Controle Hijackthis

[ricardo425]

Hallo beste vrienden,

Ik krijg steeds maar reclame op mijn pc. Daarom deze controle om er me vanaf te helpen.

Dank bij voorbaat

[ATTACH]28936[/ATTACH]

hijackthis.log

[Jion]

Dag ricardo425,

Download Zoek.zip naar het bureaublad.

• 
  
• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

{2A5A2A90-3B30-4E6E-A955-2F232C6EF517};c
C:\Program Files (x86)\WebCake;fs
{C1AF5FA5-852C-4C90-812E-A7F75E011D87};c
C:\Program Files (x86)\Delta;fs
{dd000e12-c224-49a5-899e-0b37dbd95f15};c
C:\Program Files (x86)\ViewPassword;fs
{EE932B49-D5C0-4D19-A3DA-CE0849258DE6};c
{82E1477C-B154-48D3-9891-33D83C26BCD3};c
emptyclsid;
iedefaults;
autoclean;
startupall; 
filesrcm;

• 
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post het geopende logje in het volgende bericht.
  

[ricardo425]

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by Richard on di 12/11/2013 at 15:47:13,96.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Richard\Desktop\zoek.pif [script inserted]

==== Older Logs ======================

C:\zoek-results2013-11-12-131206.log 39665 bytes

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\WebCake not found

C:\Program Files (x86)\Delta not found

C:\Program Files (x86)\ViewPassword not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Richard\AppData\Local\Temp ====

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2013-11-12 12:43:51 B30E7E95792522EBA7107E997E1F29F6 3124 ----a-w- C:\Windows\Sysnative\Tasks\{7828E54C-9E27-415E-A17F-75BE1A3C4140}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-11-07 21:14:29 -------- d-----w- C:\PROGRA~2\DVDVideoSoft

2013-11-05 09:33:13 -------- d-----w- C:\PROGRA~2\HP

======= C: =====

====== C:\Users\Richard\AppData\Roaming ======

2013-11-12 13:12:06 -------- d-----w- C:\Users\Richard\AppData\Local\Temp

====== C:\Users\Richard ======

2013-11-07 21:05:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe

2013-11-07 19:06:48 -------- d-----w- C:\ProgramData\TEMP

2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe

2013-11-05 09:30:56 4B940426C620D256D95832107F0FD271 29851432 ----a-w- C:\Users\Richard\Downloads\CPE_SCAN_DESTINATION_UPDATE_hpcom_001_003.exe

2013-10-21 08:04:32 -------- d-----w- C:\ProgramData\Oracle

2013-10-21 08:03:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2013-11-07 21:14:41 7D7C3AD829DFCF0115E9F1AADF98E36B 2599992 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

2013-11-07 21:14:41 164CCE0C3BDD7AA31C1149BA0C612A6E 83000 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ytgroovlc.exe

2013-11-07 21:14:40 EA21AD0A797FAA1752DC9ABECFA8EE80 6473616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe

2013-11-07 21:14:29 BB9432BE9908C95355B62A4B0CC6D68B 1176256 ----a-w- C:\Program Files (x86)\DVDVideoSoft\unins000.exe

2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe

2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe

=== C: other files ==

2013-11-12 13:13:29 94018008136C7E5E1F4EFFC48190CFBA 6513466 ----a-w- C:\ProgramData\AVG2014\IDS\quarantine\d5bdc94a-ece2-444a-9866-786701e8847b.zip

2013-11-12 13:13:28 81190455E95F8514C35ACBB8F51BE813 649689 ----a-w- C:\ProgramData\AVG2014\IDS\outbox\ng\6c766a6e-7da6-47d3-b96e-d16c2263183e.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Dell DataSafe Online"="C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe /m"

"PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

"Desktop Disc Tool"="c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

"NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 20:00]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51]

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04]

C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Richard-PC-Richard" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"]

"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\Richard Local Autobackup 5 4" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe]

"C:\Windows\SysNative\tasks\Richard NBAgent 5 4" ["C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\{0D1F5378-CE5F-4070-A060-8C3F15A7F9CF}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe]

"C:\Windows\SysNative\tasks\{1110D5EC-E363-45ED-89C5-920752F24C5D}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe]

"C:\Windows\SysNative\tasks\{1D821C4C-874D-4298-B939-A66C634E60BB}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

