Zoek.exe v5.0.0.0 Updated 07-March-2014
Tool run by zottemus on ma 24/03/2014 at  8:30:37,38.
Microsoft Windows 7 Home Premium  6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\zottemus\Downloads\zoek.exe [Scan all users] [Script inserted] [Checkboxes used]

==== System Restore Info ======================

24/03/2014 8:36:31 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\PROGRA~2\Samsung deleted successfully
C:\Program Files\iPod deleted successfully
C:\PROGRA~3\Alwil Software deleted successfully
C:\PROGRA~3\Atheros deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} deleted successfully
C:\Users\Administrator\AppData\Roaming\iolo deleted successfully
C:\Users\zottemus\AppData\Roaming\ExpressFiles deleted successfully
C:\Users\zottemus\AppData\Roaming\Lite deleted successfully
C:\Users\zottemus\AppData\Roaming\Systweak deleted successfully
C:\Users\zottemus\AppData\Local\Magentic deleted successfully
C:\Users\zottemus\AppData\Local\PowerCinema deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-500\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{815EB786-2967-4EAA-BAEE-0D716E2B892F} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{94304C41-3AE4-43D6-9212-5A10F16988DA} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{acd5502e-a742-4cf9-90d5-3959c330053f} deleted successfully
HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully
HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Running Processes ======================

C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
C:\Windows\SysWOW64\svchost.exe
C:\Windows\SysWOW64\svchost.exe
C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files\Web Assistant\ExtensionUpdaterService.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe
C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe
C:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
C:\Program Files (x86)\AVG\AVG2014\avgui.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe
C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe
C:\Program Files (x86)\IncrediMail\Bin\IncMail.exe
C:\Program Files (x86)\IncrediMail\Bin\ImApp.exe
C:\Program Files (x86)\Internet Explorer\IELowutil.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MMLoadDrv.exe
C:\Users\zottemus\Downloads\zoek.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Windows\SysWOW64\cmd.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Web Assistant Updater deleted successfully
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Web Assistant Updater deleted successfully

