deco1966

deze duslog.txt

Ik ben een leek op dit gebied. Kan iemand me concreet zeggen wat ik moet doen. Blijkbaar is mijn vriendin op IE geweest 4 dagen geleden en toen is het begonnen en word het erger en erger. Op IE krijg ik ook een banner met de melding dat er een virus gescand is terwijl ik kapersky heb die draait...

Sinds enige tijd merken we dat onze laptop trager werkt met firefox. Frequent blokkeert firefox of hebben een melding dat shokwave flash niet meer werkt. Kunnen jullie ons helpen, gr Phil

kapersky werkt weer printer is blijkbaar nu de kabel stuk en ga een nieuw halen denk wel dat alles opgelost is thx

aangekocht 2 jaar geleden en ieder jaar abonnement verlengt het is/was kapersky pure 3.0

Kan ik kapersky terug opzetten dan?

- het was een upgrade - moet terug te vinden zijn in de mails die ze me gezonden hebben (installatiecode van kapersky) -printer: HP printer Deskjet 3070A volgende bericht doe ik het wat je me beschreef - - - Updated - - - het overzicht:http://speccy.piriform.com/results/subRIHzyhtNtDYu3yr0B8Kl

Mijn vriendin heeft windows 8.1 laten installeren op onze Acer laptop. Nu vinden we Kapersky net meer en/of werkt hij niet meer. Sinds gisteren is onze printer ook niet meer te vinden of herkend. We hadden liever terug windows 7 gehad waar er geen problemen waren of iemand die ons kan helpen dit op te lossen. Welke van de 2 bovenstaande opties is de beste? gr, Philippe

denk dat het verwijderd is thx

[ATTACH]34830[/ATTACH] AdwCleaner[S0].txt

[ATTACH]34828[/ATTACH] zoek-results.log

[ATTACH]34807[/ATTACH] log.txt

onze dochter heeft "searcg us.com" binnengehaald heb al van alles geprobeerd om het weg te krijgen maar vruchteloos kan iemand ons helpen?

Gaat weer goed. Kan je me zeggen waar het probleem was? Kan ik misschien vermijden de volgende keer. gr Phil

het logje [ATTACH]34657[/ATTACH] AdwCleaner[S3].txt

het logje[ATTACH]34642[/ATTACH] zoek-results.log

in bijlage dus [ATTACH]34608[/ATTACH] log5.txt

Onze laptop loopt weer trager en trager. Kan iemand ons helpen en ik vrees dat hijackthis niet meer op onze laptop staat. Kaperzky is een aangekochte versie en up to date. gr, Philippe

Neen en nogmaals een dikke merci voor alle hulp.

deze dan: # AdwCleaner v3.020 - Report created 01/03/2014 at 18:46:21 # Updated 27/02/2014 by Xplode # Operating System : Windows 8 (64 bits) # Username : Philip - LAPTOPI7 # Running from : C:\Users\Philip\Downloads\adwcleaner.exe # Option : Clean ***** [ Services ] ***** ***** [ Files / Folders ] ***** Folder Deleted : C:\Program Files (x86)\Vuze ***** [ Shortcuts ] ***** ***** [ Registry ] ***** Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar ***** [ Browsers ] ***** -\\ Internet Explorer v10.0.9200.16798 -\\ Mozilla Firefox v27.0.1 (nl) [ File : C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\prefs.js ] -\\ Google Chrome v33.0.1750.117 [ File : C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage ************************* AdwCleaner[R0].txt - [1085 octets] - [01/03/2014 18:45:08] AdwCleaner[s0].txt - [958 octets] - [01/03/2014 18:46:21] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1017 octets] ##########

Sorry Kape, Ik dacht dat het verwijderd was want ik wist dat het fout was......is dus niet gebeurd. Maar deze klopt dan wel: Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Philip on za 01/03/2014 at 11:23:30,04. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Downloads\zoek.exe [scan all users] [script inserted] ==== Older Logs ====================== C:\zoek-results2014-02-28-231037.log 39218 bytes ==== Deleting Files \ Folders ====================== "C:\DelFix.txt" deleted "C:\Users\Philip\Downloads\RSITx64(2).exe" deleted "C:\Users\Philip\Downloads\RSITx64(1).exe" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCall.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla2.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla21.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla32.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla33.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla34.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.dll" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseData.ini" deleted "C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP" deleted ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== C:\zoek_backup content ====================== C:\zoek_backup (files=542 folders=129 13192605 bytes) ==== EOF on za 01/03/2014 at 11:25:05,99 ======================

Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Philip on vr 28/02/2014 at 23:57:23,13. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Downloads\zoek(1).exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 28/02/2014 23:59:17 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Trend Micro deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default user.js not found ---- Lines CT2504091 removed from prefs.js ---- user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.FF19Solved", "true"); user_pref("CT2504091.FirstTime", "true"); user_pref("CT2504091.FirstTimeFF3", "true"); user_pref("CT2504091.PG_ENABLE", "dHJ1ZQ=="); user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q user_pref("CT2504091.UserID", "UN35318543279037151"); user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT2504091.appOptions", "{}"); user_pref("CT2504091.browser.search.defaultthis.engineName", true); user_pref("CT2504091.cbfirsttime.enc", "U3VuIEZlYiAyMyAyMDE0IDE2OjU0OjE2IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk="); user_pref("CT2504091.countryCode", "BE"); user_pref("CT2504091.defaultSearch", "true"); user_pref("CT2504091.enableAlerts", "true"); user_pref("CT2504091.enableSearchFromAddressBar", "true"); user_pref("CT2504091.firstTimeDialogOpened", "true"); user_pref("CT2504091.fixPageNotFoundError", "true"); user_pref("CT2504091.fixPageNotFoundErrorByUser", "true"); user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); user_pref("CT2504091.fullUserID", "UN35318543279037151.IN.20140223165324"); user_pref("CT2504091.homepageuserchanged", true); user_pref("CT2504091.installDate", "23/02/2014 16:53:24"); user_pref("CT2504091.installSessionId", "{9D6A8ADE-025A-4B34-B90B-29E880D7E870}"); user_pref("CT2504091.installSp", "false"); user_pref("CT2504091.installType", "conduitnsisintegration"); user_pref("CT2504091.installUsage", "2014-02-23T18:53:29.7752954+03:00"); user_pref("CT2504091.installUsageEarly", "2014-02-23T18:53:29.0888866+03:00"); user_pref("CT2504091.installerVersion", "1.8.1.4"); user_pref("CT2504091.isCheckedStartAsHidden", true); user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.isFirstTimeToolbarLoading", "false"); user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT2504091.keyword", true); user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource= user_pref("CT2504091.lastVersion", "10.23.0.822"); user_pref("CT2504091.mam_gk_installer_preapproved.enc", "ZmFsc2U="); user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN user_pref("CT2504091.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.openThankYouPage", "false"); user_pref("CT2504091.openUninstallPage", "true"); user_pref("CT2504091.originalHomepage", "https://www.google.be/"); user_pref("CT2504091.originalSearchAddressUrl", false); user_pref("CT2504091.originalSearchEngine", "Google"); user_pref("CT2504091.originalSearchEngineName", "Google"); user_pref("CT2504091.revertSettingsEnabled", "false"); user_pref("CT2504091.search.searchAppId", "129079840422026594"); user_pref("CT2504091.search.searchCount", "0"); user_pref("CT2504091.searchFromAddressBarEnabledByUser", "true"); user_pref("CT2504091.searchInNewTabEnabledByUser", "true"); user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); user_pref("CT2504091.searchRevert", "false"); user_pref("CT2504091.searchSuggestEnabledByUser", "true"); user_pref("CT2504091.searchUninstallUserMode", "1"); user_pref("CT2504091.searchUserMode", "1"); user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//x user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote \"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT2504091.serviceLayer_services_Configuration_lastUpdate", "1393617019707"); user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1393170809776"); user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1393170808897"); user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1393170808848"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1393170808831"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1393170809834"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.722_lastUpdate", "1393442614652"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.822_lastUpdate", "1393617019660"); user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1393170808900"); user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1393617019622"); user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1393617019600"); user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1393170808876"); user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1393624412215"); user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1393617019616"); user_pref("CT2504091.settingsINI", true); user_pref("CT2504091.shouldFirstTimeDialog", "false"); user_pref("CT2504091.showToolbarPermission", "false"); user_pref("CT2504091.smartbar.CTID", "CT2504091"); user_pref("CT2504091.smartbar.Uninstall", "0"); user_pref("CT2504091.smartbar.homepage", true); user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); user_pref("CT2504091.startPage", "true"); user_pref("CT2504091.toolbarBornServerTime", "23-2-2014"); user_pref("CT2504091.toolbarCurrentServerTime", "28-2-2014"); user_pref("CT2504091.toolbarInstallDate", "23-02-2014 16:53:24"); user_pref("CT2504091.toolbarLoginClientTime", "Sun Feb 23 2014 16:53:29 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2504091.versionFromInstaller", "10.23.0.722"); user_pref("CT2504091.xpeMode", "1"); user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1393624411581,\"isWithState\":\"\",\"timeFromStar user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q="); user_pref("Smartbar.keywordURLSelectedCTID", "CT2504091"); user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q="); user_pref("smartbar.addressBarOwnerCTID", "CT2504091"); user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2504091&CUI=UN35318543279037151&UM=1&SearchSource=13"); user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM= user_pref("smartbar.defaultSearchOwnerCTID", "CT2504091"); user_pref("smartbar.homePageOwnerCTID", "CT2504091"); user_pref("valueApps.CT2504091./9B+7E+x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E.:2z527.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:", "6E6D686F726D756E7673"); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E7578737B747C79242F4B49474F42357D5D5C3D"); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E1x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E2x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E3x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E7x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E9x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E>x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D.storedInFile", false); user_pref("valueApps.CT2504091./9B+7EDx305.storedInFile", true); user_pref("valueApps.CT2504091./9B-0?3G>D", "3D3D406F3E6D74447A42477A48204C762020254E20257D2A222058575A255B295A302E2A"); user_pref("valueApps.CT2504091./9B-0?3G>D.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3G@6:5;", ""); user_pref("valueApps.CT2504091./9B-0?3G@6:5;.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3GFA7EF", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B-0?3GFA7EF.storedInFile", false); user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>.storedInFile", false); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576"); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false); user_pref("valueApps.CT2504091./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); user_pref("valueApps.CT2504091./9B3=>@44I48?.storedInFile", false); user_pref("valueApps.CT2504091./9B5BA==9CJAG", "6E6A3E726F6D6E437A467976737A7C4D764E507D52"); user_pref("valueApps.CT2504091./9B5BA==9CJAG.storedInFile", false); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P", "6E6D686F726D756E7673707478"); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); user_pref("valueApps.CT2504091./9B9643G3/9E", "6A"); user_pref("valueApps.CT2504091./9B9643G3/9E.storedInFile", false); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<", "393F352F3E"); user_pref("valueApps.CT2504091./9B<:222H64<.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ", "6D70706E7674737976732A7974727D77757C7E"); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ.storedInFile", false); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:", "4443"); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:.storedInFile", false); user_pref("valueApps.CT2504091./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); user_pref("valueApps.CT2504091./9B?