veel reclame

Mijn kapersky moest vernieuwd worden en heb dus enkele dagen zonder bescherming gezeten.

Ik vermoed dat er "vuiligheid" is binnen gekomen.

Hieronder is mijn logje:

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 10:33:35, on 19/02/2014

Platform: Unknown Windows (WinNT 6.02.1008)

MSIE: Internet Explorer v10.0 (10.00.9200.16798)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe

C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe

C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe

C:\Users\Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe

C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe

C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe

C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

C:\Program Files (x86)\BlueStacks\HD-Agent.exe

C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

C:\Program Files (x86)\Mozilla Firefox\firefox.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe

C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll

O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll

O2 - BHO: ContentBlockerBrowserHelperObject - {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\ContentBlocker\ie_content_blocker_plugin.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

O2 - BHO: VirtualKeyboardBrowserHelperObject - {73455575-E40C-433C-9784-C78DC7761455} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll

O2 - BHO: Safe Money Plugin - {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\OnlineBanking\online_banking_bho.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll

O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll

O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

O2 - BHO: ClassicIE9BHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIE9DLL_32.dll

O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll

O3 - Toolbar: Kaspersky Passsword Manager Toolbar - {215BA832-75A3-426E-A4FC-7C5B58CE6A10} - C:\PROGRA~2\KASPER~1\KASPER~1.0\KASPER~2\spIEBho.dll

O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

O4 - HKLM\..\Run: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey

O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe

O4 - HKLM\..\Run: [btTray] "C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

O4 - HKLM\..\Run: [beid] "C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe" /startup

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe

O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe"

O4 - HKCU\..\Run: [Gadwin PrintScreen] C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash

O4 - HKCU\..\Run: [Power2GoExpress8] NA

O4 - HKCU\..\Run: [spotify Web Helper] "C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

O4 - HKCU\..\Run: [spotify] "C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe" /uri spotify:autostart

O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [MyCuteBuddy] "C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe" "file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy" /m /u

O4 - Startup: Dropbox.lnk = Philip\AppData\Roaming\Dropbox\bin\Dropbox.exe

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Toevoegen aan Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ie_banner_deny.htm

O9 - Extra button: Virtueel Toetsenbord - {0C4CC089-D306-440D-9772-464E226F6539} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\VirtualKeyboard\ie_virtual_keyboard_plugin.dll

O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe

O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll

O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe

O9 - Extra 'Tools' menuitem: Classic IE9 Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE9_32.exe

O9 - Extra button: (no name) - {64964764-1101-4bbd-8891-B56B1A53B9B3} - C:\Program Files\Classic Shell\ClassicExplorer32.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL

O9 - Extra button: Controle van URL's - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\IEExt\UrlAdvisor\klwtbbho.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)

O23 - Service: Kaspersky Anti-Virus-service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\avp.exe

O23 - Service: BlueSoleilCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: BsHelpCS - IVT Corporation - C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe

O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe

O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe

O23 - Service: Classic Shell Service (ClassicShellService) - IvoSoft - C:\Program Files\Classic Shell\ClassicShellService.exe

O23 - Service: Intel® Content Protection HECI Service (cphs) - Intel Corporation - C:\Windows\SysWow64\IntelCpHeciSvc.exe

O23 - Service: CryptoStorage control service (CSObjectsSrv) - Infowatch - C:\Program Files (x86)\Common Files\InfoWatch\CryptoStorage\ProtectedObjectsSrv.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe

O23 - Service: @oem31.inf,%hpservice_desc%;HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing)

O23 - Service: HPWMISVC - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe

O23 - Service: IconMan_R - Realsil Microelectronics Inc. - C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe

O23 - Service: Intel® Capability Licensing Service Interface - Intel® Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe

O23 - Service: Intel® ME Service - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe

O23 - Service: Intel® Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\stlang64.dll,-10101 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV64.exe

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 14703 bytes

Bedankt op voorhand.

Gr,

Philippe

Dag Philippe,

Er is inderdaad iets binnen gekomen.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download Zoek.exe naar het bureaublad (niet de .zip- of .rar-versie).

Zoek.exe uitvoeren

Wanneer u problemen ondervindt bij het uitvoeren van dit programma of bepaalde foutmeldingen te zien krijgt laat dit dan even weten in uw bericht.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik nu op de knop "Run script".
  
• Er verschijnt een popup met de melding dat er geen script aangetroffen is, druk gewoon op OK.
  
• Zoek.exe gaat nu een scan + reparatie uitvoeren, bij sommige systemen kan deze langer dan een half uur duren.
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.