"C:\Windows\SysNative\tasks\{49D6CC22-8EF2-4D0C-89F8-3B2F592BC7E5}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\{755BF4F0-5808-4C54-9202-B114B124B895}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe]

"C:\Windows\SysNative\tasks\{85500AFC-EC88-438B-985D-6B002A97E5C4}" [C:\Users\Richard\Videos\TETRIS.EXE]

"C:\Windows\SysNative\tasks\{A3B3BB82-1528-4018-96B0-E85CFC970F1B}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\{DEA86D37-B63B-4EA6-B545-3589D3C3AB5A}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default

- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Undetermined - C:\Program Files\Web Assistant\Firefox

- Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\Richard\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Richard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash

99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default

045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash

99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Richard\AppData\Local\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Richard\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Richard\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\PYAML5K9\27961.pix-cdn.org" not found

==== EOF on di 12/11/2013 at 16:12:15,12 ======================

Dit zou het logje moeten zijn

[Jion]

Dit is een logje van een tweede scan die blijkbaar per ongeluk gedaan is.

Wil je het eerste logje eens posten a.u.b?

Je vindt dit hier: C:\zoek-results2013-11-12-131206.log

[ricardo425]

Zoek.exe Version 4.0.0.5 Updated 09-November-2013

Tool run by Richard on di 12/11/2013 at 13:43:35,99.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Richard\Desktop\zoek.pif [script inserted]

==== System Restore Info ======================

12/11/2013 13:45:31 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{62E8729B-91A2-4E38-A32A-F80E24AE512C} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CFF4DB9B-135F-47c0-9269-B4C6572FD61A} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A5A2A90-3B30-4E6E-A955-2F232C6EF517} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{dd000e12-c224-49a5-899e-0b37dbd95f15} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dd000e12-c224-49a5-899e-0b37dbd95f15} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{d28c7e56-2cc6-415c-8727-d71334085926} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{1d970ed5-3eda-438d-bffd-715931e2775b} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\URLSearchHooks\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} deleted successfully

HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Approved Extensions\{B164E929-A1B6-4A06-B104-2CD0E90A88FF} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} deleted successfully

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\microsoft\internet explorer\urlsearchhooks\{BA14329E-9550-4989-B3F2-9732E92D17CC} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\crossriderapp498@crossrider.com deleted successfully

HKEY_LOCAL_MACHINE\software\Wow6432Node\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0

---- Lines incredibar removed from prefs.js ----

user_pref("browser.newtab.url", "http://mystart.incredibar.com/mb128?a=6OyJP4gQoy&loc=FF_NT");

---- FireFox user.js and prefs.js backups ----

user_20131211_1358_.backup

prefs_20131211_1358_.backup

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137

---- Lines delta removed from prefs.js ----

user_pref("browser.newtab.url", "http://www1.delta-search.com/?babsrc=NT_ss&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970");

user_pref("browser.search.defaultenginename", "Delta Search");

user_pref("browser.search.selectedEngine", "Delta Search");

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd");

user_pref("extensions.delta.instlDay", "15927");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.newTab", false);

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.vrsn", "1.8.22.0");

user_pref("extensions.delta.vrsni", "1.8.22.0");

user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:41");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970");

user_pref("extensions.delta_i.srcExt", "ss");

---- Lines delta modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15927");

user_pref("extensions.delta.vrsn", "1.8.22.0");

user_pref("extensions.delta.vrsni", "1.8.22.0");

user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:41");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines CT2269050 removed from prefs.js ----

user_pref("CT2269050_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1372005055481,\"isWithState\":\"\",\"timeFromStar

---- Lines babsrc removed from prefs.js ----

user_pref("browser.startup.homepage", "http://isearch.babylon.com/?babsrc=HP_ss_Btisdt3&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970");

---- Lines Search-Results removed from prefs.js ----

user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=464&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=152031358112472

---- Lines smartbar removed from prefs.js ----

user_pref("smartbar.machineId", "7SGOR2YCANS9N/ZANPAC4GXRGH12UYHUDY7VM7WRFOG8L3KR4IB+PRPC0XY3STLRHW6KC5GK69BYX+IFREZDEW");