==== FireFox Fix ======================

ProfilePath: C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default

---- Lines CT2724386 removed from prefs.js ----
user_pref("CT2724386..clientLogIsEnabled", false);
user_pref("CT2724386..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2724386..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CT2724386.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);
user_pref("CT2724386.AboutPrivacyUrl", "http://www.conduit.com/privacy/default.aspx");
user_pref("CT2724386.BrowserCompStateIsOpen_129464706887642629", true);
user_pref("CT2724386.BrowserCompStateIsOpen_129851871904280954", true);
user_pref("CT2724386.BrowserCompStateIsOpen_129904362604336829", true);
user_pref("CT2724386.BrowserCompStateIsOpen_130040906678978474", true);
user_pref("CT2724386.BrowserCompStateIsOpen_1366615082000", true);
user_pref("CT2724386.BrowserCompStateIsOpen_1367226088000", true);
user_pref("CT2724386.CT2724407.CommunityChanged", true);
user_pref("CT2724386.CT2724407.alertChannelId", "1116673");
user_pref("CT2724386.CT2724431.CommunityChanged", true);
user_pref("CT2724386.CT2724431.alertChannelId", "1116697");
user_pref("CT2724386.CT2727162.CommunityChanged", true);
user_pref("CT2724386.CT2727162.alertChannelId", "1119424");
user_pref("CT2724386.CT2727622.CommunityChanged", true);
user_pref("CT2724386.CT2727622.alertChannelId", "1119884");
user_pref("CT2724386.CT2727646.CommunityChanged", true);
user_pref("CT2724386.CT2727646.alertChannelId", "1119908");
user_pref("CT2724386.CT2727678.CommunityChanged", true);
user_pref("CT2724386.CT2727678.alertChannelId", "1119940");
user_pref("CT2724386.CT2727750.CommunityChanged", true);
user_pref("CT2724386.CT2727750.alertChannelId", "1120012");
user_pref("CT2724386.CTID", "ct2724386");
user_pref("CT2724386.CommunitiesChangesLastCheckTime", "Fri Apr 26 2013 17:26:55 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.CommunitiesChangesLastUrl", "http://grouping.services.conduit.com/GroupingRequest.ctp?type=ToolbarsInfo&ctids=CT2724407,CT2724431
user_pref("CT2724386.CommunityChanged", true);
user_pref("CT2724386.CurrentServerDate", "27-2-2014");
user_pref("CT2724386.DialogsAlignMode", "LTR");
user_pref("CT2724386.DialogsGetterLastCheckTime", "Sat Feb 22 2014 09:28:13 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.DownloadReferralCookieData", "");
user_pref("CT2724386.FirstServerDate", "27-3-2011");
user_pref("CT2724386.FirstTime", true);
user_pref("CT2724386.FirstTimeFF3", true);
user_pref("CT2724386.FirstTimeSettingsDone", true);
user_pref("CT2724386.FixPageNotFoundErrors", true);
user_pref("CT2724386.GroupingLastCheckTime", "Fri Apr 26 2013 17:26:55 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.GroupingLastErrorCode", "");
user_pref("CT2724386.GroupingLastResponse", true);
user_pref("CT2724386.GroupingLastServerUpdateTime", "130114451536530000");
user_pref("CT2724386.GroupingServerCheckInterval", 1440);
user_pref("CT2724386.GroupingServiceUrl", "http://grouping.services.conduit.com/");
user_pref("CT2724386.HasUserGlobalKeys", true);
user_pref("CT2724386.Initialize", true);
user_pref("CT2724386.InitializeCommonPrefs", true);
user_pref("CT2724386.InstallationAndCookieDataSentCount", 3);
user_pref("CT2724386.InstallationId", "IncrediMail_MediaBar_2.exe");
user_pref("CT2724386.InstallationType", "ConduitIntegration");
user_pref("CT2724386.InstalledDate", "Sun Mar 27 2011 19:01:56 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.InvalidateCache", false);
user_pref("CT2724386.IsAlertDBUpdated", true);
user_pref("CT2724386.IsGrouping", false);
user_pref("CT2724386.IsMulticommunity", false);
user_pref("CT2724386.IsOpenThankYouPage", false);
user_pref("CT2724386.IsOpenUninstallPage", true);
user_pref("CT2724386.LanguagePackLastCheckTime", "Sun Mar 27 2011 19:01:58 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.LanguagePackReloadIntervalMM", 1440);
user_pref("CT2724386.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");
user_pref("CT2724386.LastLogin_2.7.2.0", "Sun Mar 27 2011 19:01:57 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.LastLogin_3.10.0.1", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.LatestVersion", "3.20.0.4");
user_pref("CT2724386.Locale", "en");
user_pref("CT2724386.LoginCache", 4);
user_pref("CT2724386.MCDetectTooltipHeight", "83");
user_pref("CT2724386.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
user_pref("CT2724386.MCDetectTooltipWidth", "295");
user_pref("CT2724386.MyStuffEnabledAtInstallation", true);
user_pref("CT2724386.RadioIsPodcast", false);
user_pref("CT2724386.RadioLastCheckTime", "Sun Mar 27 2011 19:01:57 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.RadioLastUpdateIPServer", "0");
user_pref("CT2724386.RadioMediaID", "21080102");
user_pref("CT2724386.RadioMediaType", "Media Player");
user_pref("CT2724386.RadioMenuSelectedID", "EBRadioMenu_CT272438621080102");
user_pref("CT2724386.RadioShrinkedFromSetup", false);
user_pref("CT2724386.RadioStationName", "Mix%201620%20Am");
user_pref("CT2724386.RadioStationURL", "http://69.115.65.9:8000");
user_pref("CT2724386.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2724386&octid=EB_ORIGINAL_CTID&SearchSour
user_pref("CT2724386.SearchFromAddressBarIsInit", true);
user_pref("CT2724386.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2724386&q=");
user_pref("CT2724386.SearchInNewTabEnabled", true);
user_pref("CT2724386.SearchInNewTabIntervalMM", 1440);
user_pref("CT2724386.SearchInNewTabLastCheckTime", "Sun Mar 27 2011 19:01:57 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID&UM=UM_ID");
user_pref("CT2724386.SearchInNewTabUsageUrl", "http://Usage.Hosting.conduit-services.com/UsageService.asmx/UsersRequests?ctid=EB_TOOLBAR_ID");
user_pref("CT2724386.ServiceMapLastCheckTime", "Thu Feb 27 2014 12:12:48 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.SettingsCheckIntervalMin", 120);
user_pref("CT2724386.SettingsLastCheckTime", "Sun Mar 27 2011 19:01:56 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.SettingsLastUpdate", "1300904766");
user_pref("CT2724386.ThirdPartyComponentsInterval", 504);
user_pref("CT2724386.ThirdPartyComponentsLastCheck", "Sun Mar 27 2011 19:01:56 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.ThirdPartyComponentsLastUpdate", "1246790578");
user_pref("CT2724386.ToolbarShrinkedFromSetup", false);
user_pref("CT2724386.TrusteLinkUrl", "http://trust.conduit.com/CT2724386");
user_pref("CT2724386.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,codefuel.com,tbccint.com,tro
user_pref("CT2724386.UserID", "UN86565823760897037");
user_pref("CT2724386.WeatherNetwork", "");
user_pref("CT2724386.WeatherPollDate", "Thu Feb 27 2014 12:12:50 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.WeatherUnit", "C");
user_pref("CT2724386.alertChannelId", "1116652");
user_pref("CT2724386.backendstorage./9b+7e-x305", "247E29327641363937333545397E3F493B2F77317E202520362D3842474A58515A5C585D505F593964595C49324B393A3F3
user_pref("CT2724386.backendstorage./9b+7e06cg5el8:", "6E6D686F6F6C6E717376");
user_pref("CT2724386.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A74736E7575727477797C242F4B49474F42357D5D5C3D");
user_pref("CT2724386.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426
user_pref("CT2724386.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");
user_pref("CT2724386.backendstorage./9b-0?3g>d", "673A6E413F7072447A7679787B207D4B4D4C257B7D7C202A23245722265B2E5C2D5B3161");
user_pref("CT2724386.backendstorage./9b-0?3g@6:5;", "");
user_pref("CT2724386.backendstorage./9b-0?3gfa7ef", "2B2E2C3D");
user_pref("CT2724386.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E685
user_pref("CT2724386.backendstorage./9b/556,bi5a>g", "6E6C6F6D737170717075787575");
user_pref("CT2724386.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");
user_pref("CT2724386.backendstorage./9b3=>@44i48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F");
user_pref("CT2724386.backendstorage./9b5ba==9cjag", "6B3B6840706E44457A777345784B4A7B4E214C4F22");
user_pref("CT2724386.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D686F6F6C6E717277737176");
user_pref("CT2724386.backendstorage./9b9643g3/9e", "6A");
user_pref("CT2724386.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");
user_pref("CT2724386.backendstorage./9b<:222h64<", "393F352F3E");
user_pref("CT2724386.backendstorage./9b<:222h64<l8daj", "6D70706F7674717975722A7976727B78757C7B");
user_pref("CT2724386.backendstorage./9b=+03eh8h8j?:", "4443");
user_pref("CT2724386.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");
user_pref("CT2724386.backendstorage./9b?b0d:8aj62<h", "6D");
user_pref("CT2724386.backendstorage./9ba@0<0bi6a7gn:6@l?", "6C");
user_pref("CT2724386.backendstorage.mam_gk_appsdefaultenabled", "6E756C6C");
user_pref("CT2724386.backendstorage.mam_gk_appstate_clarity_active", "6F6E");
user_pref("CT2724386.backendstorage.mam_gk_appstate_couponbuddy", "6F6E");
user_pref("CT2724386.backendstorage.mam_gk_appstate_easytobook", "6F6E");
user_pref("CT2724386.backendstorage.mam_gk_appstate_easytobook_targeted", "6F6E");
user_pref("CT2724386.backendstorage.mam_gk_appstate_pricegong", "6F6E");