Het logje:

Zoek.exe v5.0.0.0 Updated 19-February-2014

Tool run by Philip on wo 19/02/2014 at 15:19:26,22.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Philip\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean]

==== Older Logs ======================

C:\zoek-results2014-02-19-141456.log 52130 bytes

==== Empty Folders Check ======================

C:\Users\Philip\AppData\Roaming\PANASONIC SD-2500WXE user guide

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Philip\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-02-14 11:02:09 568C888D74169B679E4D9E1F4E7E75BD 523776 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-14 06:24:36 9F38E0E4F9EA7DD9E58C48B21F202B63 1419264 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-02-14 06:24:29 FFD94811DD4D65FFA5EF36B5C1432B06 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-02-14 06:24:29 E016BB18F1D978772EF5D1662E536372 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-02-14 06:24:29 A66F7525EBF8530C495D10E742FCDA2B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2014-02-14 06:24:29 952B209CA4A39FB67C9CF110B9855583 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-14 06:24:29 71EB230269480E7F5F62E46261404B10 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-02-14 06:24:29 6733B2B5EEA3243E1B0FC5EABDA7223B 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-14 06:24:29 66A313E15312F666829D024235B1BA24 1140736 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-14 06:24:29 64AA1B23EFDF4B8776135C31B583D33A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll

2014-02-14 06:24:29 5668E7858F32D61FA8750470FF07C9BA 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll

2014-02-14 06:24:29 1FF83D2BE92B40DAE234CF4236680B6E 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-14 06:24:28 FAF025218BF7A20BDD899C097B86E4A8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-02-14 06:24:27 96484B4ED8FD9838692E3B5896C6DA61 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-14 06:24:14 5DC326473A638CC67EA5A4AF4C776BEB 2049024 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-14 06:24:14 2F867C9A274B4C731E3ADB9BAF3337C4 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-02-14 06:24:14 0AAE2EE5A85EA18E00079CAF359B9387 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-14 06:24:10 4098C722E878697489F0207108C8E0DA 14359040 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-14 06:24:07 FC925BF83D0EA5E0E524F86E310D64F4 451072 ----a-w- C:\Windows\SysWOW64\msdrm.dll

2014-02-14 06:23:58 CB0AD586EA7C13AEF616848B64C5CC53 2032640 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll

2014-02-14 06:23:58 C7E96470AD5552C67092B073B667121B 3288576 ----a-w- C:\Windows\SysWOW64\d2d1.dll

2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-12 18:26:23 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll

2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe

2014-02-14 11:02:36 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml

2014-02-14 11:02:09 05F9C60AD29EDF12929663B1227D28F5 600064 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-14 06:24:36 C93EC176F21B90D9B04661E134ECF984 1845248 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-02-14 06:24:29 600FB9CB67C48F76C5ECE67E7B76D4B0 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-02-14 06:24:29 4CA2A7EB74EB959C23E359887D617E69 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll

2014-02-14 06:24:29 2ACDD6E1522DDA16D73F3E61A02EFCEB 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-02-14 06:24:28 EFC64446D5881A95674E04DFAC39AB7A 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-14 06:24:28 7A824F15114E3D34691946E0D2F58911 197120 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-02-14 06:24:28 2D9B01CE9C1F93D047131175F4C07F7C 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll

2014-02-14 06:24:27 F62A5D527794DCBC1F84B1976FB44244 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-02-14 06:24:27 56DDB27B59BDE8CA6C9D563D38BC4673 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2014-02-14 06:24:26 D5B3FD1A39B6EBFD65B260B1E0FAF7D0 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-14 06:24:26 B61F1163B0717D7781CBD140AF80D3BA 15403520 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-02-14 06:24:25 F75B88A57B3264914FD80462CB992F0C 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-02-14 06:24:24 DBF5C7BFBAB5E01020E16156E2D5FEC3 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-14 06:24:24 90860E913075B03369BEB7B0B510DC2F 2241536 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-14 06:24:22 1B59269891A17BD804F3F640A66F2A08 19274240 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-14 06:24:14 CB0DB3C57ED00FCDCDE7536CC505EF55 2648576 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-14 06:24:14 027D0EAECAC2358406A088EA218A47C0 3960320 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-14 06:24:08 9C6302820FEA434728A14B2E356A600A 583680 ----a-w- C:\Windows\Sysnative\msdrm.dll

2014-02-14 06:23:59 D05FDB359808642231FC244CD06E8E4C 2238976 ----a-w- C:\Windows\Sysnative\d3d10warp.dll

2014-02-14 06:23:59 B9868B46EC3A67EF9B85B9437DB2CB65 3842560 ----a-w- C:\Windows\Sysnative\d2d1.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys

2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys

2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys

2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch

2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab

2014-02-15 17:06:55 -------- d-----w- C:\PROGRA~2\Vuze

2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype

2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype

2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC

2014-01-29 20:28:08 -------- d-----w- C:\PROGRA~2\Trend Micro

2014-01-25 22:41:39 -------- d-----w- C:\PROGRA~2\BlueStacks

======= C: =====

====== C:\Users\Philip\AppData\Roaming ======

2014-02-19 14:13:30 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-02-19 14:13:30 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-02-19 14:13:30 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-02-19 14:13:30 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-02-19 14:13:29 -------- d-----w- C:\Users\Philip\AppData\Local\Temp

2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft

2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide

2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype

2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype

2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC

====== C:\Users\Philip ======

2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache

2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe

2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe

2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe

2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype

2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe

2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe

2014-01-29 19:25:16 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp

2014-01-25 22:41:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-01-25 22:39:05 -------- d-----w- C:\ProgramData\BlueStacksSetup

2014-01-25 22:39:01 -------- d-----w- C:\ProgramData\BlueStacks

====== C: exe-files ==

2014-02-19 13:47:24 EACE638669468F28485736A3A240D57C 54272 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\IsPinned.exe