---- FireFox user.js and prefs.js backups ----

user_20131211_1358_.backup

prefs_20131211_1358_.backup

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "a0cd090000000000000000256487f1cd");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15927");

user_pref("extensions.delta.vrsn", "1.8.22.0");

user_pref("extensions.delta.vrsni", "1.8.22.0");

user_pref("extensions.delta.vrsnTs", "1.8.22.012:07:34");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=121564&tt=070813_wc1&tsp=4970");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines incredibar removed from user.js ----

user_pref("extensions.incredibar_i.newTab", false);

user_pref("extensions.incredibar_i.tlbrSrchUrl", "http://mystart.Incredibar.com/?a=6OyJP4gQoy&loc=IB_TB&i=26&search=");

user_pref("extensions.incredibar_i.id", "a0cd090000000000000000256487f1cd");

user_pref("extensions.incredibar_i.instlDay", "15554");

user_pref("extensions.incredibar_i.vrsn", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsni", "1.5.11.14");

user_pref("extensions.incredibar_i.vrsnTs", "1.5.11.1418:02:33");

user_pref("extensions.incredibar_i.prtnrId", "Incredibar");

user_pref("extensions.incredibar_i.prdct", "incredibar");

user_pref("extensions.incredibar_i.aflt", "orgnl");

user_pref("extensions.incredibar_i.smplGrp", "none");

user_pref("extensions.incredibar_i.tlbrId", "base");

user_pref("extensions.incredibar_i.instlRef", "");

user_pref("extensions.incredibar_i.dfltLng", "");

user_pref("extensions.incredibar_i.excTlbr", false);

user_pref("extensions.incredibar_i.ms_url_id", "");

user_pref("extensions.incredibar_i.upn2", "6OyJP4gQoy");

user_pref("extensions.incredibar_i.upn2n", "92261862249932898");

user_pref("extensions.incredibar_i.productid", "26");

user_pref("extensions.incredibar_i.installerproductid", "26");

user_pref("extensions.incredibar_i.did", "10658");

user_pref("extensions.incredibar_i.ppd", "");

---- FireFox user.js and prefs.js backups ----

user_20131211_1358_.backup

prefs_20131211_1358_.backup

==== Deleting Files \ Folders ======================

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} not found

C:\Program Files (x86)\WebCake deleted

C:\Program Files (x86)\Delta deleted

C:\Program Files (x86)\ViewPassword deleted

C:\ProgramData\Codecv deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\BearShareWebSearch.xml deleted

C:\PROGRA~2\Mozilla Firefox\searchplugins\Search_Results.xml deleted

C:\PROGRA~2\Mozilla Firefox\extensions\ffxtlbr@babylon.com deleted

C:\PROGRA~2\DVDVideoSoftTB deleted

C:\PROGRA~2\COMMON~1\DVDVideoSoft\bin deleted

C:\PROGRA~2\BearShare Applications\MediaBar deleted

C:\PROGRA~2\Vuze_Remote deleted

C:\PROGRA~2\Optimizer Pro deleted

C:\PROGRA~2\Conduit deleted

C:\PROGRA~2\ConduitEngine deleted

C:\Users\Richard\AppData\Roaming\Betcat deleted

C:\Users\Richard\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\Users\Richard\AppData\Roaming\WebCake deleted

C:\Users\Richard\AppData\Roaming\BabSolution deleted

C:\Users\Richard\AppData\Roaming\Babylon deleted

C:\Users\Richard\AppData\Roaming\Delta deleted

C:\Users\Richard\AppData\Roaming\OpenCandy deleted

C:\Users\Richard\Music\Qtrax Media Library deleted

C:\ProgramData\GBox deleted

C:\ProgramData\InstallMate deleted

C:\ProgramData\Tarma Installer deleted

C:\ProgramData\Premium deleted

C:\ProgramData\Babylon deleted

C:\Users\Richard\AppData\Local\Ilivid Player deleted

C:\Users\Richard\AppData\Local\BearShare deleted

C:\Users\Richard\AppData\Local\PackageAware deleted

C:\Users\Richard\AppData\Local\Conduit deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Codecv deleted

C:\Users\Richard\Downloads\iLividSetup(1).exe deleted

C:\Users\Richard\Downloads\iLividSetup.exe deleted

C:\Users\Richard\Downloads\iLividSetupV1.exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(1).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(10).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(11).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(12).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(13).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(14).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(15).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(16).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(17).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(18).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(19).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(2).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(20).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(3).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter(4).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(5).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(6).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(7).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(8).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMP3Converter(9).exe deleted