user_pref("CT2724386.backendstorage.mam_gk_appstatereporttime", "31333933343837353531343030");
user_pref("CT2724386.backendstorage.mam_gk_calledsetupservice", "31");
user_pref("CT2724386.backendstorage.mam_gk_currentversion", "312E31332E302E3137");
user_pref("CT2724386.backendstorage.mam_gk_existingusersrecoverydone", "31");
user_pref("CT2724386.backendstorage.mam_gk_first_time", "31");
user_pref("CT2724386.backendstorage.mam_gk_lastlogintime", "31333933343837353531353035");
user_pref("CT2724386.backendstorage.mam_gk_localization", "7B226469616C6F674F4B223A7B2254657874223A224F4B227D2C22646D626F7831223A7B2254657874223A22446
user_pref("CT2724386.backendstorage.mam_gk_settings1.10.4.0", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A32343
user_pref("CT2724386.backendstorage.mam_gk_settings1.13.0.17", "7B22537461747573223A22737563636565646564222C2244617461223A7B2263757272656E744461746522
user_pref("CT2724386.backendstorage.mam_gk_settings1.4.4.6", "7B22537461747573223A22737563636565646564222C2244617461223A7B22696E74657276616C223A323430
user_pref("CT2724386.backendstorage.mam_gk_showclosebutton", "74727565");
user_pref("CT2724386.backendstorage.mam_gk_showwelcomegadget", "66616C7365");
user_pref("CT2724386.backendstorage.mam_gk_stamp", "35345F30");
user_pref("CT2724386.backendstorage.mam_gk_user_approval_interacted", "31");
user_pref("CT2724386.backendstorage.mam_gk_userborndate", "4E2F41");
user_pref("CT2724386.backendstorage.mam_gk_userid", "64333330623261622D356365622D343539352D396665372D636533333735626333386632");
user_pref("CT2724386.backendstorage.mam_gk_welcomedialogmode", "31");
user_pref("CT2724386.backendstorage.pg_enable", "66616C7365");
user_pref("CT2724386.backendstorage.searchappstate", "32");
user_pref("CT2724386.backendstorage.searchapptracking", "73656E74");
user_pref("CT2724386.clientLogIsEnabled", true);
user_pref("CT2724386.clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");
user_pref("CT2724386.ct2724386.DialogsAlignMode", "LTR");
user_pref("CT2724386.ct2724386.FirstTimeSettingsDone", true);
user_pref("CT2724386.ct2724386.GroupingInvalidateCache", false);
user_pref("CT2724386.ct2724386.GroupingLastCheckTime", "Fri Apr 26 2013 17:26:55 GMT+0200 (Romance (zomertijd))");
user_pref("CT2724386.ct2724386.GroupingLastErrorCode", "");
user_pref("CT2724386.ct2724386.GroupingLastResponse", true);
user_pref("CT2724386.ct2724386.GroupingLastServerUpdateTime", "130114451536530000");
user_pref("CT2724386.ct2724386.InvalidateCache", false);
user_pref("CT2724386.ct2724386.LanguagePackLastCheckTime", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.Locale", "en");
user_pref("CT2724386.ct2724386.RadioLastCheckTime", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.RadioLastUpdateIPServer", "3");
user_pref("CT2724386.ct2724386.RadioLastUpdateServer", "129249036863500000");
user_pref("CT2724386.ct2724386.SearchEngine", "Search||http://search.conduit.com/Results.aspx?q=UCM_SEARCH_TERM&ctid=CT2724386&octid=EB_ORIGINAL_CTID&
user_pref("CT2724386.ct2724386.SearchInNewTabLastCheckTime", "Thu Feb 27 2014 08:52:25 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.SettingsCheckIntervalMin", 120);
user_pref("CT2724386.ct2724386.SettingsLastCheckTime", "Thu Feb 27 2014 12:12:49 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.SettingsLastUpdate", "1393412332");
user_pref("CT2724386.ct2724386.ThirdPartyComponentsLastCheck", "Sat Feb 22 2014 09:27:39 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.ThirdPartyComponentsLastUpdate", "1331805997");
user_pref("CT2724386.ct2724386.globalFirstTimeInfoLastCheckTime", "Sat Feb 22 2014 09:28:12 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.toolbarAppMetaDataLastCheckTime", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.ct2724386.toolbarContextMenuLastCheckTime", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CT2724386.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.
user_pref("CT2724386.homepageProtectorEnableByLogin", true);
user_pref("CT2724386.initDone", true);
user_pref("CT2724386.isAppTrackingManagerOn", false);
user_pref("CT2724386.isFirstRadioInstallation", false);
user_pref("CT2724386.myStuffEnabled", true);
user_pref("CT2724386.myStuffPublihserMinWidth", 400);
user_pref("CT2724386.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"
user_pref("CT2724386.myStuffServiceIntervalMM", 1440);
user_pref("CT2724386.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF
user_pref("CT2724386.revertSettingsEnabled", true);
user_pref("CT2724386.searchProtectorDialogDelayInSec", 10);
user_pref("CT2724386.searchProtectorEnableByLogin", true);
user_pref("CT2724386.testingCtid", "");
user_pref("CT2724386.uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");
user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/ct2724386/CT2724386", "\"8584360aad9389d43eb83e12660ac9763\"");
user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=ct2724386", "\"1367226848\"");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en&ctid=ct2724386", "eSzELtoCN6VQCYiv1tPI+g==
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en&ctid=ct2724386", "HYogGBUvv90IWu2NxeLYvA=="
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en&ctid=ct2724386", "aXc5Vsxqu/hbyzW/5Q4N6w==
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=ct2724386", "ZI41WLbm1fFgx4gn0bs99Q==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en&ctid=ct2724386&UM=UM_UNINSTALL_ID", "9tP0a9tL
user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386", "\"7097fd37277b6a1b754b125bd11d0197\"");
user_pref("CommunityToolbar.ToolbarsList", "CT2724386");
user_pref("CommunityToolbar.ToolbarsList2", "CT2724386");
---- Lines conduit removed from prefs.js ----
user_pref("CommunityToolbar.alert.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.alert.servicesServerUrl", "http://alert.services.conduit.com");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "mfQ70fvlD2zuBxSBj8rQqA==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "UgzXjW7BIkfdx+x39Ruv3w==");
user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"c70353cabc2ce1:0\"");
user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.10.0.1", "\"dfe74040abc2ce1:0\"");
user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"cf2dfeaea09b0838eaab1b51f048b92e\"");
user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\zottemus\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\dven6o8f.default\\conduitComm
user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");
user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");
---- Lines mystart removed from prefs.js ----
user_pref("browser.startup.homepage", "http://mystart.incredimail.com?a=1jSpnuU3HlC");
user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://mystart.incredimail.com/?loc=ff_address_bar&search=");
---- Lines Search  removed from prefs.js ----
user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engine=\"http://*google.*\" param=\"q=\" /><EXTERNAL_SE
---- Lines babsrc removed from prefs.js ----
user_pref("{8E9E3331-D360-4f87-8803-52DE43566502}.ScriptData_WSG_blackList", "form=CONTLB|babsrc=toolbar|babsrc=tb_ss|invocationType=tb50-ie-aolsofton
---- Lines ask.com removed from prefs.js ----
user_pref("browser.search.defaultengine", "Ask.com");
user_pref("browser.search.order.1", "Ask.com");
user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..*|.*.yahoo..*|.*.youtube.com.*|.*ask.com.*|.*.swee
---- Lines CommunityToolbar removed from prefs.js ----
user_pref("CommunityToolbar.alert.alertInfoInterval", 60);
user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sun Mar 27 2011 19:04:11 GMT+0200 (Romance (zomertijd))");
user_pref("CommunityToolbar.alert.locale", "en");
user_pref("CommunityToolbar.alert.loginIntervalMin", 1440);
user_pref("CommunityToolbar.alert.loginLastCheckTime", "Sun Mar 27 2011 19:01:56 GMT+0200 (Romance (zomertijd))");
user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634");
user_pref("CommunityToolbar.alert.messageShowTimeSec", 20);
user_pref("CommunityToolbar.alert.showTrayIcon", false);
user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.alert.userId", "{940dc998-032e-4622-9e0f-5af7eb92449c}");
user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Fri Apr 26 2013 17:26:55 GMT+0200 (Romance (zomertijd))");
user_pref("CommunityToolbar.globalUserId", "9a89ba69-ac01-44ad-9acb-15f36dd63aac");
user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.10.0.1");
user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Feb 22 2014 09:27:41 GMT+0100 (Romance (standaardtijd))");
user_pref("CommunityToolbar.notifications.locale", "en");
user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Feb 27 2014 08:52:26 GMT+0100 (Romance (standaardtijd))");
user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
user_pref("CommunityToolbar.notifications.showTrayIcon", false);
user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
user_pref("CommunityToolbar.notifications.userId", "91bc8089-7f94-48cc-afab-199fb11f5408");
---- Lines crossrider removed from prefs.js ----
user_pref("extensions.crossrider.bic", "14458b4c3aca93f3d47c609f0fea94e8");
---- Lines EEE6C361-6118-11DC-9C72-001320C79847 modified from prefs.js ----