2014-02-19 13:47:24 9BCCC92E3DBDD539704B79E53D384CA2 119296 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe

2014-02-19 13:47:24 164AC719018728884E50232212001AA5 53760 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerServiceExec.exe

2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe

2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\System32\MpSigStub.exe

2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe

2014-02-15 17:07:03 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe

2014-02-15 17:07:03 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe

2014-02-15 17:07:03 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe

2014-02-15 17:06:57 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe

2014-02-15 17:06:57 18CB4A32F75F0082F43918077C3BD05F 3616584 ----a-w- C:\Users\Philip\AppData\Roaming\Azureus\plugins\aznettor\AzureusTor.exe

2014-02-15 17:06:55 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe

2014-02-15 17:06:55 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe

2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe

2014-02-15 11:37:07 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe

2014-02-15 11:37:07 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

2014-02-15 11:37:07 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

2014-02-15 11:37:07 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe

2014-02-15 11:37:07 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe

2014-02-15 11:37:07 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe

2014-02-15 11:37:01 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe

2014-02-14 06:24:29 BC327B65D38FF611B40A718AFC6C248B 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-02-14 06:24:29 B04EE6BFF70C11D478680BB74E1D33AB 770736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-14 06:24:28 5E9A6ED18D9F54E7BEFF1A247FC202E6 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-14 06:24:27 A799D8222F6F06A952424CBBEE243DBE 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe

2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

2014-02-12 18:24:48 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe

=== C: other files ==

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 -c--a-w- C:\Windows\System32\DRVSTORE\CSVirtualD_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 -c--a-w- C:\Windows\System32\DRVSTORE\CSCrySec_w_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSCrySec.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\System32\Drivers\CSCrySec.sys

2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\System32\Drivers\klflt.sys

2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\System32\Drivers\klif.sys

2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\System32\Drivers\tcpip.sys

2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\System32\Drivers\hidclass.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

"Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"

"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

"Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18]

C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default

- Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com

- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default

3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash

78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06]

hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06]

hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03]

jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03]

pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06]

Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko

YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj

avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh

Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail

Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh

Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=525 folders=128 9555990 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Philip\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Philip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 19/02/2014 at 15:35:12,88 ======================

Heb je Zoek 2x laten lopen?

Plaats het eerste logje ook eens: C:\zoek-results2014-02-19-141456.log

deze dan:

Zoek.exe v5.0.0.0 Updated 19-February-2014

Tool run by Philip on wo 19/02/2014 at 15:02:19,35.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Philip\Desktop\zoek.exe [scan all users] [Quick Scan] [Auto Clean]

==== System Restore Info ======================

19/02/2014 15:02:59 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Nokia deleted successfully

C:\Program Files\log deleted successfully

C:\PROGRA~3\AVAST Software deleted successfully

C:\PROGRA~3\Iminent deleted successfully

C:\PROGRA~3\Oracle deleted successfully

C:\PROGRA~3\SSScanAppDataDir deleted successfully

C:\Users\Philip\AppData\Roaming\Iminent deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Internet Explorer\SearchScopes\{F9D1C772-F749-4CC5-89E4-622CD4B9C98D} deleted successfully

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{8E5E2654-AD2D-48BF-AC2D-D17F00898D06} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default

---- Lines CT2504091 removed from prefs.js ----

user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.FF19Solved", "true");

user_pref("CT2504091.FirstTime", "true");

user_pref("CT2504091.FirstTimeFF3", "true");

user_pref("CT2504091.PG_ENABLE", "ZmFsc2U=");

user_pref("CT2504091.UserID", "UN53202459253772442");

user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true");

user_pref("CT2504091.appOptions", "{}");

user_pref("CT2504091.cbfirsttime.enc", "U2F0IEZlYiAxNSAyMDE0IDE4OjA4OjM4IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk=");

user_pref("CT2504091.countryCode", "BE");

user_pref("CT2504091.defaultSearch", "false");

user_pref("CT2504091.enableAlerts", "true");

user_pref("CT2504091.enableSearchFromAddressBar", "false");

user_pref("CT2504091.firstTimeDialogOpened", "true");

user_pref("CT2504091.fixPageNotFoundError", "false");

user_pref("CT2504091.fixPageNotFoundErrorByUser", "false");

user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true");

user_pref("CT2504091.fullUserID", "UN53202459253772442.IN.20140215180710");

user_pref("CT2504091.installDate", "15/02/2014 18:07:10");

user_pref("CT2504091.installSessionId", "{5D182438-20F4-4774-BA0E-290DCC455579}");

user_pref("CT2504091.installSp", "false");

user_pref("CT2504091.installType", "conduitnsisintegration");

user_pref("CT2504091.installUsage", "2014-02-15T20:07:15.5326855+03:00");

user_pref("CT2504091.installUsageEarly", "2014-02-15T20:07:15.0022787+03:00");

user_pref("CT2504091.installerVersion", "1.8.1.4");

user_pref("CT2504091.isCheckedStartAsHidden", true);

user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.isFirstTimeToolbarLoading", "false");

user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");

user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource

user_pref("CT2504091.lastVersion", "10.23.0.822");

user_pref("CT2504091.mam_gk_installer_preapproved.enc", "ZmFsc2U=");

user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN

user_pref("CT2504091.openThankYouPage", "false");