+E2A52D8.storedInFile", false); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H", "6D"); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H.storedInFile", false); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?", "6C"); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?.storedInFile", false); user_pref("valueApps.CT2504091.PG_ENABLE", "74727565"); user_pref("valueApps.CT2504091.PG_ENABLE.storedInFile", false); user_pref("valueApps.CT2504091._key_cl_active", "33313339323038302D353932642D346331352D613365622D613734663565636163643766"); user_pref("valueApps.CT2504091._key_cl_active.storedInFile", false); user_pref("valueApps.CT2504091.cb_user_id_000", "43423632383938353832343430355F313339323438363932343739335F46697265666F78"); user_pref("valueApps.CT2504091.cb_user_id_000.storedInFile", false); user_pref("valueApps.CT2504091.cbfirsttime", "5361742046656220313520323031342031383A30393A343820474D542B303130302028526F6D616E636520287374616E64616172 user_pref("valueApps.CT2504091.cbfirsttime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime", "31333933313730383131333736"); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appsConfig.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled", "6E756C6C"); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_calledSetupService", "31"); user_pref("valueApps.CT2504091.mam_gk_calledSetupService.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_currentVersion", "312E31332E302E3137"); user_pref("valueApps.CT2504091.mam_gk_currentVersion.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone", "31"); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_first_time", "31"); user_pref("valueApps.CT2504091.mam_gk_first_time.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime", "31333933313730383131363432"); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_localization.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_mamEnabled", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_mamEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls", "31"); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience", "31"); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_settings1.13.0.17.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_stamp", "35345F30"); user_pref("valueApps.CT2504091.mam_gk_stamp.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userBornDate", "4E2F41"); user_pref("valueApps.CT2504091.mam_gk_userBornDate.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); user_pref("valueApps.CT2504091.mam_gk_userId.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted", "31"); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode", "31"); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode.storedInFile", false); user_pref("valueApps.CT2504091.url_history0001.storedInFile", true); ---- Lines conduit removed from prefs.js ---- user_pref("plugin.state.npconduitfirefoxplugin", 2); user_pref("Smartbar.ConduitHomepagesList", ""); user_pref("Smartbar.ConduitSearchEngineList", "Web Search"); ---- Lines Search removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Web Search Customized Web Search"); user_pref("browser.search.selectedEngine", "Web Search Customized Web Search"); ---- Lines valueApps removed from prefs.js ---- user_pref("valueApps.storage.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); ---- Lines smartbar removed from prefs.js ---- user_pref("smartbar.machineId", "C2QF4ILLPVZQUXIW6P/FITISO1NHK1+N3CPATFKRHDAYG8/0Z+OVNIJHMTAMF3FFYBLUTAEHWIJX+YAP3LX5DQ"); ---- FireFox user.js and prefs.js backups ---- prefs_20140103_0004_.backup ==== Deleting Files \ Folders ====================== C:\Users\Philip\AppData\Roaming\systweak not found C:\Program Files (x86)\RegClean Pro not found C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted C:\END deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\searchplugins\web-search-customized-web-search.xml deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\valueApps deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\CT2504091 deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\smartbar deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Philip\AppData\Local\Temp ==== 2014-02-25 05:41:13 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Philip\AppData\Local\Temp\ESGScanner.sys 2014-02-25 05:39:23 C329AF2DC1C12FA3E1AFAB4DE5163C4F 47329360 ----a-w- C:\Users\Philip\AppData\Local\Temp\SHSetup.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-23 15:53:13 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe ====== Java Cache ===== 2014-02-25 11:55:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-35162a90 2014-02-25 11:55:09 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-2feae51a ====== C:\Windows\SysWOW64 ===== 2014-02-19 15:10:34 EF5476C1A9B9923EAA4D61B2662851B3 131 ----a-w- C:\Windows\SysWOW64\REMOTEDEVICE.INI ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe ====== C:\Windows\Sysnative\drivers ===== 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-23 15:53:03 -------- d-----w- C:\PROGRA~2\Vuze 2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch 2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype 2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC ======= C: ===== 2014-02-21 05:16:38 CDCE08FAF9B68AAD7A90FB0653C22A40 1360 ----a-w- C:\DelFix.txt ====== C:\Users\Philip\AppData\Roaming ====== 2014-02-19 14:29:35 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Philip\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide 2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype 2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype 2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC ====== C:\Users\Philip ====== 2014-02-27 05:35:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(2).exe 2014-02-26 15:50:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(1).exe 2014-02-26 15:49:14 74E91FA2444B43F8A943C72F19FC6300 935174 ----a-w- C:\Users\Philip\Downloads\RSITx64.exe 2014-02-25 05:39:09 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Philip\Downloads\SpyHunter-Installer(1).exe 2014-02-23 15:51:43 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller(1).exe 2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype 2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-02-27 05:35:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(2).exe 2014-02-26 15:50:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(1).exe 2014-02-26 15:49:14 74E91FA2444B43F8A943C72F19FC6300 935174 ----a-w- C:\Users\Philip\Downloads\RSITx64.exe 2014-02-25 06:27:53 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe 2014-02-25 05:40:05 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe 2014-02-25 05:39:23 C329AF2DC1C12FA3E1AFAB4DE5163C4F 47329360 ----a-w- C:\Users\Philip\AppData\Local\Temp\SHSetup.exe 2014-02-25 05:39:09 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Philip\Downloads\SpyHunter-Installer(1).exe 2014-02-23 15:56:08 29E76897D1E1E17E8F2DD8E64ACE33C2 12582912 ----a-w- C:\Users\Philip\Documents\Vuze Downloads\Man of Tai Chi (2013)\Nymphomaniac Volume 1 2013\WMP x264 Codec Pack.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\statisticsstub[1].exe 2014-02-23 15:53:18 68451FA1A3674235269EBE6A4BD2690B 2570128 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C7LS2ZX\vuze_remote[1].exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\checktbexist[1].exe 2014-02-23 15:53:13 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-23 15:53:10 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe 2014-02-23 15:53:10 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe 2014-02-23 15:53:10 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe 2014-02-23 15:53:05 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe 2014-02-23 15:53:03 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe 2014-02-23 15:53:03 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\ism[1].exe 2014-02-23 15:51:49 824C8B34E89F6829855B543586E7EF13 10073120 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\Vuze_Installer32[1].exe 2014-02-23 15:51:43 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller(1).exe 2014-02-22 10:43:29 A4F0C36642681927FA53CD6A90CA2975 7620312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.117\33.0.1750.117_32.0.1700.107_chrome_updater.exe === C: other files == 2014-02-25 05:41:13 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Philip\AppData\Local\Temp\ESGScanner.sys 2014-02-23 15:50:41 BAAEDF6167FAACB4E7A12D5EDFE9D593 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2247059795-104316592-4163284125-1001\$I2FHPVE.zip 2014-02-23 15:38:11 93B20F7397E42851F62DCF91239826D6 2546978 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2247059795-104316592-4163284125-1001\$R2FHPVE.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default - Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06] Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=528 folders=128 9604489 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Philip\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Philip\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 01/03/2014 at 0:10:37,06 ======================

