Users\Public\Desktop\WebcamMax.lnk - C:\Program Files (x86)\WebcamMax\WebcamMax.exe

C:\Users\Public\Desktop\WinRAR.lnk - C:\Program Files (x86)\WinRAR\WinRAR.exe

C:\Users\Public\Desktop\ZipGenius 6.lnk - C:\Program Files (x86)\ZipGenius 6\zipgenius.exe

==== shortcuts in Users Start Menu ======================

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis\HiJackThis.lnk - C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk - C:\Windows\Installer\{AC76BA86-7AD7-1043-7B44-AB0000000001}\SC_Reader.ico

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\CCleaner.lnk - C:\Program Files (x86)\CCleaner\CCleaner64.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner\Uninstall CCleaner.lnk - C:\Program Files (x86)\CCleaner\uninst.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\GOM Wizard.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GomWiz.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player\Uninstall.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\Uninstall.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\LiveUpdate.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe /lu

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\NBRT.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Norton 360.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine64\20.4.0.40\uistub.exe

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Support.lnk - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\symerr.exe /support

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 Premier Edition\Uninstall Norton 360.lnk - C:\Program Files (x86)\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\2454B0AB\20.4.0.40\inststub.exe /X /shortcut

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Documentation.lnk - C:\Program Files (x86)\VideoLAN\VLC\Documentation.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Release Notes.lnk - C:\Program Files (x86)\VideoLAN\VLC\NEWS.txt

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\Reset VLC media player preferences and cache files.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe --reset-config --reset-plugins-cache vlc://quit

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VideoLAN Website.lnk - C:\Program Files (x86)\VideoLAN\VLC\VideoLAN Website.url

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player skinned.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe -Iskins

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN\VLC media player.lnk - C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==== shortcuts in Quick Launch ======================

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\HP MediaSmart.lnk - C:\Program Files (x86)\Hewlett-Packard\HP MediaSmart\SmartMenu.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\fanny\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Fun Morph.lnk - C:\Program Files (x86)\Zeallsoft\Fun Morph\FunMorph.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\IZArc.lnk - C:\Program Files (x86)\IZArc\IZArc.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ManyCam.lnk - C:\Program Files (x86)\ManyCam\Bin\ManyCam.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Picasa 3.lnk - C:\Program Files (x86)\Google\Picasa3\Picasa3.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\PrintMaster 2012 Platinum.lnk - C:\Program Files (x86)\PrintMaster 2012 Platinum\PrintMaster.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ProShow Producer.lnk - C:\Program Files (x86)\Photodex\ProShow Producer\proshow.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies (Lite).lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe /lite

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Samsung Kies.lnk - C:\Program Files (x86)\Samsung\Kies\KiesAgent.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Vuze.lnk - C:\Program Files (x86)\Vuze\Azureus.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\ZipGenius 6.lnk - C:\Program Files (x86)\ZipGenius 6\zipgenius.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Notepad.lnk - C:\Windows\system32\notepad.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\SketchUp.lnk - C:\Program Files (x86)\Google\Google SketchUp 8\SketchUp.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe Qvo6.com

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\Windows\explorer.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files (x86)\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\GOM Player.lnk - C:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\UpdatusUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\geert\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe -extoff

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files (x86)\Internet Explorer\iexplore.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk - C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\geert\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk - C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\gclijllifhfpomppedeljakfegbcpojn deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

C:\Users\fanny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fanny\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\fanny\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fanny\AppData\Local\Temp\Low\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\fanny\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\users\fanny\AppData\Local\Mozilla\Firefox\Profiles\7nngint1.default\Cache emptied successfully

C:\users\geert\AppData\Local\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\Cache emptied successfully

C:\users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\personas\cache emptied successfully

==== Empty Chrome Cache ======================

C:\users\geert\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\geert\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\windows\SysNative\dmwu.exesearch" deleted

"C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

"C:\Users\geert\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found

==== EOF on wo 17/07/2013 at 22:40:45,15 ======================

[juisterr]

Hallo, goed gedaan, dat ruimt lekker op zo te zien.