user_pref("extensions.enabledItems", "{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}:6.4.0.11328,{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22,{CAFEEFAC-0016-
---- Lines Sweet removed from prefs.js ----
user_pref("sweetim.toolbar.cargo", "3.1010000.10009");
user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true");
user_pref("sweetim.toolbar.cda.HideOveride.enable", "true");
user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.enable", "true");
user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-handler.js");
user_pref("sweetim.toolbar.dialogs.0.height", "335");
user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog");
user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;");
user_pref("sweetim.toolbar.dialogs.0.url", "http://www.sweetim.com/simffbar/options_remote_ff.asp?lang=$locale_id;&toolbar_version=$ITEM_VERSION;&crg=
user_pref("sweetim.toolbar.dialogs.0.width", "761");
user_pref("sweetim.toolbar.dialogs.1.enable", "true");
user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-handler.js");
user_pref("sweetim.toolbar.dialogs.1.height", "300");
user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog");
user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog");
user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html");
user_pref("sweetim.toolbar.dialogs.1.width", "500");
user_pref("sweetim.toolbar.dialogs.2.enable", "true");
user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handler.js");
user_pref("sweetim.toolbar.dialogs.2.height", "150");
user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove");
user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog");
user_pref("sweetim.toolbar.dialogs.2.url", "http://www.sweetim.com/simffbar/simcdadialog.asp");
user_pref("sweetim.toolbar.dialogs.2.width", "530");
user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.google.com/.*|.*.google.co.in/.*|.*.google.com.br/.*|.
user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0");
user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false");
user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log");
user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000");
user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7");
user_pref("sweetim.toolbar.mode.debug", "false");
user_pref("sweetim.toolbar.newtab.created", "false");
user_pref("sweetim.toolbar.newtab.enable", "true");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.rc.url", "http://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_VERSION;&crg=$cargo;");
user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.0.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.0.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "http://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.0.enable", "false");
user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb");
user_pref("sweetim.toolbar.scripts.0.url", "http://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true");
user_pref("sweetim.toolbar.scripts.1.callback", "simVerification");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "https://(www.|apps.)?facebook\\.com.*");
user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb");
user_pref("sweetim.toolbar.scripts.1.enable", "false");
user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_httpS");
user_pref("sweetim.toolbar.scripts.1.url", "https://sc.sweetim.com/apps/in/fb/infb.js");
user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false");
user_pref("sweetim.toolbar.scripts.2.callback", "");
user_pref("sweetim.toolbar.scripts.2.domain-whitelist", "");
user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script");
user_pref("sweetim.toolbar.scripts.2.enable", "false");
user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad");
user_pref("sweetim.toolbar.scripts.2.url", "http://cdn1.certified-apps.com/scripts/shared/enable.js?si=3104&tid=chff1");
user_pref("sweetim.toolbar.search.history.capacity", "10");
user_pref("sweetim.toolbar.searchguard.enable", "false");
user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true");
user_pref("sweetim.toolbar.simapp_id", "{C6BD179D-4F3A-11E2-9872-80C16E4A4136}");
user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true");
user_pref("sweetim.toolbar.version", "1.7.0.3");
user_pref("sweetim.toolbar.Visibility.enable", "true");
user_pref("sweetim.toolbar.Visibility.intervaldays", "7");
user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "0");
---- Lines ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362 removed from prefs.js ----
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.active", true);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.addressbar", "NA");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.addressbarenhanced", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_firstRun.exp
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_firstRun.val
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_is_install_r
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_is_install_r
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_last_report_
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_last_report_
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_lastUpdate.e
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_lastUpdate.v
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_loader_sessi
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_loader_sessi
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_monetization
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_override_ver
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_override_ver
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_plugins_vers
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_plugins_vers
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_stats_.expir
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.asyncinternaldb.monetization_plugin_stats_.value
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.backgroundver", 1);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.certdomaininstaller", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.changeprevious", false);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallationTime.expiration", "Fri Feb 01
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallationTime.value", "%221391467017%2
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallerParams.expiration", "Fri Feb 01 
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.InstallerParams.value", "%7B%22source_id%
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.jw_token.expiration", "Fri Feb 01 2030 00
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.cookie.jw_token.value", "%2252db33b8-24f8-26d1-2
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.description", "Get Discounts. Anywhere.");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.domain", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.enablesearch", false);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.homepage", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.iframe", false);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.InstallationThankYouPage", true);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.InstallationTime", 1391467017);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.__defualt_browser__.expiration", "Fri
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.__defualt_browser__.value", "%22ie%22
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.installer.expiration", "Fri Feb 01 20
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.installer.value", "%7B%22InstallerIde
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerIdentifiers.expiration", "Fr
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerIdentifiers.value", "%7B%22i
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParams.expiration", "Fri Feb
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParams.value", "%7B%22source
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParamsCache.expiration", "Fr
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerParamsCache.value", "%7B%22s
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerUserIdentifiersCache.expirat
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.InstallerUserIdentifiersCache.value",
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_bundledUrls.expir
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_bundledUrls.value
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_bundledWithHash.e
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_bundledWithHash.v
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_notBundledArr_.ex
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.monetization_plugin_notBundledArr_.va
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_appVer.expiration", "Fri Fe
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_appVer.value", "50");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_lastVersion.expiration", "F
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_lastVersion.value", "1");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_meta.expiration", "Fri Feb 
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_meta.value", "%7B%7D");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_nextCheck.expiration", "Thu
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_nextCheck.value", "true");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_queue.expiration", "Fri Feb
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.internaldb.Resources_queue.value", "%7B%7D");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.lastDailyReport", "1393487536880");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.lastUpdate", "1393487526972");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.manifesturl", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.name", "DiscountFrenzy");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.newtab", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.opensearch", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.pluginsurl", "https://w9u6a2p6.ssl.hwcdn.net/plu
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.pluginsversion", 43);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.publisher", "DiscountFrenzy");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.searchstatus", 0);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.setnewtab", false);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.thankyou", "");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.updateinterval", 360);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.45362.ver", 50);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.apps", "45362");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.bic", "14458b4c3aca93f3d47c609f0fea94e8");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.cid", 45362);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.FilesValidatorDueTime", "1393487588678");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.firstrun", false);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.hadappinstalled", true);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.installationdate", 1393057645);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.modetype", "production");
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.reportInstall", true);
user_pref("extensions.ac4d22aeb96c2487391c195a7a726b3424ef9d62479c842e0b8a98fd3126fefc8com45362.statsDailyCounter", 2);
---- FireFox user.js and prefs.js backups ---- 