C:\Users\Richard\Downloads\FreeYouTubeToMp3Converter.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2013.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_business-card-designer-plus.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_cheat-engine.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick(1).exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick(2).exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_dvd-flick.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_fastest-free-youtube-downloader-to-mp3-converter.exe deleted

C:\Users\Richard\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe deleted

C:\Users\Richard\Downloads\bs_AviSub.exe deleted

C:\Users\Richard\AppData\LocalLow\DVDVideoSoftTB deleted

C:\Users\Richard\AppData\LocalLow\Vuze_Remote deleted

C:\Users\Richard\AppData\LocalLow\AskToolbar deleted

C:\Users\Richard\AppData\LocalLow\microsoft\silverlight\outofbrowser\index\portal.qtrax.com deleted

C:\Users\Richard\AppData\LocalLow\Conduit deleted

C:\Users\Richard\AppData\LocalLow\ConduitEngine deleted

C:\windows\SysNative\Tasks\EPUpdater deleted

C:\windows\SysNative\tasks\QtraxPlayer deleted

C:\windows\SysNative\tasks\ViewPassword Update deleted

C:\Windows\tasks\ViewPassword Update.job deleted

C:\END deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\searchplugins\babylon.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\askcom.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\BearShareWebSearch.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\MyStart Search.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\mywebsearch.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\Search_Results.xml deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\jetpack deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\staged deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT1750559 deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2269050 deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2405280 deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\CT2504091 deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\bearsharemediabartb deleted

C:\Users\Richard\Desktop\avg_free_stb_all_2013_3343_softonic.exe deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\extensions\ffxtlbr@delta.com deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\ffxtlbr@delta.com deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\ffxtlbr@incredibar.com deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\conduit deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\conduitCommon deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\ConduitEngine deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\smartbar deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{ba14329e-9550-4989-b3f2-9732e92d17cc} deleted

"C:\ProgramData\{AB072820-F316-1E92-378A-00006D58C85E}" deleted

"C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\searchplugins\conduit.xml" deleted

"C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\conduit.xml" deleted

"C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\searchplugins\GadgetBox.xml" deleted

"C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Users\Richard\AppData\Roaming\GrabPro" deleted

"C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\OneClickDownload@OneClickDownload.com" deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Richard\AppData\Local\Temp ====

2013-11-07 19:06:21 4791AE5E215984C67A8FA972EDB7A240 6565456 ----a-w- C:\Users\Richard\AppData\Local\Temp\ins7850\OptimizerPro.exe

2013-10-29 18:40:45 0E771375445E13429E68CAE720A48B72 35224 ----a-w- C:\Users\Richard\AppData\Local\Temp\e4j2E42.tmp_dir1383072045\i4jdel.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

====== C:\Windows\Sysnative\drivers =====

====== C:\Windows\Tasks ======

2013-11-12 12:43:51 B30E7E95792522EBA7107E997E1F29F6 3124 ----a-w- C:\Windows\Sysnative\Tasks\{7828E54C-9E27-415E-A17F-75BE1A3C4140}

====== C:\Windows\Temp ======

======= C:\Program Files =====

======= C:\PROGRA~2 =====

2013-11-07 21:14:29 -------- d-----w- C:\PROGRA~2\DVDVideoSoft

2013-11-05 09:33:13 -------- d-----w- C:\PROGRA~2\HP

======= C: =====

====== C:\Users\Richard\AppData\Roaming ======

====== C:\Users\Richard ======

2013-11-07 21:05:54 -------- d-----w- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe

2013-11-07 19:06:48 -------- d-----w- C:\ProgramData\TEMP

2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe

2013-11-05 09:30:56 4B940426C620D256D95832107F0FD271 29851432 ----a-w- C:\Users\Richard\Downloads\CPE_SCAN_DESTINATION_UPDATE_hpcom_001_003.exe

2013-10-21 08:04:32 -------- d-----w- C:\ProgramData\Oracle

2013-10-21 08:03:33 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

====== C: exe-files ==

2013-11-07 21:14:41 7D7C3AD829DFCF0115E9F1AADF98E36B 2599992 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\FreeYouTubeToMP3Converter.exe