Zoek.exe v5.0.0.0 Updated 19-February-2014 Tool run by Philip on vr 28/02/2014 at 23:57:23,13. Microsoft Windows 8 6.2.9200 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Philip\Downloads\zoek(1).exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 28/02/2014 23:59:17 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\PROGRA~2\Trend Micro deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default user.js not found ---- Lines CT2504091 removed from prefs.js ---- user_pref("CT2504091.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.FF19Solved", "true"); user_pref("CT2504091.FirstTime", "true"); user_pref("CT2504091.FirstTimeFF3", "true"); user_pref("CT2504091.PG_ENABLE", "dHJ1ZQ=="); user_pref("CT2504091.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q user_pref("CT2504091.UserID", "UN35318543279037151"); user_pref("CT2504091.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT2504091.appOptions", "{}"); user_pref("CT2504091.browser.search.defaultthis.engineName", true); user_pref("CT2504091.cbfirsttime.enc", "U3VuIEZlYiAyMyAyMDE0IDE2OjU0OjE2IEdNVCswMTAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk="); user_pref("CT2504091.countryCode", "BE"); user_pref("CT2504091.defaultSearch", "true"); user_pref("CT2504091.enableAlerts", "true"); user_pref("CT2504091.enableSearchFromAddressBar", "true"); user_pref("CT2504091.firstTimeDialogOpened", "true"); user_pref("CT2504091.fixPageNotFoundError", "true"); user_pref("CT2504091.fixPageNotFoundErrorByUser", "true"); user_pref("CT2504091.fixPageNotFoundErrorInHidden", "true"); user_pref("CT2504091.fullUserID", "UN35318543279037151.IN.20140223165324"); user_pref("CT2504091.homepageuserchanged", true); user_pref("CT2504091.installDate", "23/02/2014 16:53:24"); user_pref("CT2504091.installSessionId", "{9D6A8ADE-025A-4B34-B90B-29E880D7E870}"); user_pref("CT2504091.installSp", "false"); user_pref("CT2504091.installType", "conduitnsisintegration"); user_pref("CT2504091.installUsage", "2014-02-23T18:53:29.7752954+03:00"); user_pref("CT2504091.installUsageEarly", "2014-02-23T18:53:29.0888866+03:00"); user_pref("CT2504091.installerVersion", "1.8.1.4"); user_pref("CT2504091.isCheckedStartAsHidden", true); user_pref("CT2504091.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.isFirstTimeToolbarLoading", "false"); user_pref("CT2504091.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT2504091.keyword", true); user_pref("CT2504091.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2504091&octid=CT2504091&SearchSource= user_pref("CT2504091.lastVersion", "10.23.0.822"); user_pref("CT2504091.mam_gk_installer_preapproved.enc", "ZmFsc2U="); user_pref("CT2504091.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN user_pref("CT2504091.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.openThankYouPage", "false"); user_pref("CT2504091.openUninstallPage", "true"); user_pref("CT2504091.originalHomepage", "https://www.google.be/"); user_pref("CT2504091.originalSearchAddressUrl", false); user_pref("CT2504091.originalSearchEngine", "Google"); user_pref("CT2504091.originalSearchEngineName", "Google"); user_pref("CT2504091.revertSettingsEnabled", "false"); user_pref("CT2504091.search.searchAppId", "129079840422026594"); user_pref("CT2504091.search.searchCount", "0"); user_pref("CT2504091.searchFromAddressBarEnabledByUser", "true"); user_pref("CT2504091.searchInNewTabEnabledByUser", "true"); user_pref("CT2504091.searchInNewTabEnabledInHidden", "true"); user_pref("CT2504091.searchRevert", "false"); user_pref("CT2504091.searchSuggestEnabledByUser", "true"); user_pref("CT2504091.searchUninstallUserMode", "1"); user_pref("CT2504091.searchUserMode", "1"); user_pref("CT2504091.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2504091\"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://VuzeRemote.OurToolbar.com//x user_pref("CT2504091.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Vuze Remote \"}"); user_pref("CT2504091.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2504091.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT2504091.serviceLayer_services_Configuration_lastUpdate", "1393617019707"); user_pref("CT2504091.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1393170809776"); user_pref("CT2504091.serviceLayer_services_appsMetadata_lastUpdate", "1393170808897"); user_pref("CT2504091.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1393170808848"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1393170808831"); user_pref("CT2504091.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1393170809834"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.722_lastUpdate", "1393442614652"); user_pref("CT2504091.serviceLayer_services_login_10.23.0.822_lastUpdate", "1393617019660"); user_pref("CT2504091.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1393170808900"); user_pref("CT2504091.serviceLayer_services_searchAPI_lastUpdate", "1393617019622"); user_pref("CT2504091.serviceLayer_services_serviceMap_lastUpdate", "1393617019600"); user_pref("CT2504091.serviceLayer_services_toolbarContextMenu_lastUpdate", "1393170808876"); user_pref("CT2504091.serviceLayer_services_toolbarSettings_lastUpdate", "1393624412215"); user_pref("CT2504091.serviceLayer_services_translation_lastUpdate", "1393617019616"); user_pref("CT2504091.settingsINI", true); user_pref("CT2504091.shouldFirstTimeDialog", "false"); user_pref("CT2504091.showToolbarPermission", "false"); user_pref("CT2504091.smartbar.CTID", "CT2504091"); user_pref("CT2504091.smartbar.Uninstall", "0"); user_pref("CT2504091.smartbar.homepage", true); user_pref("CT2504091.smartbar.toolbarName", "Vuze Remote "); user_pref("CT2504091.startPage", "true"); user_pref("CT2504091.toolbarBornServerTime", "23-2-2014"); user_pref("CT2504091.toolbarCurrentServerTime", "28-2-2014"); user_pref("CT2504091.toolbarInstallDate", "23-02-2014 16:53:24"); user_pref("CT2504091.toolbarLoginClientTime", "Sun Feb 23 2014 16:53:29 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2504091.versionFromInstaller", "10.23.0.722"); user_pref("CT2504091.xpeMode", "1"); user_pref("CT2504091_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1393624411581,\"isWithState\":\"\",\"timeFromStar user_pref("Smartbar.ConduitSearchUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q="); user_pref("Smartbar.keywordURLSelectedCTID", "CT2504091"); user_pref("keyword.URL", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM=1&q="); user_pref("smartbar.addressBarOwnerCTID", "CT2504091"); user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2504091&CUI=UN35318543279037151&UM=1&SearchSource=13"); user_pref("smartbar.conduitSearchAddressUrlList", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2504091&SearchSource=2&CUI=UN35318543279037151&UM= user_pref("smartbar.defaultSearchOwnerCTID", "CT2504091"); user_pref("smartbar.homePageOwnerCTID", "CT2504091"); user_pref("valueApps.CT2504091./9B+7E+x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E.:2z527.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:", "6E6D686F726D756E7673"); user_pref("valueApps.CT2504091./9B+7E06CG5EL8:.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K", "247E2D2F226A74736E7578737B747C79242F4B49474F42357D5D5C3D"); user_pref("valueApps.CT2504091./9B+7E06CG5EL;8I:K.storedInFile", false); user_pref("valueApps.CT2504091./9B+7E1x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E2x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E3x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E7x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E9x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7E>x305.storedInFile", true); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); user_pref("valueApps.CT2504091./9B+7EBE3G=;D9N9=D.storedInFile", false); user_pref("valueApps.CT2504091./9B+7EDx305.storedInFile", true); user_pref("valueApps.CT2504091./9B-0?3G>D", "3D3D406F3E6D74447A42477A48204C762020254E20257D2A222058575A255B295A302E2A"); user_pref("valueApps.CT2504091./9B-0?3G>D.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3G@6:5;", ""); user_pref("valueApps.CT2504091./9B-0?3G@6:5;.storedInFile", false); user_pref("valueApps.CT2504091./9B-0?3GFA7EF", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B-0?3GFA7EF.storedInFile", false); user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>", "247E333D2C452F4135276F292A212C393D44307832332A354448584C3A23282E2E3132333435363B466068576C5E6857705A user_pref("valueApps.CT2504091./9B-3=3ECCJA=F>.storedInFile", false); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM", "6A696B7273747576"); user_pref("valueApps.CT2504091./9B/>01=9A6K6<IM;KRIE@PDAWM.storedInFile", false); user_pref("valueApps.CT2504091./9B3=>@44I48?", "372C2D3269757633423633414847203E3D474E4D4C45474F2A554A4D2D5858585E4B554E366352564F"); user_pref("valueApps.CT2504091./9B3=>@44I48?.storedInFile", false); user_pref("valueApps.CT2504091./9B5BA==9CJAG", "6E6A3E726F6D6E437A467976737A7C4D764E507D52"); user_pref("valueApps.CT2504091./9B5BA==9CJAG.storedInFile", false); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P", "6E6D686F726D756E7673707478"); user_pref("valueApps.CT2504091./9B6B11G4C56B>F;P;ANR@P.storedInFile", false); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS", "393F352F3E"); user_pref("valueApps.CT2504091./9B90E@.3C;7B=?OFB>>RHIQS.storedInFile", false); user_pref("valueApps.CT2504091./9B9643G3/9E", "6A"); user_pref("valueApps.CT2504091./9B9643G3/9E.storedInFile", false); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE", "2B2E2C3D"); user_pref("valueApps.CT2504091./9B;45>:BI9I7IE.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<", "393F352F3E"); user_pref("valueApps.CT2504091./9B<:222H64<.storedInFile", false); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ", "6D70706E7674737976732A7974727D77757C7E"); user_pref("valueApps.CT2504091./9B<:222H64<L8DAJ.storedInFile", false); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:", "4443"); user_pref("valueApps.CT2504091./9B=+03EH8H8J?:.storedInFile", false); user_pref("valueApps.CT2504091./9B?+E2A52D8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); user_pref("valueApps.CT2504091./9B?+E2A52D8.storedInFile", false); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H", "6D"); user_pref("valueApps.CT2504091./9B?B0D:8AJ62<H.storedInFile", false); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?", "6C"); user_pref("valueApps.CT2504091./9BA@0<0BI6A7GN:6@L?.storedInFile", false); user_pref("valueApps.CT2504091.PG_ENABLE", "74727565"); user_pref("valueApps.CT2504091.PG_ENABLE.storedInFile", false); user_pref("valueApps.CT2504091._key_cl_active", "33313339323038302D353932642D346331352D613365622D613734663565636163643766"); user_pref("valueApps.CT2504091._key_cl_active.storedInFile", false); user_pref("valueApps.CT2504091.cb_user_id_000", "43423632383938353832343430355F313339323438363932343739335F46697265666F78"); user_pref("valueApps.CT2504091.cb_user_id_000.storedInFile", false); user_pref("valueApps.CT2504091.cbfirsttime", "5361742046656220313520323031342031383A30393A343820474D542B303130302028526F6D616E636520287374616E64616172 user_pref("valueApps.CT2504091.cbfirsttime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime", "31333933313730383131333736"); user_pref("valueApps.CT2504091.mam_gk_appStateReportTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Clarity_Active.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_CouponBuddy.