Download AdwCleaner by Xplode naar het bureaublad.

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner om hem te starten.
  
• Klik vervolgens op Verwijderen.
  
• Klik bij AdwCleaner – Informatie op OK
  
• Klik bij AdwCleaner – Herstarten Noodzakelijk op OK
  

Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal.

Nadat de PC opnieuw is opgestart, opent een logfile.

Post aansluitend de inhoud van dit log in je volgende bericht als bijlage.

Download DDS van sUBS van één van deze locaties en plaats het op je bureaublad:

DDS - Bleeping Computer download.

DDS - Bleeping Computer download.

DDS - Infospyware.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met DDS(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

• Dubbelklik op DDS om de tool te starten.
  Let op! Windows Vista & 7 gebruikers dienen DDS als administrator uit te voeren "Rechtermuisknop uitvoeren als"
  
• Vink in het volgende scherm DDS.txt en Attacht.txt aan en klik op "Start Scan"
  
• Laat de tool ongehinderd zijn werk doen, als de scan gereed is klikt u op "OK"
  
• Post de inhoud van het geopende DDS.txt in het volgende bericht.
  (Plaats het attach logje alleen indien hierom wordt gevraagd!)
  

18 juli 2013 aangepast door juisterr

[geertje]

PC Helpforum moderator bericht:

@ geertje - je mag alle bijlagen en logjes steeds in dit topic posten, zo hoeven we ze niet naar deze locatie te verplaatsen en blijft alles overzichtelijk en bij elkaar

# AdwCleaner v2.305 - Verslag gemaakt op 18/07/2013 om 11:45:37

# Geactualiseerd op 11/07/2013 door Xplode

# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)

# Gebruiker : geert - GEERT-PC

# Opstarten Modus : Normale modus

# Gelanceerd vanaf : C:\Users\geert\Downloads\adwcleaner.exe

# Optie [Verwijderen]

***** [Diensten] *****

***** [Files / Mappen] *****

File Désinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

Map Verwijderd : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare

Map Verwijderd : C:\ProgramData\Wondershare

Map Verwijderd : C:\Users\fanny\AppData\Local\AskToolbar

Map Verwijderd : C:\Users\fanny\AppData\LocalLow\AskToolbar

Map Verwijderd : C:\Users\fanny\AppData\LocalLow\BabylonToolbar

Map Verwijderd : C:\Users\fanny\AppData\LocalLow\Conduit

Map Verwijderd : C:\Users\fanny\AppData\LocalLow\PriceGong

Map Verwijderd : C:\Users\fanny\AppData\LocalLow\Vuze_Remote

***** [Register] *****

Data Verwijderd : HKLM\...\StartMenuInternet\FIREFOX.EXE [(Default)] = C:\Program Files (x86)\Mozilla Firefox\firefox.exe hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746

Data Verwijderd : HKLM\...\StartMenuInternet\IEXPLORE.EXE [(Default)] = C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=ild&from=ild&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1371285854

Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll

Data Verwijderd : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\websea~1\sprote~1.dll

Sleutel Verwijderd : HKCU\Software\1ClickDownload

Sleutel Verwijderd : HKCU\Software\APN

Sleutel Verwijderd : HKCU\Software\APN PIP

Sleutel Verwijderd : HKCU\Software\AppDataLow\AskToolbarInfo

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\AskToolbar

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Conduit

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\NCH_EN

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\PriceGong

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\SmartBar

Sleutel Verwijderd : HKCU\Software\AppDataLow\Software\Vuze_Remote

Sleutel Verwijderd : HKCU\Software\AppDataLow\SProtector

Sleutel Verwijderd : HKCU\Software\AppDataLow\Toolbar

Sleutel Verwijderd : HKCU\Software\Ask.com

Sleutel Verwijderd : HKCU\Software\AskToolbar

Sleutel Verwijderd : HKCU\Software\BabylonToolbar

Sleutel Verwijderd : HKCU\Software\Conduit

Sleutel Verwijderd : HKCU\Software\delta LTD

Sleutel Verwijderd : HKCU\Software\IM

Sleutel Verwijderd : HKCU\Software\ImInstaller

Sleutel Verwijderd : HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}

Sleutel Verwijderd : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Sleutel Verwijderd : HKCU\Software\Softonic