2013-11-07 21:14:41 164CCE0C3BDD7AA31C1149BA0C612A6E 83000 ----a-w- C:\Program Files (x86)\DVDVideoSoft\Free YouTube to MP3 Converter\ytgroovlc.exe

2013-11-07 21:14:40 EA21AD0A797FAA1752DC9ABECFA8EE80 6473616 ----a-w- C:\Program Files (x86)\Common Files\DVDVideoSoft\FreeStudioManager.exe

2013-11-07 21:14:29 BB9432BE9908C95355B62A4B0CC6D68B 1176256 ----a-w- C:\Program Files (x86)\DVDVideoSoft\unins000.exe

2013-11-07 21:03:32 284B423971432349F83D7B18859564A8 100400976 ----a-w- C:\Users\Richard\Downloads\iTunes64Setup.exe

2013-11-07 19:06:21 4791AE5E215984C67A8FA972EDB7A240 6565456 ----a-w- C:\Users\Richard\AppData\Local\Temp\ins7850\OptimizerPro.exe

2013-11-07 19:05:10 B393C56849599BF0B8F27900BBEE7882 165176 ----a-w- C:\Users\Richard\Downloads\AVG%20Anti-Virus%20Free%20Edition.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"Dell DataSafe Online"="C:\Program Files (x86)\Dell DataSafe Online\DataSafeOnline.exe /m"

"PDVDDXSrv"="C:\Program Files (x86)\CyberLink\PowerDVD DX\PDVDDXSrv.exe"

"Desktop Disc Tool"="c:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe"

"NBAgent"="C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe /WinStart"

"APSDaemon"="C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"mcui_exe"="C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"QuickTime Task"="C:\Program Files (x86)\QuickTime\QTTask.exe -atboottime"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2014\avgui.exe /TRAYONLY"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Facebook Update"="C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IAAnotif"="C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"AdobeAAMUpdater-1.0"="C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RtHDVCpl"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=" "

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"QuickTime Task"="\"C:\\Program Files (x86)\\QuickTime\\QTTask.exe\" -atboottime"

"Adobe ARM"="\"C:\\Program Files (x86)\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

2010-06-07 10:38:53 2000 ----a-w- C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dell Dock First Run.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [09/10/2013 20:00]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA.job --a------ C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe [19/06/2013 17:51]

C:\Windows\tasks\PCDoctorBackgroundMonitorTask.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04]

C:\Windows\tasks\SystemToolsDailyTest.job --a------ C:\Program Files\Dell Support Center\uaclauncher.exe [29/03/2012 00:04]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\Adobe Flash Player Updater" [C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\SysNative\tasks\Adobe-online actualiseringsprogramma" [C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\SysNative\tasks\AdobeAAMUpdater-1.0-Richard-PC-Richard" [C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files (x86)\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000Core" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-810726386-2924154629-2946816220-1000UA" [C:\Users\Richard\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\Java Update Scheduler" [C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\SysNative\tasks\PCDEventLauncher" ["C:\Program Files\Dell Support Center\sessionchecker.exe"]

"C:\Windows\SysNative\tasks\PCDoctorBackgroundMonitorTask" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\Richard Local Autobackup 5 4" [C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBCore.exe]

"C:\Windows\SysNative\tasks\Richard NBAgent 5 4" ["C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe"]

"C:\Windows\SysNative\tasks\SidebarExecute" [C:\Program Files\Windows Sidebar\sidebar.exe]

"C:\Windows\SysNative\tasks\SystemToolsDailyTest" [C:\Program Files\Dell Support Center\uaclauncher.exe]

"C:\Windows\SysNative\tasks\{0D1F5378-CE5F-4070-A060-8C3F15A7F9CF}" [C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe]

"C:\Windows\SysNative\tasks\{1110D5EC-E363-45ED-89C5-920752F24C5D}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe]

"C:\Windows\SysNative\tasks\{1D821C4C-874D-4298-B939-A66C634E60BB}" ["c:\program files (x86)\mozilla firefox\firefox.exe"]

"C:\Windows\SysNative\tasks\{49D6CC22-8EF2-4D0C-89F8-3B2F592BC7E5}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\{755BF4F0-5808-4C54-9202-B114B124B895}" [C:\Program Files (x86)\Webteh\BSplayer\bsplayer.exe]