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_Easytobook_targeted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong", "6F6E"); user_pref("valueApps.CT2504091.mam_gk_appState_PriceGong.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_appsConfig.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled", "6E756C6C"); user_pref("valueApps.CT2504091.mam_gk_appsDefaultEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_calledSetupService", "31"); user_pref("valueApps.CT2504091.mam_gk_calledSetupService.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_currentVersion", "312E31332E302E3137"); user_pref("valueApps.CT2504091.mam_gk_currentVersion.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone", "31"); user_pref("valueApps.CT2504091.mam_gk_existingUsersRecoveryDone.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_first_time", "31"); user_pref("valueApps.CT2504091.mam_gk_first_time.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime", "31333933313730383131363432"); user_pref("valueApps.CT2504091.mam_gk_lastLoginTime.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_localization.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_mamEnabled", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_mamEnabled.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls", "31"); user_pref("valueApps.CT2504091.mam_gk_migrated_from_ls.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience", "31"); user_pref("valueApps.CT2504091.mam_gk_new_welcome_experience.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_settings1.13.0.17.storedInFile", true); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget", "66616C7365"); user_pref("valueApps.CT2504091.mam_gk_showWelcomeGadget.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_stamp", "35345F30"); user_pref("valueApps.CT2504091.mam_gk_stamp.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userBornDate", "4E2F41"); user_pref("valueApps.CT2504091.mam_gk_userBornDate.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); user_pref("valueApps.CT2504091.mam_gk_userId.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted", "31"); user_pref("valueApps.CT2504091.mam_gk_user_approval_interacted.storedInFile", false); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode", "31"); user_pref("valueApps.CT2504091.mam_gk_welcomeDialogMode.storedInFile", false); user_pref("valueApps.CT2504091.url_history0001.storedInFile", true); ---- Lines conduit removed from prefs.js ---- user_pref("plugin.state.npconduitfirefoxplugin", 2); user_pref("Smartbar.ConduitHomepagesList", ""); user_pref("Smartbar.ConduitSearchEngineList", "Web Search"); ---- Lines Search removed from prefs.js ---- user_pref("browser.search.defaultenginename", "Web Search Customized Web Search"); user_pref("browser.search.selectedEngine", "Web Search Customized Web Search"); ---- Lines valueApps removed from prefs.js ---- user_pref("valueApps.storage.mam_gk_userId", "63363636353330622D643461632D343135312D616437302D613137383339333535396635"); ---- Lines smartbar removed from prefs.js ---- user_pref("smartbar.machineId", "C2QF4ILLPVZQUXIW6P/FITISO1NHK1+N3CPATFKRHDAYG8/0Z+OVNIJHMTAMF3FFYBLUTAEHWIJX+YAP3LX5DQ"); ---- FireFox user.js and prefs.js backups ---- prefs_20140103_0004_.backup ==== Deleting Files \ Folders ====================== C:\Users\Philip\AppData\Roaming\systweak not found C:\Program Files (x86)\RegClean Pro not found C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted C:\END deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\searchplugins\web-search-customized-web-search.xml deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\valueApps deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\CT2504091 deleted C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default\smartbar deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\Philip\AppData\Local\Temp ==== 2014-02-25 05:41:13 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Philip\AppData\Local\Temp\ESGScanner.sys 2014-02-25 05:39:23 C329AF2DC1C12FA3E1AFAB4DE5163C4F 47329360 ----a-w- C:\Users\Philip\AppData\Local\Temp\SHSetup.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-23 15:53:13 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe ====== Java Cache ===== 2014-02-25 11:55:11 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\32\6c34baa0-35162a90 2014-02-25 11:55:09 86C47CA21A599230CA54E8F5EBDB6A07 124 ----a-w- C:\Users\Philip\AppData\LocalLow\Sun\Java\Deployment\SystemCache\6.0\7\6619ee07-2feae51a ====== C:\Windows\SysWOW64 ===== 2014-02-19 15:10:34 EF5476C1A9B9923EAA4D61B2662851B3 131 ----a-w- C:\Windows\SysWOW64\REMOTEDEVICE.INI ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2014-02-18 18:05:59 48DA65F29BB4C5AD21EC67C2D64700D6 64856 ----a-w- C:\Windows\Sysnative\klfphc.dll 2014-02-18 16:58:03 6FB598E8DE02D879D17B35F144A1B3BC 270496 ------w- C:\Windows\Sysnative\MpSigStub.exe ====== C:\Windows\Sysnative\drivers ===== 2014-02-18 18:05:35 A6B7212B3735C7B4ABD602E78573F970 67344 ----a-w- C:\Windows\Sysnative\drivers\CSVirtualDiskDrv.sys 2014-02-18 18:05:35 8128B65589C944622D6809C144972ECF 98064 ----a-w- C:\Windows\Sysnative\drivers\CSCrySec.sys 2014-02-18 18:04:38 92EE9BE40D03544C5A99FA0153A5E746 90208 ----a-w- C:\Windows\Sysnative\drivers\klflt.sys 2014-02-18 18:04:38 5F247D87B44E26AED440A063A7A4FDB7 625760 ----a-w- C:\Windows\Sysnative\drivers\klif.sys 2014-02-14 11:02:44 DD4249F03598043DED6FA540EB14898A 2232664 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2014-02-14 11:02:36 961A45CC15514178E511BBF1384CE0B8 83968 ----a-w- C:\Windows\Sysnative\drivers\hidclass.