user_pref("CT2504091.openUninstallPage", "true");

user_pref("CT2504091.revertSettingsEnabled", "false");

user_pref("CT2504091.search.searchAppId", "129079840422026594");

user_pref("CT2504091.search.searchCount", "0");

user_pref("CT2504091.searchInNewTabEnabledByUser", "false");

user_pref("CT2504091.searchInNewTabEnabledInHidden", "true");

user_pref("CT2504091.searchRevert", "false");

user_pref("CT2504091.searchSuggestEnabledByUser", "false");

user_pref("CT2504091.searchUninstallUserMode", "1");

user_pref("CT2504091.searchUserMode", "1");

user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");

user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//x

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote \"}");

user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");

user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");

user_pref("CT2504091.serviceLayer_services_Configuration_lastUpdate", "1392795831680");

user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1392484036161");

user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1392484035700");

user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1392484036006");

user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1392484035380");

user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1392484036153");

user_pref("CT2504091.serviceLayer_services_login_10.23.0.722_lastUpdate", "1392538690350");

user_pref("CT2504091.serviceLayer_services_login_10.23.0.822_lastUpdate", "1392795831794");

user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1392484035887");

user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1392795831664");

user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1392795831627");

user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1392484035774");

user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1392795831641");

user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1392795831658");

user_pref("CT2504091.settingsINI", true);

user_pref("CT2504091.shouldFirstTimeDialog", "false");

user_pref("CT2504091.showToolbarPermission", "false");

user_pref("CT2504091.smartbar.CTID", "CT2504091");

user_pref("CT2504091.smartbar.Uninstall", "0");

user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote ");

user_pref("CT2504091.startPage", "false");

user_pref("CT2504091.toolbarBornServerTime", "15-2-2014");

user_pref("CT2504091.toolbarCurrentServerTime", "19-2-2014");

user_pref("CT2504091.toolbarInstallDate", "15-02-2014 18:07:10");

user_pref("CT2504091.toolbarLoginClientTime", "Sat Feb 15 2014 18:07:16 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2504091.versionFromInstaller", "10.23.0.722");

user_pref("CT2504091.xpeMode", "1");

user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1392802255496,\"isWithState\":\"\",\"timeFromStar

user_pref("valueApps.CT2504091./9B+7E+x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E,x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E-x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E.:2z527.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E.x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E/x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E06CG5EL8:", "6E6D68706F6C71767175");

user_pref("valueApps.CT2504091./9B+7E06CG5EL8:.storedInFile", false);

user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E767572777C777B242F4B49474F42357D5D5C3D");

user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K.storedInFile", false);

user_pref("valueApps.CT2504091./9B+7E0x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E1x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E2x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E31;CJ7FK;KG#NCEP@MC+VKN.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E3x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E4x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E5x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E6x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E7x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E8x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E9x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E:x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E;x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E<x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E=x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E>x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E?x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7E@x305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7EAx305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");

user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D.storedInFile", false);

user_pref("valueApps.CT2504091./9B+7EBx305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7ECx305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7EDx305.storedInFile", true);

user_pref("valueApps.CT2504091./9B+7Etx305.storedInFile", true);

user_pref("valueApps.CT2504091./9B-0?3G>D", "3D3D406F3E6D74447A42477A48204C762020254E20257D2A222058575A255B295A302E2A");

user_pref("valueApps.CT2504091./9B-0?3G>D.storedInFile", false);

user_pref("valueApps.CT2504091./9B-0?3G@6:5;", "");

user_pref("valueApps.CT2504091./9B-0?3G@6:5;.storedInFile", false);

user_pref("valueApps.CT2504091./9B-0?3GFA7EF", "2B2E2C3D");

user_pref("valueApps.CT2504091./9B-0?3GFA7EF.storedInFile", false);

user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D57695D5D

user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>.storedInFile", false);

user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576");

user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false);

user_pref("valueApps.CT2504091./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");

user_pref("valueApps.CT2504091./9B3=>@44I48?.storedInFile", false);

user_pref("valueApps.CT2504091./9B5BA==9CJAG", "6E6A3E726F6D6E437A467976737A7C4D764E507D52");

user_pref("valueApps.CT2504091./9B5BA==9CJAG.storedInFile", false);

user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P", "6E6D68706F6C71767273757377");

user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P.storedInFile", false);

user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E");

user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false);

user_pref("valueApps.CT2504091./9B9643G3/9E", "6A");

user_pref("valueApps.CT2504091./9B9643G3/9E.storedInFile", false);

user_pref("valueApps.CT2504091./9B;45>:BI9I7IE", "2B2E2C3D");

user_pref("valueApps.CT2504091./9B;45>:BI9I7IE.storedInFile", false);

user_pref("valueApps.CT2504091./9B<:222H64<", "393F352F3E");

user_pref("valueApps.CT2504091./9B<:222H64<.storedInFile", false);

user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ", "6D70706E7674737976732A7974727D77757C7E");

user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ.storedInFile", false);

user_pref("valueApps.CT2504091./9B=+03EH8H8J?:", "4443");

user_pref("valueApps.CT2504091./9B=+03EH8H8J?:.storedInFile", false);

user_pref("valueApps.CT2504091./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");

user_pref("valueApps.CT2504091./9B?+E2A52D8.storedInFile", false);