user_20142403_0848_.backup
prefs_20142403_0848_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411531162}] 
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] 

==== Deleting Files \ Folders ======================

C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\ c4d22aeb-96c2-4873-91c1-95a7a726b342...d3126fefc8.com not found
C:\PROGRA~3\{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D} not found
C:\Program Files\Web Assistant deleted
C:\Program Files (x86)\DiscountFrenzy deleted
C:\PROGRA~2\Mozilla Firefox\.autoreg deleted
C:\PROGRA~2\MyPC Backup deleted
C:\PROGRA~2\myWebFace_2uEI deleted
C:\found.000 deleted
C:\Users\zottemus\AppData\Roaming\Uniblue deleted
C:\PROGRA~3\Ask deleted
C:\PROGRA~3\SweetIM deleted
C:\PROGRA~3\ProductData deleted
C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847} deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PriceGong deleted
C:\Windows\SysNative\roboot64.exe deleted
C:\Users\zottemus\AppData\LocalLow\ADSRemoval deleted
C:\Users\zottemus\AppData\LocalLow\PriceGong deleted
C:\Users\zottemus\AppData\LocalLow\Conduit deleted
C:\Users\zottemus\AppData\LocalLow\Toolbar4 deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\AVG Secure Search deleted
C:\Windows\sysWoW64\config\systemprofile\AppData\LocalLow\Application Updater deleted
C:\windows\SysNative\Tasks\Express FilesUpdate deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\searchplugins\askcom.xml deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\searchplugins\avg-secure-search.xml deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\searchplugins\MyStart Search.xml deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\SweetPacksToolbarData deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\CT2724386 deleted
C:\Users\zottemus\Desktop\Search the Web.url deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\adsremoval@adsremoval.net deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\c4d22aeb-96c2-4873-91c1-95a7a726b342@4ef9d624-79c8-42e0-b8a9-8fd3126fefc8.com deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\conduit deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\conduitCommon deleted
C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847} deleted
"C:\Windows\tasks\DiscountFrenzy-codedownloader.job" deleted
"C:\Windows\tasks\DiscountFrenzy-enabler.job" deleted
"C:\Windows\tasks\DiscountFrenzy-firefoxinstaller.job" deleted
"C:\Windows\tasks\DiscountFrenzy-updater.job" deleted
"C:\Windows\tasks\Driver Booster Update.job" deleted
"C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\searchplugins\sweetim.xml" deleted

==== System Specs ======================

Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601)
Memory (RAM): 4093 MB
CPU Info: AMD Turion(tm) II Ultra Dual-Core Mobile M600
CPU Speed: 2392,1 MHz
Sound Card: Luidsprekers en Dual koptelefoo | 
Onafhankelijke Dual koptelefoon | 
SPDIF (Digitaal Uit via HP Dock | 
Display Adapters: ATI Mobility Radeon HD 4500/5100 Series | ATI Mobility Radeon HD 4500/5100 Series | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver
Monitors: 1x; Algemeen PnP-beeldscherm | 
Screen Resolution: 1600 X 900 - 32 bit
Network: Network Present
Network Adapters: Qualcomm Atheros AR9285 802.11b/g/n WiFi Adapter | Realtek PCIe GBE Family Controller
CD / DVD Drives: 1x (F: | ) F: hp      DVD RW AD-7701H
Ports: COM Ports NOT Present. LPT Port NOT Present. 
Mouse: 5 Button Wheel Mouse Present
Hard Disks: C:  451,5GB | D:  465,8GB | E:  14,0GB
Hard Disks - Free: C:  263,7GB | D:  463,1GB | E:  2,3GB
Manufacturer *: Hewlett-Packard
BIOS Info: AT/AT COMPATIBLE | 05/17/10 | HPQOEM - 3
Time Zone: Romance (standaardtijd)
Motherboard *: Hewlett-Packard 3639
Country: Belgi‰ 
Language: NLB 

==== System Specs (Software) ======================

Anti-Virus: AVG AntiVirus Free Edition 2014 On-access scanning disabled (Outdated)
Anti-Spyware: Windows Defender disabled (Outdated)
Anti-Spyware: IObit Malware Fighter disabled (Outdated)
Anti-Spyware: AVG AntiVirus Free Edition 2014 disabled (Outdated)
Internet Explorer Version: 10.0.9200.16844 
Mozilla Firefox version: (3.6.12)
Google Chrome version: 33.0.1750.154
Adobe Reader version: 11.0.06.70
Sun Java version: 1.7.0_51 (32-bit) 
Sun Java version: 1.6.0_14 (64-bit) 
Flash Player version: 12.0.0.77