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2014-01-30 16:26:21 -------- d-----w- C:\Program Files\trend micro ======= C:\PROGRA~2 ===== 2014-02-23 15:53:03 -------- d-----w- C:\PROGRA~2\Vuze 2014-02-18 18:04:56 -------- d-----w- C:\PROGRA~2\COMMON~1\InfoWatch 2014-02-18 18:04:52 -------- d-----w- C:\PROGRA~2\Kaspersky Lab 2014-02-13 07:40:02 -------- d-----w- C:\PROGRA~2\COMMON~1\Skype 2014-02-13 07:40:02 -------- d-----r- C:\PROGRA~2\Skype 2014-01-31 21:54:43 -------- d-----w- C:\PROGRA~2\mIRC ======= C: ===== 2014-02-21 05:16:38 CDCE08FAF9B68AAD7A90FB0653C22A40 1360 ----a-w- C:\DelFix.txt ====== C:\Users\Philip\AppData\Roaming ====== 2014-02-19 14:29:35 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Philip\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Default\AppData\Local\Temp 2014-02-19 14:29:35 -------- d-----w- C:\Users\Default User\AppData\Local\Temp 2014-02-18 17:27:55 -------- d-s---w- C:\Windows\serviceprofiles\networkservice\AppData\Locallow\Microsoft 2014-02-15 12:56:58 -------- d-----w- C:\Users\Philip\AppData\Roaming\ PANASONIC SD-2500WXE user guide 2014-02-13 07:40:19 -------- d-----w- C:\Users\Philip\AppData\Local\Skype 2014-02-13 07:40:07 -------- d-----w- C:\Users\Philip\AppData\Roaming\Skype 2014-01-31 21:54:44 -------- d-----w- C:\Users\Philip\AppData\Roaming\mIRC ====== C:\Users\Philip ====== 2014-02-27 05:35:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(2).exe 2014-02-26 15:50:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(1).exe 2014-02-26 15:49:14 74E91FA2444B43F8A943C72F19FC6300 935174 ----a-w- C:\Users\Philip\Downloads\RSITx64.exe 2014-02-25 05:39:09 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Philip\Downloads\SpyHunter-Installer(1).exe 2014-02-23 15:51:43 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller(1).exe 2014-02-19 13:47:23 -------- d-----w- C:\ProgramData\NokiaInstallerCache 2014-02-18 17:04:22 1BE71514C31414590631BF49EDBAD0BD 198280728 ----a-w- C:\Users\Philip\Downloads\pure13.0.2.558nl-nl.exe 2014-02-16 09:53:06 D247715E8A4B212BEA0ABC7F17A9C945 2072784 ----a-w- C:\Users\Philip\Downloads\PDFConverterSetup.exe 2014-02-15 17:05:38 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller.exe 2014-02-13 07:40:02 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-02-13 07:40:01 -------- d-----w- C:\ProgramData\Skype 2014-02-12 18:26:23 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java ====== C: exe-files == 2014-02-27 05:35:28 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(2).exe 2014-02-26 15:50:45 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Philip\Downloads\RSITx64(1).exe 2014-02-26 15:49:14 74E91FA2444B43F8A943C72F19FC6300 935174 ----a-w- C:\Users\Philip\Downloads\RSITx64.exe 2014-02-25 06:27:53 25D473D7805261C752DA738B13E35816 185271 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla31.exe 2014-02-25 05:40:05 EDB10586A061A621BBA2CB32E5E3220B 190429 ----a-w- C:\Windows\ACF5FE1B377240688B872D2A6EFD0A05.TMP\WiseCustomCalla37.exe 2014-02-25 05:39:23 C329AF2DC1C12FA3E1AFAB4DE5163C4F 47329360 ----a-w- C:\Users\Philip\AppData\Local\Temp\SHSetup.exe 2014-02-25 05:39:09 3BF5608BD9B2592070D02EE4BDAD96D6 728960 ----a-w- C:\Users\Philip\Downloads\SpyHunter-Installer(1).exe 2014-02-23 15:56:08 29E76897D1E1E17E8F2DD8E64ACE33C2 12582912 ----a-w- C:\Users\Philip\Documents\Vuze Downloads\Man of Tai Chi (2013)\Nymphomaniac Volume 1 2013\WMP x264 Codec Pack.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\statisticsStub.exe 2014-02-23 15:53:26 6A0F411CA91A97A709B98E114F4052D5 76344 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\statisticsstub[1].exe 2014-02-23 15:53:18 68451FA1A3674235269EBE6A4BD2690B 2570128 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9C7LS2ZX\vuze_remote[1].exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ctbe.exe 2014-02-23 15:53:15 4AE5F34AB33261FEB8B94F5FFC8E8F19 73543 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\checktbexist[1].exe 2014-02-23 15:53:13 38F9EB9AAD7DBC947C5A55F57F081692 81736 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\stub.exe 2014-02-23 15:53:10 CD8AC161FA4461CF89D1B6780A05D206 227360 ----a-w- C:\Program Files (x86)\Vuze\uninstall.exe 2014-02-23 15:53:10 CB7D8F3EE1CDB0B87F2E82425F429096 81016 ----a-w- C:\Program Files (x86)\Vuze\.install4j\user\mism.exe 2014-02-23 15:53:10 25BBFF91943865583993CACD321DB7C9 35680 ----a-w- C:\Program Files (x86)\Vuze\.install4j\i4jdel.exe 2014-02-23 15:53:05 38BE7146A18BAD9AD482243D44829D93 44688 ----a-w- C:\Program Files (x86)\Vuze\VuzeFW.exe 2014-02-23 15:53:03 C4A0673606F8A4D912646E2778630BDD 316360 ----a-w- C:\Program Files (x86)\Vuze\Azureus.exe 2014-02-23 15:53:03 2277B8D5FE5F9A1D3158D69FF682DCC6 316360 ----a-w- C:\Program Files (x86)\Vuze\AzureusUpdater.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Temp\ct2504091\ism.exe 2014-02-23 15:52:23 0D429B6C54941F22FC36E45124802580 111824 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\ism[1].exe 2014-02-23 15:51:49 824C8B34E89F6829855B543586E7EF13 10073120 ----a-w- C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\X0WXM4KP\Vuze_Installer32[1].exe 2014-02-23 15:51:43 6D43AA185492628807399A8906D8CD91 72008 ----a-w- C:\Users\Philip\Downloads\VuzeBittorrentClientInstaller(1).exe 2014-02-22 10:43:29 A4F0C36642681927FA53CD6A90CA2975 7620312 ----a-w- C:\Program Files (x86)\Google\Update\Download\{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}\33.0.1750.117\33.0.1750.117_32.0.1700.107_chrome_updater.exe === C: other files == 2014-02-25 05:41:13 3B32CAA07D672F8A2E0DF5CB3A873F45 22704 ----a-w- C:\Users\Philip\AppData\Local\Temp\ESGScanner.sys 2014-02-23 15:50:41 BAAEDF6167FAACB4E7A12D5EDFE9D593 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2247059795-104316592-4163284125-1001\$I2FHPVE.zip 2014-02-23 15:38:11 93B20F7397E42851F62DCF91239826D6 2546978 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2247059795-104316592-4163284125-1001\$R2FHPVE.zip ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2247059795-104316592-4163284125-1001\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartCCC"="C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun" "RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" "HP CoolSense"="C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe" "BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" "beid"="C:\Program Files (x86)\Belgium Identity Card\beid35gui.exe /startup" "SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" "AVP"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\runner_avp.