user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H", "6D");

user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H.storedInFile", false);

user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?", "6C");

user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?.storedInFile", false);

user_pref("valueApps.CT2504091.PG_ENABLE", "74727565");

user_pref("valueApps.CT2504091.PG_ENABLE.storedInFile", false);

user_pref("valueApps.CT2504091._key_cl_active", "33313339323038302D353932642D346331352D613365622D613734663565636163643766");

user_pref("valueApps.CT2504091._key_cl_active.storedInFile", false);

user_pref("valueApps.CT2504091.cb_experience_000", "36");

user_pref("valueApps.CT2504091.cb_experience_000.storedInFile", false);

user_pref("valueApps.CT2504091.cb_firstuse0100", "31");

user_pref("valueApps.CT2504091.cb_firstuse0100.storedInFile", false);

user_pref("valueApps.CT2504091.cb_user_id_000", "43423632383938353832343430355F313339323438363932343739335F46697265666F78");

user_pref("valueApps.CT2504091.cb_user_id_000.storedInFile", false);

user_pref("valueApps.CT2504091.cbfirsttime", "5361742046656220313520323031342031383A30393A343820474D542B303130302028526F6D616E636520287374616E64616172

user_pref("valueApps.CT2504091.cbfirsttime.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appStateReportTime", "31333932343834303337393832");

user_pref("valueApps.CT2504091.mam_gk_appStateReportTime.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active", "6F6E");

user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy", "6F6E");

user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook", "6F6E");

user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted", "6F6E");

user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong", "6F6E");

user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_appsConfig.storedInFile", true);

user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled", "6E756C6C");

user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_calledSetupService", "31");

user_pref("valueApps.CT2504091.mam_gk_calledSetupService.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_currentVersion", "312E31332E302E3137");

user_pref("valueApps.CT2504091.mam_gk_currentVersion.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_eventsCache", "7B2232393432333338392D316365382D343064322D623636312D393466643265633765316364223A7B22746F706963223

user_pref("valueApps.CT2504091.mam_gk_eventsCache.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone", "31");

user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_first_time", "31");

user_pref("valueApps.CT2504091.mam_gk_first_time.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_gadgetOpen", "77656C636F6D65");

user_pref("valueApps.CT2504091.mam_gk_gadgetOpen.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_lastLoginTime", "31333932343834303338323632");

user_pref("valueApps.CT2504091.mam_gk_lastLoginTime.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_localization.storedInFile", true);

user_pref("valueApps.CT2504091.mam_gk_mamEnabled", "66616C7365");

user_pref("valueApps.CT2504091.mam_gk_mamEnabled.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls", "31");

user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience", "31");

user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_settings1.13.0.17.storedInFile", true);

user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget", "66616C7365");

user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_stamp", "35345F30");

user_pref("valueApps.CT2504091.mam_gk_stamp.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_userBornDate", "4E2F41");

user_pref("valueApps.CT2504091.mam_gk_userBornDate.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635");

user_pref("valueApps.CT2504091.mam_gk_userId.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted", "31");

user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted.storedInFile", false);

user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode", "31");

user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode.storedInFile", false);

user_pref("valueApps.CT2504091.url_history0001", "687474703A2F2F777777312E636C69636B646F776E6C6F616465722E636F6D2F646F776E6C6F61642F70726F647563745F64

user_pref("valueApps.CT2504091.url_history0001.storedInFile", true);

---- FireFox user.js and prefs.js backups ----

user_20141902_1509_.backup

prefs_20141902_1509_.backup

==== Deleting Files \ Folders ======================

C:\Users\Philip\AppData\LocalLow\PriceGong deleted

C:\END deleted

C:\Windows\Syswow64\InstallUtil.InstallLog deleted

C:\Windows\Syswow64\SearchProtect deleted

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\searchplugins\conduit-search.xml deleted

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\valueApps deleted

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\CT2504091 deleted

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\smartbar deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Philip\AppData\Local\Temp ====

2014-02-15 17:13:42 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Philip\AppData\Local\Temp\vlc-2.1.3-win32.exe

2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe

2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe

2014-02-15 17:07:04 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe

2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe

2014-02-15 12:57:03 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Temp\nskC697\SpSetup.exe

2014-02-06 14:29:30 5EB1F04CB37E11F103B7B822204B943E 6180176 ----a-w- C:\Users\Philip\AppData\Local\Temp\SPSetup.exe

2014-02-06 12:48:46 C67BCF6441E378371F0D6EEFB7EF0861 167812 ----a-w- C:\Users\Philip\AppData\Local\Temp\nsh68DB.exe

====== Java Cache =====

2014-02-12 18:27:26 E80F61B4996AC25DE624DEE5ABC49852 37 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\59\588ee9bb-6.0.lap

====== C:\Windows\SysWOW64 =====

2014-02-14 11:02:09 568C888D74169B679E4D9E1F4E7E75BD 523776 ----a-w- C:\Windows\SysWOW64\vbscript.dll

2014-02-14 06:24:36 9F38E0E4F9EA7DD9E58C48B21F202B63 1419264 ----a-w- C:\Windows\SysWOW64\msxml3.dll

2014-02-14 06:24:29 FFD94811DD4D65FFA5EF36B5C1432B06 163840 ----a-w- C:\Windows\SysWOW64\msrating.dll