"C:\Windows\SysNative\tasks\{85500AFC-EC88-438B-985D-6B002A97E5C4}" [C:\Users\Richard\Videos\TETRIS.EXE]

"C:\Windows\SysNative\tasks\{A3B3BB82-1528-4018-96B0-E85CFC970F1B}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\{DEA86D37-B63B-4EA6-B545-3589D3C3AB5A}" [C:\Program Files (x86)\Mozilla Firefox\firefox.exe]

"C:\Windows\SysNative\tasks\Apple\AppleSoftwareUpdate" [C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{cb056958-eb1d-47a5-a7c2-35fd94d51b3f}"="C:\Program Files (x86)\ViewPassword\134.xpi" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0

- WebCake - %ProfilePath%\extensions\plugin@getwebcake.com

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137

- WebCake - %ProfilePath%\extensions\plugin@getwebcake.com

- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

ProfilePath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default

- Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Undetermined - C:\Program Files\Web Assistant\Firefox

- Undetermined - C:\Program Files (x86)\McAfee\SiteAdvisor

- WebCake - %ProfilePath%\extensions\plugin@getwebcake.com

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}

- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137

4BF70B35B943BD73BD6E13EB7C1BA4B3 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll - Shockwave Flash

341B3AE026B143DBC17BA1E1E0BAE3D6 - C:\Users\Richard\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll - Unity Player

CF25FDD7CA6BC88442A58F74DBB6CFA6 - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll - Shockwave for Director / Shockwave for Director

0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Richard\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash

99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

Profilepath: C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default

045084E4F10D31E71057FE741D87FDB0 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_228.dll - Shockwave Flash

99F97C9FE748C37528C338A423577FCB - C:\Users\Richard\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin

15E298B5EC5B89C5994A59863969D9FF - C:\Windows\SysWOW64\npmproxy.dll - Microsoft® Windows® Operating System

==== Deleted Firefox Extensions ======================

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\extensions\plugin@getwebcake.com deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\extensions\plugin@getwebcake.com deleted

C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\extensions\plugin@getwebcake.com deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\Richard\AppData\Local\Temp\ccex.crx[]

dcmagccbogebndpoodhhhafmofelpffh - C:\Users\Richard\AppData\Local\RewardsArcade\498\Chrome\rewardsarcade.crx[]

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Richard\AppData\Roaming\BabSolution\CR\Delta.crx[]

fjoijdanhaiflhibkljeklcghcmmfffh - C:\Program Files (x86)\Betcat\WebCakeLayers.crx[]

jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files (x86)\ViewPassword\134.crx[]

njdbghcihepglhgmfmmmdjbjgebgkflm - C:\ProgramData\Codecv\njdbghcihepglhgmfmmmdjbjgebgkflm.crx[]

pmlghpafmmnmmkjdhacccolfgnkiboco - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx[]

==== Chrome Fix ======================

C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_dcmagccbogebndpoodhhhafmofelpffh_0 deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://isearch.babylon.com/?babsrc=HP_ss_Btisdt3&mntrId=A0CD00256487F1CD&affID=121564&tt=070813_wc1&tsp=4970"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://www.google.com"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

{5414BBD4-921E-4815-AA47-9AC3415C1BEB} Unknown Url="Not_Found"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Microsoft\Internet Explorer\SearchScopes\{5414BBD4-921E-4815-AA47-9AC3415C1BEB} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-810726386-2924154629-2946816220-1000\Software\Mozilla\Firefox\Extensions\{cb056958-eb1d-47a5-a7c2-35fd94d51b3f} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0E931A51-A183-4E66-8562-D82896E74C67} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\njdbghcihepglhgmfmmmdjbjgebgkflm deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dcmagccbogebndpoodhhhafmofelpffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\fjoijdanhaiflhibkljeklcghcmmfffh deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\pmlghpafmmnmmkjdhacccolfgnkiboco deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Richard\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Richard\AppData\Local\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\Cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

Java Cache cleared successfully

Volgens het uur zou dit dan het eerste moeten zijn. Heb inderdaad het progje twee keer laten zoeken

[Jion]

Ja, dat is inderdaad de juiste log.

Volgende stappen:

1.

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• 
  
• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

2.