Sleutel Verwijderd : HKCU\Software\WNLT

Sleutel Verwijderd : HKLM\Software\APN

Sleutel Verwijderd : HKLM\Software\AskToolbar

Sleutel Verwijderd : HKLM\Software\Babylon

Sleutel Verwijderd : HKLM\Software\BabylonToolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\Extension.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\AppID\secman.DLL

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\esrv.IncredibarESrvc.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Extension.ExtensionHelperObject.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\I

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.dskBnd

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.dskBnd.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Incredibar.IncredibarHlpr.1

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IncredibarApp.appCore

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\IncredibarApp.appCore.1

Sleutel Verwijderd : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Sleutel Verwijderd : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Prod.cap

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2504091

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Toolbar.CT2801948

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{11549FE4-7C5A-4C17-9FC3-56FC5162A994}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{48C9C8B0-A546-46C1-A81F-47A31E623E9D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\TypeLib\{CFE8AAFD-A0F3-4329-84E9-6B679EC93EC2}

Sleutel Verwijderd : HKLM\Software\Conduit

Sleutel Verwijderd : HKLM\Software\delta-homesSoftware

Sleutel Verwijderd : HKLM\Software\Desksvc

Sleutel Verwijderd : HKLM\Software\eSafeSecControl

Sleutel Verwijderd : HKLM\Software\IB Updater

Sleutel Verwijderd : HKLM\Software\Iminent

Sleutel Verwijderd : HKLM\Software\incredibar.com

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\BabylonTC_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\incredibar_installer_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{125B7A09-B405-46FB-95FB-96CF6B72992D}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}

Sleutel Verwijderd : HKLM\Software\NCH_EN

Sleutel Verwijderd : HKLM\Software\PIP

Sleutel Verwijderd : HKLM\Software\qvo6Software

Sleutel Verwijderd : HKLM\Software\SP Global

Sleutel Verwijderd : HKLM\Software\SProtector

Sleutel Verwijderd : HKLM\Software\systweak

Sleutel Verwijderd : HKLM\Software\Vuze_Remote

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{125B7A09-B405-46FB-95FB-96CF6B72992D}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C01315C7-B4E2-4864-B43D-5FAFC414D179}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{C1545464-C77C-4130-A572-1C619E2895FE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{ED0E67AD-926C-4008-87E5-03CF72AA2A7E}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{EF7FEC6D-451B-4452-9D26-7E10C6B5DB6E}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4327837B-8B64-4511-AF16-E659A6F87B6F}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74AC6363-7252-428E-9032-BEFAC37E5CAC}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{74C36554-31F0-49DD-8857-ED6A64DF45BE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8A92BDDF-5CC9-4EAD-8206-6BD1010313E0}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CD5B9150-6313-452F-9701-892A9883C463}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\incredibar

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\NCH_EN Toolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\WNLT

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BCFF5F55-6F44-11D2-86F8-00104B265ED5}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Sleutel Verwijderd : HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}

Sleutel Verwijderd : HKLM\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\ApnUpdater

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

Sleutel Verwijderd : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar

Sleutel Verwijderd : HKLM\SOFTWARE\Tarma Installer

Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{336D0C35-8A85-403a-B9D2-65C292C39087}]

Waarde Verwijderd : HKLM\SOFTWARE\Mozilla\Firefox\extensions [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}]

***** [browsers] *****

-\\ Internet Explorer v9.0.8112.16470

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Default_Page_URL] = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746 --> hxxp://www.google.com

Vervangen : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10EADS-65M2B0_WD-WCAV5319907299072&ts=1373019746 --> hxxp://www.google.com

-\\ Mozilla Firefox v22.0 (nl)

File : C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\prefs.js

C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\8xs9xqdm.default\user.js ... Verwijderd !