2014-02-14 06:24:29 E016BB18F1D978772EF5D1662E536372 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2014-02-14 06:24:29 A66F7525EBF8530C495D10E742FCDA2B 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2014-02-14 06:24:29 952B209CA4A39FB67C9CF110B9855583 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2014-02-14 06:24:29 71EB230269480E7F5F62E46261404B10 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2014-02-14 06:24:29 6733B2B5EEA3243E1B0FC5EABDA7223B 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2014-02-14 06:24:29 66A313E15312F666829D024235B1BA24 1140736 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2014-02-14 06:24:29 64AA1B23EFDF4B8776135C31B583D33A 534528 ----a-w- C:\Windows\SysWOW64\uxtheme.dll

2014-02-14 06:24:29 5668E7858F32D61FA8750470FF07C9BA 44032 ----a-w- C:\Windows\SysWOW64\UXInit.dll

2014-02-14 06:24:29 1FF83D2BE92B40DAE234CF4236680B6E 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2014-02-14 06:24:28 FAF025218BF7A20BDD899C097B86E4A8 13760512 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2014-02-14 06:24:27 96484B4ED8FD9838692E3B5896C6DA61 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2014-02-14 06:24:14 5DC326473A638CC67EA5A4AF4C776BEB 2049024 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2014-02-14 06:24:14 2F867C9A274B4C731E3ADB9BAF3337C4 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2014-02-14 06:24:14 0AAE2EE5A85EA18E00079CAF359B9387 2877952 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2014-02-14 06:24:10 4098C722E878697489F0207108C8E0DA 14359040 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2014-02-14 06:24:07 FC925BF83D0EA5E0E524F86E310D64F4 451072 ----a-w- C:\Windows\SysWOW64\msdrm.dll

2014-02-14 06:23:58 CB0AD586EA7C13AEF616848B64C5CC53 2032640 ----a-w- C:\Windows\SysWOW64\d3d10warp.dll

2014-02-14 06:23:58 C7E96470AD5552C67092B073B667121B 3288576 ----a-w- C:\Windows\SysWOW64\d2d1.dll

2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-12 18:26:23 A7871E39687EC6EE9712209DAE248B3A 96168 ----a-w- C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll

2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe

2014-02-14 11:02:36 4B916278E1487A5CD5F8F9A521980026 385614 ----a-w- C:\Windows\Sysnative\ApnDatabase.xml

2014-02-14 11:02:09 05F9C60AD29EDF12929663B1227D28F5 600064 ----a-w- C:\Windows\Sysnative\vbscript.dll

2014-02-14 06:24:36 C93EC176F21B90D9B04661E134ECF984 1845248 ----a-w- C:\Windows\Sysnative\msxml3.dll

2014-02-14 06:24:29 600FB9CB67C48F76C5ECE67E7B76D4B0 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2014-02-14 06:24:29 4CA2A7EB74EB959C23E359887D617E69 53760 ----a-w- C:\Windows\Sysnative\UXInit.dll

2014-02-14 06:24:29 2ACDD6E1522DDA16D73F3E61A02EFCEB 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2014-02-14 06:24:28 EFC64446D5881A95674E04DFAC39AB7A 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2014-02-14 06:24:28 7A824F15114E3D34691946E0D2F58911 197120 ----a-w- C:\Windows\Sysnative\msrating.dll

2014-02-14 06:24:28 2D9B01CE9C1F93D047131175F4C07F7C 915968 ----a-w- C:\Windows\Sysnative\uxtheme.dll

2014-02-14 06:24:27 F62A5D527794DCBC1F84B1976FB44244 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2014-02-14 06:24:27 56DDB27B59BDE8CA6C9D563D38BC4673 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2014-02-14 06:24:26 D5B3FD1A39B6EBFD65B260B1E0FAF7D0 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2014-02-14 06:24:26 B61F1163B0717D7781CBD140AF80D3BA 15403520 ----a-w- C:\Windows\Sysnative\ieframe.dll

2014-02-14 06:24:25 F75B88A57B3264914FD80462CB992F0C 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2014-02-14 06:24:24 DBF5C7BFBAB5E01020E16156E2D5FEC3 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2014-02-14 06:24:24 90860E913075B03369BEB7B0B510DC2F 2241536 ----a-w- C:\Windows\Sysnative\wininet.dll

2014-02-14 06:24:22 1B59269891A17BD804F3F640A66F2A08 19274240 ----a-w- C:\Windows\Sysnative\mshtml.dll

2014-02-14 06:24:14 CB0DB3C57ED00FCDCDE7536CC505EF55 2648576 ----a-w- C:\Windows\Sysnative\iertutil.dll

2014-02-14 06:24:14 027D0EAECAC2358406A088EA218A47C0 3960320 ----a-w- C:\Windows\Sysnative\jscript9.dll

2014-02-14 06:24:08 9C6302820FEA434728A14B2E356A600A 583680 ----a-w- C:\Windows\Sysnative\msdrm.dll

2014-02-14 06:23:59 D05FDB359808642231FC244CD06E8E4C 2238976 ----a-w- C:\Windows\Sysnative\d3d10warp.dll