Download MalwareBytes' Anti-Malware (website) en sla het op je bureaublad op.

Zorg dat er na de installatie een vinkje is geplaatst bij:

• 
  
• Update MalwareBytes' Anti-Malware
  
• Start MalwareBytes' Anti-Malware
  
• Je krijgt hier ook de keuze om de evaluatie versie van MBAM te gebruiken, indien je dit niet wilt vink dit dan uit.
  

Klik daarna op "Voltooien".

Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.

• 
  
• Zodra het programma gestart is, ga dan naar het tabblad "Instellingen".
  
• Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
  
• Ga dan naar "Scanner Instellingen". Onderaan bij "PUP" kies je voor "Weergeven in scan resultaten - selecteren voor verwijdering".
  
• Ga daarna naar het tabblad "Scanner", kies hier voor "Snelle Scan".
  
• Druk vervolgens op "Scannen" om de scan te starten.
  
• Het scannen kan een tijdje duren, dus wees geduldig.
  
• Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
  
• Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
  
• Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.
  
• Herstart de computer indien nodig en post hierna de log in het volgende bericht.
  

[ricardo425]

# AdwCleaner v3.012 - Report created 12/11/2013 at 18:03:17

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

# Username : Richard - RICHARD-PC

# Running from : C:\Users\Richard\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\~0

Folder Deleted : C:\Program Files (x86)\NCH Software

Folder Deleted : C:\Program Files (x86)\Vuze

Folder Deleted : C:\Users\Richard\Documents\optimizer pro

File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\user.js

File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\user.js

File Deleted : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\user.js

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\WebCakeIEClient.DLL

Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetupv1.exe

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr

Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane

Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1

Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc

Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1

Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Api.1

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers

Key Deleted : HKLM\SOFTWARE\Classes\WebCakeIEClient.Layers.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker-1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLivid_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetupV1_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\iMesh_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\IncredibarToolbar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WebCakeDesktop_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_business-card-designer-plus_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_business-card-designer-plus_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick(2)_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick(2)_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_dvd-flick_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_gimp_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_vlc-media-player_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_voor_windows-live-messenger-2012_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5B1881D1-D9C7-46DF-B041-1E593282C7D0}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7169BBB3-3289-4696-B35D-4A88BCF6FB12}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BB975E58-E769-4E5A-BA12-B765BC559FF3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2CF0D01-7657-48AA-98C9-AE5E64757FCC}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EFDF368C-8DD9-4E05-87CD-16AA5CB03CB8}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7854F00C-DC77-477E-A10E-603F48442D3B}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{AF6B0594-6008-4327-93E5-608AD710A6FA}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\0cb5492e-629d-49f7-a64c-735be231d65d

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FF694D1-DB84-4136-B310-A95C08D5639D}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97B80390-07E2-4D76-9595-38DB325C6CFB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{22B0769F-794B-4422-AC84-47B123C8986D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{255E0B2A-D747-4EEF-B7CE-159D73A3656D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{28ED590D-F5ED-4E05-A87F-1D759F1C6169}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{45D5B93F-E2ED-4AF2-915E-DCDDBDA8C33C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{771B99AB-636F-4A11-9039-8DFEB927B061}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A8321AA2-2227-40C7-8525-6C2F4E1B0EBE}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{AA41A731-6814-4A70-A6F1-C0A20FBBFBD5}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ABBB8A9E-D8AF-40D1-94BE-5175077465FC}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBA74401-6D6F-4BBD-9F65-E8623814F3BB}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BF737694-56F6-46FA-9FDC-FA99A5B25FAD}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{CFCD164E-8AC9-478E-9ECC-B616A932016C}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2F39980-399F-492E-8D88-5FF7CCB3B47F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D5961CC0-B442-4567-8030-67E241EF4CC2}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DF84E609-C3A4-49CB-A160-61767DAF8899}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E450067F-1C93-41A7-928E-07E5C2EEC680}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F977D9F2-4BDC-44A6-B508-7C0284C61EED}