[OK] De file bevat geen enkele ongeoorloofde invoer.

File : C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\prefs.js

Verwijderd : user_pref("aol_toolbar.default.homepage.check", false);

Verwijderd : user_pref("aol_toolbar.default.search.check", false);

File : C:\Users\fanny\AppData\Roaming\Mozilla\Firefox\Profiles\7nngint1.default\prefs.js

Verwijderd : user_pref("aol_toolbar.default.homepage.check", false);

Verwijderd : user_pref("aol_toolbar.default.search.check", false);

Verwijderd : user_pref("browser.search.defaultenginename", "AVG Secure Search");

Verwijderd : user_pref("browser.search.selectedEngine", "AVG Secure Search");

Verwijderd : user_pref("browser.startup.homepage", "hxxps://isearch.avg.com/?cid={B6837E05-BD6F-427E-9D02-8B43C76[...]

Verwijderd : user_pref("keyword.URL", "hxxps://isearch.avg.com/search?cid={B6837E05-BD6F-427E-9D02-8B43C7610D53}&[...]

-\\ Google Chrome v28.0.1500.72

File : C:\Users\geert\AppData\Local\Google\Chrome\User Data\Default\Preferences

Verwijderd [l.429] : homepage = "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&from=newgdp&uid=WDCXWD10[...]

Verwijderd [l.625] : urls_to_restore_on_startup = [ "hxxp://www.delta-homes.com/?utm_source=b&utm_medium=newgdp&[...]

*************************

AdwCleaner[s1].txt - [19869 octets] - [18/07/2013 11:45:37]

########## EOF - C:\AdwCleaner[s1].txt - [19930 octets] ##########

18 juli 2013 aangepast door kape
berichten samengevoegd

[geertje]

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 9.0.8112.16470 BrowserJavaVersion: 10.25.2

Run by geert at 11:51:12 on 2013-07-18

Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.8183.6034 [GMT 2:00]

.

AV: Norton 360 Premier Edition *Disabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Norton 360 Premier Edition *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}

FW: Norton 360 Premier Edition *Disabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

.

============== Running Processes ===============

.

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\nvvsvc.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup

C:\Windows\system32\svchost.exe -k NetworkService

C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

C:\Windows\system32\nvvsvc.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Windows\system32\taskeng.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\ModLEDKey.exe

C:\Windows\Explorer.EXE

C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE

C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE

C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe

C:\Program Files (x86)\Samsung\Kies\Kies.exe

C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

C:\Program Files (x86)\Photodex\ProShow Producer\ScsiAccess.exe

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe

C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe

C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\hp\HP Software Update\hpwuschd2.exe

C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Windows\servicing\TrustedInstaller.exe

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Windows\System32\WUDFHost.exe

c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe

c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe

C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\CNYHKEY.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccSvcHst.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

C:\Program Files (x86)\Nero\Update\NASvc.exe

C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe

C:\Windows\system32\sppsvc.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\wbem\wmiprvse.exe

C:\Windows\system32\wuauclt.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Windows\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.google.com

mWinlogon: Userinit = userinit.exe

BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: Norton Identity Protection: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll

BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ips\ipsbho.dll

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

BHO: Aanmeldhulp voor Windows Live ID: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll

TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\coieplg.dll

uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

uRun: [KiesPreload] C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

mRun: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe

mRun: [LaunchHPOSIAPP] C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\LaunchApp.exe

mRun: [updatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"

mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe

mRun: [KiesTrayAgent] C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoActiveDesktop = dword:1

mPolicies-Explorer: NoActiveDesktopChanges = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: ConsentPromptBehaviorUser = dword:3

mPolicies-System: EnableLUA = dword:0

mPolicies-System: EnableUIADesktopToggle = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr/200