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Gadwin PrintScreen"="C:\Program Files (x86)\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash" "Spotify Web Helper"="C:\Users\Philip\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" "Spotify"="C:\Users\Philip\AppData\Roaming\Spotify\spotify.exe /uri spotify:autostart" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "MyCuteBuddy"="C:\Program Files (x86)\My Cute Buddy\myCuteBuddy.exe file:///C:/Program Files (x86)/My Cute Buddy/Content/Cute Kitty/piticho.buddy /m /u" ==== Startup Registry Enabled x64 ====================== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce] "NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update" ==== Startup Folders ====================== 2014-01-18 12:47:18 1050 ----a-w- C:\Users\Philip\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [19/11/2013 15:18] C:\Windows\tasks\HPCeeScheduleForPhilip.job --a-------- C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [13/09/2010 21:15] ==== Other Scheduled Tasks ====================== "C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe] "C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe] "C:\Windows\SysNative\tasks\CreateChoiceProcessTask" [C:\Windows\BrowserChoice\browserchoice.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe] "C:\Windows\SysNative\tasks\HP AR Program Upload - 366518f0f91a46a59e70e293ae2109f5b4793b1756424469b02c66c0c0285f3b" [C:\Program Files\HP\HP Deskjet 3070 B611 series\bin\HPRewards.exe] "C:\Windows\SysNative\tasks\HPCeeScheduleForPhilip" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe] "C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe] "C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe] ==== Firefox Extensions Registry ====================== [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions] "online_banking@kaspersky.com"="C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\online_banking@kaspersky.com" [18/02/2014 19:05] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default - Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\FFExt\anti_banner@kaspersky.com - Greasemonkey - %ProfilePath%\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi AppDir: C:\Program Files (x86)\Mozilla Firefox - Belgium eID - %AppDir%\extensions\belgiumeid@eid.belgium.be - Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\Philip\AppData\Roaming\Mozilla\Firefox\Profiles\riyh44nn.default 3D76B5C0E02ECC19C1F5756E8FD97F72 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll - Shockwave Flash 78006383FEDBCDC290B8BD178903D6AB - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll - Shockwave for Director / Shockwave for Director ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions dchlnpcodkpfdpacogkljefecpegganj - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\urladvisor.crx[28/11/2013 12:06] hakdifolhalapjijoafobooafbilfakh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\online_banking_chrome.crx[28/11/2013 12:06] hghkgaeecgjhjkannahfamoehjmkjail - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\content_blocker_chrome.crx[28/11/2013 12:03] jagncdcchgajhfhijbbhecadmaiegcmh - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\virtkbd.crx[28/11/2013 12:03] pjldcfjmnllhmgjclecdnfampinooman - C:\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\ChromeExt\ab.crx[28/11/2013 12:06] Google Docs - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf GreaseGoogle - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\apeeedokdcajckokidhdkbkflkpfpgko YouTube - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf Kaspersky URL Advisor - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj avast Online Security - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki Safe Money - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hakdifolhalapjijoafobooafbilfakh Content Blocker - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\hghkgaeecgjhjkannahfamoehjmkjail Virtual Keyboard - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh Google Wallet - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Gmail - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia Anti-Banner - Philip\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.be" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4" ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Philip\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Philip\AppData\Local\Mozilla\Firefox\Profiles\riyh44nn.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Philip\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=528 folders=128 9604489 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\Philip\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\Philip\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on za 01/03/2014 at 0:10:37,06 ======================

deze dan Logfile.docx

Kape, Als ik copy-paste doe dan lukt het me niet dit hier te plaatsen. Is er een andere mogelijkheid?