2014-02-14 06:23:59 B9868B46EC3A67EF9B85B9437DB2CB65 3842560 ----a-w- C:\Windows\Sysnative\d2d1.dll

====== C:\Windows\Sysnative\drivers =====

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys

2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys

2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys

2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys

====== C:\Windows\Tasks ======

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch

2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab

2014-02-15 17:06:55 -------- d-----w- C:\PROGRA~2\Vuze

2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype

2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype

2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC

2014-01-29 20:28:08 -------- d-----w- C:\PROGRA~2\Trend Micro

2014-01-25 22:41:39 -------- d-----w- C:\PROGRA~2\BlueStacks

======= C: =====

====== C:\Users\Philip\AppData\Roaming ======

2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft

2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide

2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype

2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype

2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC

====== C:\Users\Philip ======

2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache

2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe

2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe

2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe

2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype

2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe

2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe

2014-01-29 19:25:16 -------- d-----w- C:\Windows\serviceprofiles\Localservice\winhttp

2014-01-25 22:41:39 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks

2014-01-25 22:39:05 -------- d-----w- C:\ProgramData\BlueStacksSetup

2014-01-25 22:39:01 -------- d-----w- C:\ProgramData\BlueStacks

====== C: exe-files ==

2014-02-19 13:47:24 EACE638669468F28485736A3A240D57C 54272 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\IsPinned.exe

2014-02-19 13:47:24 9BCCC92E3DBDD539704B79E53D384CA2 119296 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerService.exe

2014-02-19 13:47:24 164AC719018728884E50232212001AA5 53760 ----a-w- C:\ProgramData\NokiaInstallerCache\ProductCache\{D5878294-C113-43c5-A24F-FC333C52015A}\{36ABE32F-D7D4-4A5E-AADD-589F506B1B50}\Installer\InstallerServiceExec.exe

2014-02-18 18:03:26 072CCD2DC02D4EE12AA9D7032E9A3008 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IXQYGDS.exe

2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe

2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\System32\MpSigStub.exe

2014-02-16 10:13:29 237F8A820B885EDEF7FBF26D1C9C680E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IKMCNL8.exe

2014-02-16 10:13:19 824C8B34E89F6829855B543586E7EF13 10073120 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\Vuze_Installer32[1].exe

2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe

2014-02-15 17:13:42 DF463B4C69C1531D1DA7DA3E30E7F8B5 24677393 ----a-w- C:\Users\Philip\AppData\Local\Temp\vlc-2.1.3-win32.exe

2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe

2014-02-15 17:07:12 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\statisticsstub[2].exe

2014-02-15 17:07:07 68451FA1A3674235269EBE6A4BD2690B 2570128 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\vuze_remote[2].exe

2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe

2014-02-15 17:07:05 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\checktbexist[2].exe

2014-02-15 17:07:04 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe

2014-02-15 17:07:03 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe

2014-02-15 17:07:03 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe

2014-02-15 17:07:03 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe

2014-02-15 17:06:57 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe

2014-02-15 17:06:57 18CB4A32F75F0082F43918077C3BD05F 3616584 ----a-w- C:\Users\Philip\AppData\Roaming\Azureus\plugins\aznettor\AzureusTor.exe

2014-02-15 17:06:55 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe

2014-02-15 17:06:55 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe

2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe

2014-02-15 17:06:29 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\ism[1].exe

2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe

2014-02-15 13:32:18 EBA34BB14E2191B7C9F20C2B438AEBA2 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$IDQPXYA.exe

2014-02-15 12:58:29 516362443B2786F52FF91776490868B9 12509928 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\7BZ0QXUV\kitty[1].exe

2014-02-15 12:57:04 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\SPSetup[1].exe

2014-02-15 12:57:03 630AD1674149A392A97A7B10945960CD 5987944 ----a-w- C:\Users\Philip\AppData\Local\Temp\nskC697\SpSetup.exe

2014-02-15 12:57:01 DE24D470B32B657EADF336232963E9EC 123896 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3QJ6R8H\spstub[1].exe

2014-02-15 12:56:57 DD3580281FD53A9A993AE99F6B683F61 2038160 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YFZFO3D5\mycutebuddy%7B4.wfBHCKiGLgWE12.9%7D[1].exe

2014-02-15 12:56:57 2CE4650B44AD47A1FC51B71835B1850A 714616 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X3QJ6R8H\PriceGong[1].exe

2014-02-15 12:56:54 3382EA67CFD0D218914B7D25C95D1AA4 712528 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HLW9Q3DK\embededstub[1].exe

2014-02-15 12:54:54 A4EE7DE7DE6363E710CFAD220473DE1E 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$I5FB8K5.exe

2014-02-15 12:53:38 CB41792F97C9FFCA95BADFB9C84CD37E 692840 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$RDQPXYA.exe

2014-02-15 12:53:38 5417E5D581449CA1E026028B732C87A2 2072784 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$R5FB8K5.exe

2014-02-15 11:37:07 FF3FD6B78A82624C7B319EEA7F7EB8F6 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateOnDemand.exe

2014-02-15 11:37:07 EA8B5B41163A06FFA8930F5316473035 273800 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler64.exe

2014-02-15 11:37:07 C98ACDE22458C8F46FD0503CB9E2D01F 223112 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleCrashHandler.exe