TCP: NameServer = 195.130.130.133 195.130.131.133

TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7} : DHCPNameServer = 195.130.130.133 195.130.131.133

TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7}\2756075616475627 : DHCPNameServer = 0.0.0.0

TCP: Interfaces\{4B5F4F90-9869-4FFE-9B36-B762551251A7}\4554C454E4544584F4D4543505F445 : DHCPNameServer = 195.130.130.141 195.130.131.141

TCP: Interfaces\{4D86E6A5-09D6-474E-BCE6-885328373A30} : DHCPNameServer = 195.130.130.133 195.130.131.133

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll

SSODL: WebCheck - <orphaned>

mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"

mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome

x64-mStart Page = hxxp://www.google.com

x64-mDefault_Page_URL = hxxp://www.google.com

x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

x64-BHO: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

x64-TB: Easy Photo Print: {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files (x86)\Epson Software\Easy Photo Print\EPTBL.dll

x64-Run: [iAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe

x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\Windows\System32\ieudinit.exe

.

================= FIREFOX ===================

.

FF - ProfilePath - C:\Users\geert\AppData\Roaming\Mozilla\Firefox\Profiles\964e3bw2.default-1368211506000\

FF - prefs.js: browser.search.defaulturl -

FF - prefs.js: browser.startup.homepage - hxxps://www.google.be/

FF - plugin: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll

FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll

FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll

FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll

FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll

FF - plugin: C:\Program Files (x86)\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll

FF - plugin: C:\Program Files (x86)\Photodex Presenter\npPxPlay.dll

FF - plugin: C:\Program Files (x86)\Sony\ReaderDesktop\npreaderdetectmoz.dll

FF - plugin: C:\Users\geert\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll

FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll

FF - plugin: C:\Windows\SysWOW64\npdeployJava1.dll

FF - plugin: C:\Windows\SysWOW64\npmproxy.dll

FF - ExtSQL: 2013-07-17 06:15; {BBDA0591-3099-440a-AA10-41764D9DB4DB}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\IPSFFPlgn

FF - ExtSQL: 2013-07-17 22:40; {2D3F3651-74B9-4795-BDEC-6DA2F431CB62}; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\coFFPlgn

.

============= SERVICES / DRIVERS ===============

.

R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-7-21 52856]

R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys [2013-6-18 493656]

R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys [2013-6-18 1139800]

R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\BASHDefs\20130715.001\BHDrvx64.sys [2013-7-17 1393240]

R1 ccSet_N360;Norton 360 Settings Manager;C:\Windows\System32\drivers\N360x64\1404000.028\ccsetx64.sys [2013-6-18 169048]

R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_20.3.1.22\Definitions\IPSDefs\20130717.001\IDSviA64.sys [2013-7-18 513184]

R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\1404000.028\ironx64.sys [2013-6-18 224416]

R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys [2013-6-18 433752]

R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2012-11-14 166400]

R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2012-11-14 128512]

R2 N360;Norton 360;C:\Program Files (x86)\Norton 360 Premier Edition\Engine\20.4.0.40\ccsvchst.exe [2013-6-18 144368]

R2 NAUpdate;Nero Update;C:\Program Files (x86)\Nero\Update\NASvc.exe [2010-3-25 490280]

R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-2-15 474168]

R2 WCMVCAM;WebcamMax, WDM Video Capture;C:\Windows\System32\drivers\wcmvcam64.sys [2012-4-15 1071032]

R3 AVER_H193;AVerMedia H193 Video Capture;C:\Windows\System32\drivers\AVer888RC_64.sys [2009-11-13 543616]