Key Deleted : HKCU\Software\1ClickDownload

Key Deleted : HKCU\Software\Ask.com

Key Deleted : HKCU\Software\BabSolution

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\DataMngr_Toolbar

Key Deleted : HKCU\Software\Delta

Key Deleted : HKCU\Software\ilivid

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\NCH Software

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\WEDLMNGR

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\RewardsArcade

Key Deleted : HKCU\Software\AppDataLow\Software\smartbar

Key Deleted : HKCU\Software\AppDataLow\Software\Vuze_Remote

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\Babylon

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Delta

Key Deleted : HKLM\Software\iLividSRTB

Key Deleted : HKLM\Software\Iminent

Key Deleted : HKLM\Software\NCH Software

Key Deleted : HKLM\Software\Web Assistant

Key Deleted : HKLM\Software\Vuze_Remote

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2EF17083-57D4-4D64-AE4F-55F32A2C4571}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar

Key Deleted : [x64] HKLM\SOFTWARE\DataMngr

Key Deleted : [x64] HKLM\SOFTWARE\systweak

Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer

Key Deleted : [x64] HKLM\SOFTWARE\Web Assistant

Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16720

-\\ Mozilla Firefox v25.0 (nl)

[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\0\prefs.js ]

[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\7q1clh8g.default-1344866302137\prefs.js ]

Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");

Line Deleted : user_pref("extentions.webcake.installId", "fada0fc7-f74e-4243-8569-3a16c2f1f310");

[ File : C:\Users\Richard\AppData\Roaming\Mozilla\Firefox\Profiles\abp9obje.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Richard\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [17825 octets] - [12/11/2013 18:02:20]

AdwCleaner[s0].txt - [17133 octets] - [12/11/2013 18:03:17]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [17194 octets] ##########

Dit is de eerste log (hopelijk de goede)

[ricardo425]

Malwarebytes' Anti-Malware 1.51.1.1800

Malwarebytes : Free anti-malware download

Databaseversie: 7329

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

30/07/2011 23:08:16

mbam-log-2011-07-30 (23-08-16).txt

Scantype: Snelle scan

Objecten gescand: 218590

Verstreken tijd: 3 minuut/minuten, 29 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 5

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 4

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

Dit is het tweede logje (hopelijk ook een goed)

[Jion]

Dat zijn inderdaad de 2 juiste logjes!

Hoe gaat het nu met de problemen?

[ricardo425]

Volgens de datum zou dit laatste toch niet goed zijn. Weet niet hoe dit komt.

Malwarebytes' Anti-Malware 1.51.1.1800

Malwarebytes : Free anti-malware download

Databaseversie: 7329

Windows 6.1.7601 Service Pack 1

Internet Explorer 9.0.8112.16421

30/07/2011 23:08:16

mbam-log-2011-07-30 (23-08-16).txt

Scantype: Snelle scan

Objecten gescand: 218590

Verstreken tijd: 3 minuut/minuten, 29 seconde(n)

Geheugenprocessen geïnfecteerd: 0

Geheugenmodulen geïnfecteerd: 0

Registersleutels geïnfecteerd: 5

Registerwaarden geïnfecteerd: 0

Registerdata geïnfecteerd: 0

Mappen geïnfecteerd: 0

Bestanden geïnfecteerd: 4

Geheugenprocessen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels geïnfecteerd:

HKEY_CLASSES_ROOT\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256A51-B582-467e-B8D4-7786EDA79AE0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registerwaarden geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Registerdata geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Mappen geïnfecteerd:

(Geen kwaadaardige objecten gedetecteerd)

Bestanden geïnfecteerd:

c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\documents and settings\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch(2).exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

c:\Users\Richard\downloads\installer_free_youtube_to_mp3_converter_3_9_28_dutch.exe (PUP.SmsPay.PGen) -> Quarantined and deleted successfully.

Malwarebytes Anti-Malware 1.75.0.1300

Malwarebytes : Free anti-malware download

Databaseversie: v2013.11.12.10

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 10.0.9200.16721

Richard :: RICHARD-PC [administrator]

12/11/2013 18:31:02

mbam-log-2013-11-12 (18-31-02).txt

Scan type: Snelle scan

Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM

Uitgeschakelde scan opties: P2P

Objecten gescand: 222528

Verstreken tijd: 5 minuut/minuten, 33 seconde(n)

Geheugenprocessen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Geheugenmodulen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registersleutels gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerwaarden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Registerdata gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Mappen gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

Bestanden gedetecteerd: 0

(Geen kwaadaardige objecten gedetecteerd)

(einde)

Dit zou beter moeten zijn