2014-02-15 11:37:07 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateSetup.exe

2014-02-15 11:37:07 6D24CD9918A11CD8AB9AE678CB2CC3C7 51080 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdateBroker.exe

2014-02-15 11:37:07 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files (x86)\Google\Update\1.3.22.5\GoogleUpdate.exe

2014-02-15 11:37:01 BA5C08130D2EFBD4E546912646DC4461 847640 ----a-w- C:\Program Files (x86)\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.22.5\GoogleUpdateSetup.exe

2014-02-14 23:45:45 2839BF9E2B335A27EA13434F4CC12242 213549896 ----a-w- C:\$Recycle.Bin\S-1-5-21-2247059795-104316592-4163284125-1001\$RXQYGDS.exe

2014-02-14 06:24:29 BC327B65D38FF611B40A718AFC6C248B 469504 ----a-w- C:\Program Files (x86)\Internet Explorer\ieinstal.exe

2014-02-14 06:24:29 B04EE6BFF70C11D478680BB74E1D33AB 770736 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe

2014-02-14 06:24:29 5F63553B55465358ED6B0ED241DB44CF 51712 ----a-w- C:\Windows\System32\ie4uinit.exe

2014-02-14 06:24:28 5E9A6ED18D9F54E7BEFF1A247FC202E6 775344 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe

2014-02-14 06:24:27 A799D8222F6F06A952424CBBEE243DBE 484352 ----a-w- C:\Program Files\Internet Explorer\ieinstal.exe

2014-02-13 07:39:12 CF2F3584DC4B9050E3D7038E2ACD5245 35670688 ----a-w- C:\Users\Philip\Downloads\SkypeSetupFull.exe

2014-02-12 18:26:24 95E15A2DE75AB48728AB8E1911C3EDB1 264616 ----a-w- C:\Windows\SysWOW64\javaws.exe

2014-02-12 18:26:23 CB3638541DCAC86EE17FA8258202E20E 175016 ----a-w- C:\Windows\SysWOW64\javaw.exe

2014-02-12 18:26:23 9395BBE294045909A025C9F3DC3D9025 174504 ----a-w- C:\Windows\SysWOW64\java.exe

2014-02-12 18:24:48 3842C46F2FBC7522EF625F1833530804 145408 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\jre1.7.0_51\lzma.exe

2014-02-12 18:24:36 D6A3D61864E8F9565550548865D7522C 921000 ----a-w- C:\Users\Philip\Downloads\jxpiinstall.exe

=== C: other files ==

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 -c--a-w- C:\Windows\System32\DRVSTORE\CSVirtualD_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\System32\Drivers\CSVirtualDiskDrv.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 -c--a-w- C:\Windows\System32\DRVSTORE\CSCrySec_w_774BA42A286DBEC815683B6FC00FE66744D4B93B\win8\amd64\CSCrySec.sys

2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\System32\Drivers\CSCrySec.sys

2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\System32\Drivers\klflt.sys

2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\System32\Drivers\klif.sys

2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\System32\Drivers\tcpip.sys

2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\System32\Drivers\hidclass.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

"Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey"

"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

"beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

"BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe"

"AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash"

"Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Startup Folders ======================

2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18]

C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default

- Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com

- PriceGong - %ProfilePath%\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}

- Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default

3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash

78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director

==== Deleted Firefox Extensions ======================

C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06]

fhmbbigfkgcficoehkhadjbokhhaijea - C:\Program Files (x86)\LyricsPlug\Chrome.crx[]

hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06]

hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03]

jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03]

pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06]

Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko

YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj

avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh

Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail

Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh

Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman

==== Chrome Fix ======================

C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage deleted successfully

C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.babylon.com_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3323828&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPA5B1A71F-BC85-4D50-A158-6D54ED36A892&SSPV="

"Default_Page_URL"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://www.google.com"

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fhmbbigfkgcficoehkhadjbokhhaijea deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=525 folders=128 9555990 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\Philip\AppData\Local\Temp will be emptied at reboot

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Philip\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on wo 19/02/2014 at 15:14:56,48 ======================

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

deze dan:

# AdwCleaner v3.019 - Report created 20/02/2014 at 17:52:15

# Updated 17/02/2014 by Xplode

# Operating System : Windows 8 (64 bits)

# Username : Philip - LAPTOPI7

# Running from : C:\Users\Philip\Downloads\adwcleaner(1).exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\Vuze

File Deleted : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKCU\Software\Classes\pokki

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\Iminent

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKLM\Software\caphyon

Key Deleted : HKLM\Software\hdcode

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16798

-\\ Mozilla Firefox v27.0.1 (nl)

[ File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\prefs.js ]

-\\ Google Chrome v32.0.1700.107

[ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

*************************

AdwCleaner[R0].txt - [21506 octets] - [31/01/2014 21:28:12]

AdwCleaner[R1].txt - [1636 octets] - [20/02/2014 17:51:45]

AdwCleaner[s0].txt - [21815 octets] - [31/01/2014 21:28:47]

AdwCleaner[s1].txt - [1481 octets] - [20/02/2014 17:52:15]

########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1541 octets] ##########

Mooi zo

Nu nog de tooltjes opruimen en klaar is Kees. ;-)

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• 
  
• Remove disinfection tools
  
• Purge System Restore

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Bedankt!!