==== Files Recently Created / Modified ======================

====== C:\Windows ====
====== C:\Users\zottemus\AppData\Local\Temp ====
2014-03-21 09:25:44	A1692D6AC3BDA7AB848D7B8112C452DD	1988120	----a-w-	C:\Users\zottemus\AppData\Local\Temp\UNINSTALL.EXE
====== Java Cache =====
2014-03-13 20:02:22	D41D8CD98F00B204E9800998ECF8427E	0	----a-w-	C:\Users\zottemus\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\6c34baa0-3d219d3d
====== C:\Windows\SysWOW64 =====
2014-03-13 07:58:28	0F3B6590824D9C61B107A4134BB13A2F	163840	----a-w-	C:\Windows\SysWOW64\msrating.dll
2014-03-13 07:58:28	0CAB066DB859BC54551E94453B963359	391168	----a-w-	C:\Windows\SysWOW64\ieui.dll
2014-03-13 07:58:28	03430E5004CFEBAE4BC8C47A366F869A	2706432	----a-w-	C:\Windows\SysWOW64\mshtml.tlb
2014-03-13 07:58:26	ABB14EEA787B326975C53E7ED05B91F6	61440	----a-w-	C:\Windows\SysWOW64\iesetup.dll
2014-03-13 07:58:26	006345E0F3F4C34CFFDA6CE0DB59E2F6	33280	----a-w-	C:\Windows\SysWOW64\iernonce.dll
2014-03-13 07:58:25	BE2E9A1E68FB4EC3603037DEFEE54ACE	109056	----a-w-	C:\Windows\SysWOW64\iesysprep.dll
2014-03-13 07:58:25	31AA1C6779231BFC6F5D498363DA25F1	71680	----a-w-	C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-03-13 07:58:24	24E07A483C6FA35F91E9D2F84495819E	2049024	----a-w-	C:\Windows\SysWOW64\iertutil.dll
2014-03-13 07:58:23	803063FFA8F118D8F4CB9161F02B7B84	493056	----a-w-	C:\Windows\SysWOW64\msfeeds.dll
2014-03-13 07:58:22	CAF4F8373A49BF979F2F296966E7E2A0	690688	----a-w-	C:\Windows\SysWOW64\jscript.dll
2014-03-13 07:58:19	3F2FD720B6C4EF55B25B330808121069	2877952	----a-w-	C:\Windows\SysWOW64\jscript9.dll
2014-03-13 07:58:18	D7B1721B587698D495079B28758F13B3	1140736	----a-w-	C:\Windows\SysWOW64\urlmon.dll
2014-03-13 07:58:14	CA0398A7BEB5DB12594EF4ABDB078A5D	39936	----a-w-	C:\Windows\SysWOW64\jsproxy.dll
2014-03-13 07:58:13	9284BA6C27D360D71A5C0ECC8456E78E	1767936	----a-w-	C:\Windows\SysWOW64\wininet.dll
2014-03-13 07:58:12	67B5955F5F2F36D58993EB87101B3D2B	13761024	----a-w-	C:\Windows\SysWOW64\ieframe.dll
2014-03-13 07:58:09	9F378D86F983E84A0212678C1D18D7FC	14358016	----a-w-	C:\Windows\SysWOW64\mshtml.dll
2014-03-12 06:38:14	4F8CCD3E7D9F17A7C60FA0AE2466CACF	381440	----a-w-	C:\Windows\SysWOW64\wer.dll
2014-03-12 06:38:11	B0BE998802DEDEE1FD8F5E5F9F207A30	509440	----a-w-	C:\Windows\SysWOW64\qedit.dll
2014-03-12 06:38:11	A054EA8FBE16D4D34F06D81A4F0088E2	1230336	----a-w-	C:\Windows\SysWOW64\WindowsCodecs.dll
====== C:\Windows\SysWOW64\drivers =====
====== C:\Windows\Sysnative =====
2014-03-13 07:58:28	E230D5CD7249CF451A9B345A1353C59A	2706432	----a-w-	C:\Windows\Sysnative\mshtml.tlb
2014-03-13 07:58:28	97FE0CAE98FCCAF5BB97681F38A01CEC	197120	----a-w-	C:\Windows\Sysnative\msrating.dll
2014-03-13 07:58:27	2B1CE9F820801E011664FEC664E06983	526336	----a-w-	C:\Windows\Sysnative\ieui.dll
2014-03-13 07:58:26	D12B64D097BF978D52720593D492674D	67072	----a-w-	C:\Windows\Sysnative\iesetup.dll
2014-03-13 07:58:26	A2D58DB0C1C9C0BBCF10F59855D460BD	39936	----a-w-	C:\Windows\Sysnative\iernonce.dll
2014-03-13 07:58:25	EB9402ABE2A48993A829964FA55625CC	51712	----a-w-	C:\Windows\Sysnative\ie4uinit.exe
2014-03-13 07:58:25	50D39089BDAE2582B227587DA982DDEF	89600	----a-w-	C:\Windows\Sysnative\RegisterIEPKEYs.exe
2014-03-13 07:58:25	10322D8C1BC36CA7EAA5C754A54045F8	136704	----a-w-	C:\Windows\Sysnative\iesysprep.dll
2014-03-13 07:58:24	8D06EB11925D312D276C672CF5E8EE9C	2648576	----a-w-	C:\Windows\Sysnative\iertutil.dll
2014-03-13 07:58:23	2BFCEB6DC571E3277927D2E7C051C922	603136	----a-w-	C:\Windows\Sysnative\msfeeds.dll
2014-03-13 07:58:22	3D08744AD10BF721361214D88462F094	855552	----a-w-	C:\Windows\Sysnative\jscript.dll
2014-03-13 07:58:20	5EA008B3EEEC19ED0AB6A5345C811499	3960320	----a-w-	C:\Windows\Sysnative\jscript9.dll
2014-03-13 07:58:17	7D3FD710460FC0155C0F6A877AE46A48	1365504	----a-w-	C:\Windows\Sysnative\urlmon.dll
2014-03-13 07:58:14	C8F4FB5B401942E6E25D3D2360B47C86	53760	----a-w-	C:\Windows\Sysnative\jsproxy.dll
2014-03-13 07:58:12	79EDF01FA13D886F8E1B655D542011FB	2241536	----a-w-	C:\Windows\Sysnative\wininet.dll
2014-03-13 07:58:09	EC8AE061C8F2134B9BD89634C156F425	15404032	----a-w-	C:\Windows\Sysnative\ieframe.dll
2014-03-13 07:58:06	87478BFD51053034E45AAB2740285AF1	19273216	----a-w-	C:\Windows\Sysnative\mshtml.dll
2014-03-12 06:38:14	1075AB2C077B415760C0E948856B5126	484864	----a-w-	C:\Windows\Sysnative\wer.dll
2014-03-12 06:38:13	04F82965C09CBDF646B487E145060301	228864	----a-w-	C:\Windows\Sysnative\wwansvc.dll
2014-03-12 06:38:12	E918C0DE5CF2AE6BEDBF387C09627D93	3156480	----a-w-	C:\Windows\Sysnative\win32k.sys
2014-03-12 06:38:11	AFCA5C1ECEAF948FC815178BC077680E	1424384	----a-w-	C:\Windows\Sysnative\WindowsCodecs.dll
2014-03-12 06:38:11	2C619F6023E3F7A3ABF3475ED2223359	624128	----a-w-	C:\Windows\Sysnative\qedit.dll
====== C:\Windows\Sysnative\drivers =====
2014-03-06 09:50:50	D787F86566F6EA23053D9C5F401E33B7	888536	----a-w-	C:\Windows\Sysnative\drivers\Rt64win7.sys
2014-03-06 09:50:20	37CB595C0AB20ECBFA5170D3185690DB	96256	----a-w-	C:\Windows\Sysnative\drivers\AtihdW76.sys
====== C:\Windows\Tasks ======
2014-03-06 10:21:53	3E01984BCF1ACB772150BDC252C39F40	3172	----a-w-	C:\Windows\Sysnative\Tasks\SmartDefrag3_Startup
2014-03-06 10:21:52	1F4823C6A933868A43B609EA076619E2	3170	----a-w-	C:\Windows\Sysnative\Tasks\SmartDefrag3_Update
2014-03-06 09:47:24	3337E52D01B74AFA12AFCFD09F107EF7	3220	----a-w-	C:\Windows\Sysnative\Tasks\Driver Booster Scan
====== C:\Windows\Temp ======
======= C:\Program Files =====
2014-03-23 18:19:56	--------	d-----w-	C:\Program Files\trend micro
======= C:\PROGRA~2 =====
======= C: =====
====== C:\Users\zottemus\AppData\Roaming ======
====== C:\Users\zottemus ======
2014-03-23 18:22:50	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\zottemus\Desktop\RSITx64.exe
2014-03-23 18:19:29	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\zottemus\Downloads\RSITx64.exe
2014-03-12 09:48:07	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-03-06 09:47:21	--------	d-----w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