R3 CXCIR;AVerMedia Consumer Infrared Receiver;C:\Windows\System32\drivers\AVer888RCIR_64.sys [2009-11-13 39936]

R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2012-8-10 138912]

R3 ManyCam;ManyCam Virtual Webcam;C:\Windows\System32\drivers\mcvidrv_x64.sys [2012-10-11 44928]

R3 mcaudrv_simple;ManyCam Virtual Microphone;C:\Windows\System32\drivers\mcaudrv_x64.sys [2013-1-31 28160]

R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2013-2-25 2426672]

R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2009-11-3 233472]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-6-3 162408]

S3 cxbu0x64;OMNIKEY 1021;C:\Windows\System32\drivers\cxbu0x64.sys [2011-9-6 177920]

S3 nmwcdnsucx64;Nokia USB Flashing Generic;C:\Windows\System32\drivers\nmwcdnsucx64.sys [2012-1-9 12800]

S3 nmwcdnsux64;Nokia USB Flashing Phone Parent;C:\Windows\System32\drivers\nmwcdnsux64.sys [2012-1-9 171008]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-4-4 19456]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-4-4 57856]

S3 WatAdminSvc;Windows Activation Technologies-service;C:\Windows\System32\Wat\WatAdminSvc.exe [2012-1-2 1255736]

.

=============== File Associations ===============

.

ShellExec: switch.exe: open="C:\Program Files (x86)\NCH Software\Switch\switch" "%L"

.

=============== Created Last 30 ================

.

2013-07-18 05:39:18 -------- d-----w- C:\Users\geert\AppData\Local\{88A827EF-4F5E-4F40-AFC7-84587CD9EC8F}

2013-07-17 20:40:47 -------- d-sh--w- C:\$RECYCLE.BIN

2013-07-17 20:38:34 24064 ----a-w- C:\Windows\zoek-delete.exe

2013-07-17 20:38:34 -------- d-----w- C:\Users\geert\AppData\Local\Temp

2013-07-17 07:54:54 388096 ----a-r- C:\Users\geert\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe

2013-07-17 07:54:54 -------- d-----w- C:\Program Files (x86)\Trend Micro

2013-06-29 09:14:41 96168 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll

.

==================== Find3M ====================

.

2013-06-30 09:41:10 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2013-06-30 09:41:10 692104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe

2013-06-29 09:14:35 867240 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll

2013-06-29 09:14:35 789416 ----a-w- C:\Windows\SysWow64\deployJava1.dll

2013-06-19 00:50:37 177312 ----a-w- C:\Windows\System32\drivers\SYMEVENT64x86.SYS

2013-05-23 05:25:28 1139800 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symefa64.sys

2013-05-22 18:33:50 4659712 ----a-w- C:\Windows\SysWow64\Redemption.dll

2013-05-21 05:02:00 493656 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symds64.sys

2013-05-17 17:27:10 156935 ----a-w- C:\Users\geert\AppData\Roaming\mdbu.bin

2013-05-16 05:02:14 796760 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\srtsp64.sys

2013-04-25 00:43:56 433752 ----a-w- C:\Windows\System32\drivers\N360x64\1404000.028\symnets.sys

.

============= FINISH: 11:52:50,13 ===============

- - - Updated - - -

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2012-11-20.01)

.

Microsoft Windows 7 Home Premium

Boot Device: \Device\HarddiskVolume1

Install Date: 27/12/2011 18:18:05

System Uptime: 18/07/2013 11:46:36 (0 hours ago)

.

Motherboard: MSI | | Indio

Processor: Intel® Core i5 CPU 750 @ 2.67GHz | CPU 1 | 1173/133mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 921 GiB total, 818,214 GiB free.

D: is FIXED (NTFS) - 10 GiB total, 1,894 GiB free.