====== C: exe-files ==
2014-03-23 18:22:50	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\zottemus\Desktop\RSITx64.exe
2014-03-23 18:19:57	9A2347903D6EDB84C10F288BC0578C1C	388608	----a-w-	C:\Program Files\trend micro\zottemus.exe
2014-03-23 18:19:29	662C39FC1E27131551D557862CEC47F0	935175	----a-w-	C:\Users\zottemus\Downloads\RSITx64.exe
2014-03-21 09:25:44	A1692D6AC3BDA7AB848D7B8112C452DD	1988120	----a-w-	C:\Users\zottemus\AppData\Local\Temp\UNINSTALL.EXE
2014-03-21 06:22:09	A253CBBFBCEEE37DD90B999D26542038	90112	----a-w-	C:\Windows\Temp\certutil.exe
2014-03-21 06:18:18	1B2261DC4D131B2C699386D2100A599C	5071896	----a-w-	C:\Windows\Temp\{EA859323-A7DC-47C3-91DF-49A2CB4A6818}.exe
2014-03-20 06:17:00	4B5C634A2C2E29967070D1F7B926FBCA	155456	----a-w-	C:\Program Files (x86)\IObit\Driver Booster\AutoupdateFixer.exe
2014-03-19 07:10:37	DE3EDDFF9D6562B29F908B1C6F444295	2436416	----a-w-	C:\Program Files (x86)\IObit\Advanced SystemCare 7\UpdateTool_HP.exe
=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\iolo\System Mechanic\Startup Manager\Configuration\Disabled\Registry\HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 5"="C:\Program Files (x86)\IObit\Advanced SystemCare 5\ASCTray.exe /AutoStart"

[HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\iolo\System Mechanic\Startup Manager\Configuration\Disabled\Registry\HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"Adobe Reader Speed Launcher"="C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

[HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-1001\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

[HKEY_USERS\S-1-5-21-3652972518-3772848568-1520601676-500\Software\Microsoft\Windows\CurrentVersion\Run]
"HPADVISOR"="C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN"
"LightScribe Control Panel"="C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"QlbCtrl.exe"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start"
"UpdatePRCShortCut"="C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe C:\Program Files (x86)\Hewlett-Packard\Recovery UpdateWithCreateOnce Software\CyberLink\PowerRecover"
"WirelessAssistant"="C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"
"GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
"HP Software Update"="C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe"
"PMBVolumeWatcher"="C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe"
"StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun"
"AMD AVT"="Cmd.exe /c start AMD Accelerated Video Transcoding device initialization /min C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe aml"
"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"
"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
"IObit Malware Fighter"="C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe /autostart"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Advanced SystemCare 7"="C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe /Auto"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SmartMenu"="C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background"
"SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe"
"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\FreeApp]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="FreeApp"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\FreeApps\\FreeApps.exe\" /autorun"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPADVISOR]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPADVISOR"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Hewlett-Packard\\HP Advisor\\HPAdvisor.exe view=DOCKVIEW"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\HPCam_Menu]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="HPCam_Menu"
"hkey"="HKLM"
"command"="\"c:\\Program Files (x86)\\Hewlett-Packard\\Media\\Webcam\\MUITransfer\\MUIStartMenu.exe\" \"c:\\Program Files (x86)\\Hewlett-Packard\\Media\\Webcam\" UpdateWithCreateOnce \"Software\\Hewlett-Packard\\Media\\Webcam\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\IncrediMail]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="IncrediMail"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\IncrediMail\\bin\\IncMail.exe /c"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\iolo Startup]
"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="iolo Startup"
"hkey"="HKLM"
"command"="\"C:\\Program Files (x86)\\iolo\\Common\\Lib\\ioloLManager.exe\""

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\LightScribe Control Panel]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="LightScribe Control Panel"
"hkey"="HKCU"
"command"="C:\\Program Files (x86)\\Common Files\\LightScribe\\LightScribeControlPanel.exe -hidden"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\msnmsgr]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msnmsgr"
"hkey"="HKCU"
"command"="\"C:\\Program Files (x86)\\Windows Live\\Messenger\\msnmsgr.exe\" /background"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\GameConsoleService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdate]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gupdatem]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\gusvc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ioloFileInfoList]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\ioloSystemService]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\Services\RichVideo]