E: is CDROM ()

F: is Removable

G: is Removable

H: is Removable

I: is Removable

K: is FIXED (NTFS) - 932 GiB total, 239,769 GiB free.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP175: 29/06/2013 11:13:48 - Installed Java 7 Update 25

RP176: 6/07/2013 23:06:21 - Gepland controlepunt

RP177: 14/07/2013 11:50:56 - Gepland controlepunt

RP178: 17/07/2013 9:54:36 - Installed HiJackThis

RP179: 17/07/2013 22:25:11 - zoek.exe restore point

.

==== Installed Programs ======================

.

Adobe Flash Player 10 ActiveX

Adobe Flash Player 11 Plugin

Adobe Photoshop Elements 6.0

Adobe Reader XI - Nederlands

Bass Avenger

Battle Of Britain

Belgium e-ID middleware 4.0.4 (build 7251)

Blokker

Blokker Fotoservice

Burn4Free DVD Burning 6.0.0.0

CCleaner

cdrtfe 1.4.1

Championship Surfer

Compatibiliteitspakket voor het 2007 Microsoft Office system

ContinueToSave

D3DX10

Diagnostisch hulpprogramma voor hardware

DirectX for Managed Code Update (Summer 2004)

Doxillion Document Converter

DVD Flick 1.3.0.7

EPSON Attach To Email

Epson Easy Photo Print 2

Epson Easy Photo Print Plug-in for PMB(Picture Motion Browser)

EPSON File Manager

EPSON Scan

EPSON Scan Assistant

EPSON SX218 Series Printer Uninstall

Express Zip

Facebook Video Calling 1.2.0.287

FaceOnBody Pro v 2.4

Fun Morph 3.0

GIMP 2.8.0

GoforFiles

GOM Player

Google Chrome

Google Earth Plug-in

Google Update Helper

HaJé's Woordjes Maken 2.11

Hewlett-Packard ACLM.NET v1.1.0.0

High-Definition Video Playback 10

HiJackThis

Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)

HP Customer Experience Enhancements

HP MAINSTREAM KEYBOARD

HP MediaSmart DVD

HP MediaSmart Movie Themes

HP MediaSmart Music/Photo/Video

HP MediaSmart SmartMenu

HP Odometer

HP Product Detection

HP Remote Solution

HP Setup

HP Support Information

HP Update

ImageShack Uploader 2.2.0

ImgBurn

Intel® Matrix Storage Manager

IZArc 4.1.6

Java 7 Update 25

Java Auto Updater

Java 6 Update 31 (64-bit)

JDownloader

Junk Mail filter update

Kruidvat fotoservice

LabelPrint

LightScribe System Software

ManyCam 3.1.43

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Client Profile NLD Language Pack

Microsoft .NET Framework 4 Extended

Microsoft .NET Framework 4 Extended NLD Language Pack

Microsoft Application Error Reporting

Microsoft Office PowerPoint Viewer 2007 (Dutch)

Microsoft Primary Interoperability Assemblies 2005

Microsoft Silverlight

Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2005 Redistributable (x64)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Works

Microsoft_VC100_CRT_SP1_x64

Microsoft_VC100_CRT_SP1_x86

MixPad

Mozilla Firefox 22.0 (x86 nl)

Mozilla Maintenance Service

MSVC80_x64_v2

MSVC80_x86_v2

MSVC90_x64

MSVC90_x86

MSVCRT

MSVCRT_amd64

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MyFreeCodec

Nero 10 Menu TemplatePack Basic

Nero 10 Movie ThemePack Basic

Nero BackItUp 10

Nero BackItUp 10 Help (CHM)

Nero Burning ROM 10

Nero BurningROM 10 Help (CHM)

Nero BurnRights 10

Nero BurnRights 10 Help (CHM)

Nero Control Center 10

Nero ControlCenter 10 Help (CHM)

Nero Core Components 10

Nero CoverDesigner 10

Nero CoverDesigner 10 Help (CHM)

Nero DiscSpeed 10

Nero DiscSpeed 10 Help (CHM)

Nero Dolby Files 10

Nero Express 10

Nero Express 10 Help (CHM)

Nero InfoTool 10

Nero InfoTool 10 Help (CHM)

Nero MediaHub 10

Nero MediaHub 10 Help (CHM)

Nero Multimedia Suite 10

Nero Recode 10

Nero Recode 10 Help (CHM)

Nero RescueAgent 10

Nero RescueAgent 10 Help (CHM)

Nero SoundTrax 10

Nero SoundTrax 10 Help (CHM)

Nero StartSmart 10

Nero StartSmart 10 Help (CHM)

Nero Update

Nero Vision 10

Nero Vision 10 Help (CHM)

Nero WaveEditor 10

Nero WaveEditor 10 Help (CHM)

Nokia Connectivity Cable Driver

Nokia Suite

Norton 360 Premier Edition

NVIDIA-configuratiescherm 296.19

NVIDIA Grafisch stuurprogramma 296.19

NVIDIA Install Application

OpenOffice.org 3.4

PC Connectivity Solution

Photo DVD Maker Professional 8.10

Photo DVD Slideshow Pro 8.35

Photodex Presenter

PhotodexProShowProducer

Photoupz 1.63

Picasa 3

PlayMemories Home

Power2Go

PowerDirector

PowerRecover

Print Artist Platinum 24

PrintMaster 2012 Platinum

Prism Video File Converter

ProShow Producer

Reader for PC

Realtek High Definition Audio Driver

Samsung Kies

SAMSUNG USB Driver for Mobile Phones

Search Assistant WebSearch 1.74

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2736428)

Security Update for Microsoft .NET Framework 4 Extended (KB2742595)

Security Update for Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD (KB2518870)

SketchUp 8

Skype™ 6.5

SPCA1528 PC Driver

Spotify

Stuurprogrammapakket voor Windows - Fedict SmartCard (10/04/2011 4.0.0.5)

Switch Sound File Converter

Taalpakket voor Microsoft .NET Framework 4 Client Profile - NLD

Taalpakket voor Microsoft .NET Framework 4 Extended - NLD

Tony Hawk's Pro Skater 3®

Unity Web Player

Update for Microsoft .NET Framework 4 Client Profile (KB2468871)

Update for Microsoft .NET Framework 4 Client Profile (KB2533523)

Update for Microsoft .NET Framework 4 Client Profile (KB2600217)

Update for Microsoft .NET Framework 4 Extended (KB2468871)

Update for Microsoft .NET Framework 4 Extended (KB2533523)

Update for Microsoft .NET Framework 4 Extended (KB2600217)

VLC media player 2.0.7

Vuze

WavePad Sound Editor

WBFS Manager 3.0

WBFS to ISO

WebcamMax

Windows-stuurprogrammapakket - Nokia pccsmcfd (08/22/2008 7.0.0.0)

Windows Live Communications Platform

Windows Live Essentials

Windows Live ID Sign-in Assistant

Windows Live Installer

Windows Live Language Selector

Windows Live Mail

Windows Live MIME IFilter

Windows Live Photo Common

Windows Live PIMT Platform

Windows Live SOXE

Windows Live SOXE Definitions

Windows Live UX Platform

Windows Live UX Platform Language Pack

Windows Live Writer

Windows Live Writer Resources

Windows Media Player Firefox Plugin

WinRAR 4.20 (64-bit)

WinRAR archiver

Wondershare DVD Slideshow Builder Deluxe(Build 6.0.0.22)

XviD MPEG-4 Video Codec

ZipGenius 6.3

.

==== End Of File ===========================

[juisterr]

En wederom een flinke opruiming, is het nu wel weg ?

Sleutel Verwijderd : HKLM\Software\qvo6Software

[geertje]

ja hoor alles zoals voorheen heel erg bedankt aan de mensen die me geholpen hebben !!!

[juisterr]

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Activate UAC
  
• Remove disinfection tools
  
• Create registry backup
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.