==== Startup Folders ======================

2010-09-26 16:51:10	2101	----a-w-	C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [12/03/2014 10:43]
C:\Windows\tasks\AutoSmartDefrag.job --a------ C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [09/07/2010 17:08]
C:\Windows\tasks\GlaryInitialize.job --a------ C:\Program Files (x86)\Glary Utilities\initialize.exe [14/10/2010 20:55]
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2010 08:56]
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [15/08/2010 08:56]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]
"C:\Windows\SysNative\tasks\ASC4_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 4\PMonitor.exe]
"C:\Windows\SysNative\tasks\ASC7_PerformanceMonitor" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe]
"C:\Windows\SysNative\tasks\ASC7_SkipUac_zottemus" [C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe /SkipUac]
"C:\Windows\SysNative\tasks\AutoSmartDefrag" [C:\Program Files (x86)\IObit\IObit SmartDefrag\IObit SmartDefrag.exe]
"C:\Windows\SysNative\tasks\CapSchedInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSchedInst.exe]
"C:\Windows\SysNative\tasks\CapSvcInst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapSvcInst.exe]
"C:\Windows\SysNative\tasks\CapUninst" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\Kernel\TV\CapUninst.exe]
"C:\Windows\SysNative\tasks\CLMLSvc" [c:\Program Files (x86)\Hewlett-Packard\TouchSmart\Media\Kernel\CLML\CLMLSvc.exe]
"C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]
"C:\Windows\SysNative\tasks\Driver Booster Scan" [C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe]
"C:\Windows\SysNative\tasks\DVDAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\DVD\DVDAgent.exe]
"C:\Windows\SysNative\tasks\GlaryInitialize" [C:\Program Files (x86)\Glary Utilities\initialize.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]
"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files (x86)\Windows Sidebar\sidebar.exe]
"C:\Windows\SysNative\tasks\SmartDefrag3_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe]
"C:\Windows\SysNative\tasks\SmartDefrag3_Update" [C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe]
"C:\Windows\SysNative\tasks\SmartDefrag_Startup" [C:\Program Files (x86)\IObit\Smart Defrag 2\SmartDefrag.exe]
"C:\Windows\SysNative\tasks\TVAgent" [c:\Program Files (x86)\Hewlett-Packard\Media\Live TV\TVAgent.exe]
"C:\Windows\SysNative\tasks\User_Feed_Synchronization-{1CFB7FF8-4791-4541-9651-B43438FF6726}" [C:\Windows\system32\msfeedssync.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]
"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Tuneup" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]
"{8E9E3331-D360-4f87-8803-52DE43566502}"="C:\Program Files\Web Assistant\Firefox" []
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{8E9E3331-D360-4f87-8803-52DE43566502}"="C:\Program Files\Web Assistant\Firefox" []
[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"smartwebprinting@hp.com"="C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3" [26/09/2010 17:52]

==== Firefox Extensions ======================

ProfilePath: C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default
- Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
- HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\17.3.0.49
- Undetermined - C:\Program Files (x86)\IObit Apps Toolbar\FF
- PriceGong - %ProfilePath%\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829}
- Undetermined - %ProfilePath%\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc}

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Skype Click to Call - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0032-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}
- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default
F1CD6E22E5AE5CEEB7712E546A5FC853	- C:\Windows\SysWOW64\npdeployJava1.dll -	Java Deployment Toolkit 7.0.450.18


==== Deleted Firefox Extensions ======================

C:\Users\zottemus\AppData\Roaming\Mozilla\Firefox\Profiles\dven6o8f.default\extensions\{8A9386B4-E958-4c4c-ADF4-8F26DB3E4829} deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
bkomkajifikmkfnjgphkjcfeepbnojok - C:\Program Files (x86)\PriceGong\2.6.8\pricegong.crx[]
dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]
jcdgjdiieiljkfkdcloehkohchhpekkn - C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\External Extensions\{EEE6C373-6118-11DC-9C72-001320C79847}\SweetFB.crx[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

Ads Removal - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen
Ads Removal - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod
SweetIM for Facebook - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn
Skype for Chromium - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Advanced SystemCare Surfing Protection - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
Chrome In-App Payments service - zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

==== Chrome Fix ======================

C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\fopdddcinljmpmioaklghcalngfhbaen deleted successfully
C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkcefkcdkepgkpbgncjchhbjgoanleod deleted successfully

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.google.be/"
"Search Page"="http://www.google.com"
"Default_Search_URL"="http://www.google.com/ie"
"Search Bar"="http://www.google.com/ie"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
@="http://www.google.com/search?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"SearchAssistant"="http://www.google.com/ie"
"Default_Search_URL"="http://www.google.com/ie"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="https://www.google.be/"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
"(Default)"="http://search.msn.com/results.asp?q=%s"
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]
"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"
"SearchAssistant"="http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing  Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR"
{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google  Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully
HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully
HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bkomkajifikmkfnjgphkjcfeepbnojok deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jcdgjdiieiljkfkdcloehkohchhpekkn deleted successfully
HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

==== HijackThis Entries ======================

O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Ads Removal - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} - C:\Program Files (x86)\IObit\IObit Malware Fighter\adsremoval\IE\Adblock.dll
O2 - BHO: Windows Live Messenger Companion Helper - {9FDDE16B-836F-4806-AB1F-1455CBEFF289} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [UpdatePRCShortCut] "C:\Program Files (x86)\Hewlett-Packard\Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Hewlett-Packard\Recovery" UpdateWithCreateOnce "Software\CyberLink\PowerRecover"
O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [PMBVolumeWatcher] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [AMD AVT] Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [IObit Malware Fighter] "C:\Program Files (x86)\IObit\IObit Malware Fighter\IMF.exe" /autostart
O4 - HKCU\..\Run: [Advanced SystemCare 7] "C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCTray.exe" /Auto
O4 - HKUS\S-1-5-21-3652972518-3772848568-1520601676-500\..\Run: [HPADVISOR] C:\Program Files (x86)\Hewlett-Packard\HP Advisor\HPAdvisor.exe autorun=AUTORUN (User 'Administrator')
O4 - HKUS\S-1-5-21-3652972518-3772848568-1520601676-500\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden (User 'Administrator')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\Hp\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Companion\companionlang.dll,-600 - {0000036B-C524-4050-81A0-243669A86B9F} - C:\Program Files (x86)\Windows Live\Companion\companioncore.dll
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Advanced SystemCare Service 7 (AdvancedSystemCareService7) - IObit - C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AMD FUEL Service - Advanced Micro Devices, Inc. - C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: IMF Service (IMFservice) - IObit - C:\Program Files (x86)\IObit\IObit Malware Fighter\IMFsrv.exe
O23 - Service: iolo System Service (ioloSystemService) - iolo technologies, LLC - C:\Program Files (x86)\iolo\Common\Lib\ioloServiceManager.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate (LiveUpdateSvc) - IObit - C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: PMBDeviceInfoProvider - Sony Corporation - C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_960c1f056a541068\STacSV64.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Administrator\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zottemus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\zottemus\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

C:\Users\zottemus\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=661 folders=155 19619308 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\temp emptied successfully
C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\Public\AppData\Local\temp emptied successfully
C:\Users\zottemus\AppData\Local\Temp will be emptied at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== EOF on ma 24/03/2014 at  9:02:28,37 ======================