Ga naar inhoud

Fonzer

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    38

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door Fonzer

  1. Fonzer
    Voila, dat is ook weer gebeurd... het ziet er al behoorlijk goed uit! Ik merk toch niets meer van al die miserie! Hieronder het logje # AdwCleaner v3.017 - Report created 18/01/2014 at 22:33:03 # Updated 12/01/2014 by Xplode # Operating System : Windows 7 Professional Service Pack 1 (32 bits) # Username : Brigitte - BRIGITTE-HP # Running from : C:\Users\Brigitte\Desktop\adwcleaner.exe # Option : Clean ***** [ Services ] ***** Service Deleted : torchcrashhandler ***** [ Files / Folders ] ***** Folder Deleted : C:\ProgramData\torchcrashhandler Folder Deleted : C:\Users\Brigitte\AppData\Local\torch Folder Deleted : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch File Deleted : C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\user.js ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk Shortcut Disinfected : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ***** [ Registry ] ***** [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5DC0358-0324-4424-BB0C-006A8AE1D91E} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5DC0358-0324-4424-BB0C-006A8AE1D91E} [#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6C46FD7-4730-4F92-8927-0335A097B129} Key Deleted : HKCU\Software\Classes\iLivid.torrent Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0 Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1 Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32 Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64] Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64] Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86] Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_360582d7 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468 Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0CB473D1-AE5F-4E82-8BFE-A7613A79DDFB} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D40F3125-FEDE-4A62-BDFA-1A0F9544B564} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\glindorus Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\IM Key Deleted : HKCU\Software\ImInstaller Key Deleted : HKCU\Software\InstallCore Key Deleted : HKCU\Software\ProtectedSearch Key Deleted : HKCU\Software\simplytech Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\torch Key Deleted : HKCU\Software\UpdaterEX Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKCU\Software\AppDataLow\SProtector Key Deleted : HKCU\Software\AppDataLow\Toolbar Key Deleted : HKCU\Software\AppDataLow\Software\Conduit Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong Key Deleted : HKCU\Software\AppDataLow\Software\simplytech Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2 Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F} Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0} Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\dosearchessoftware Key Deleted : HKLM\Software\eSafeSecControl Key Deleted : HKLM\Software\glindorus Key Deleted : HKLM\Software\ImInstaller Key Deleted : HKLM\Software\SearchProtect Key Deleted : HKLM\Software\SP Global Key Deleted : HKLM\Software\SProtector Key Deleted : HKLM\Software\torch Key Deleted : HKLM\Software\uTorrentControl_v2 Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dosearches Browser Protecter Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536 ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.16428 -\\ Mozilla Firefox v11.0 (nl) [ File : C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\prefs.js ] Line Deleted : user_pref("CT3220468.autoDisableScopes", -1); -\\ Google Chrome v31.0.1650.63 [ File : C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\preferences ] Deleted : homepage Deleted : urls_to_restore_on_startup ************************* AdwCleaner[R0].txt - [9563 octets] - [18/01/2014 22:32:25] AdwCleaner[s0].txt - [8714 octets] - [18/01/2014 22:33:03] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8774 octets] ##########
  2. Fonzer
    OK... ik was dus wat te snel.... hieronder het volgende logje! Greetz Steven Zoek.exe v5.0.0.0 Updated 18-Januari-2014 Tool run by Brigitte on Sat 18/01/2014 at 21:09:29,22. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Brigitte\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== Older Logs ====================== C:\zoek-results2014-01-18-182941.log 48291 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default ---- Lines CT2724386 removed from prefs.js ---- user_pref("CT2724386..clientLogIsEnabled", true); user_pref("CT2724386..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent"); user_pref("CT2724386..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation"); user_pref("CT2724386.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); user_pref("CT2724386.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx"); user_pref("CT2724386.BrowserCompStateIsOpen_129464706887642629", true); user_pref("CT2724386.BrowserCompStateIsOpen_129851871904280954", true); user_pref("CT2724386.BrowserCompStateIsOpen_129904362604336829", true); user_pref("CT2724386.CTID", "CT2724386"); user_pref("CT2724386.CurrentServerDate", "25-11-2012"); user_pref("CT2724386.DSInstall", false); user_pref("CT2724386.DialogsAlignMode", "LTR"); user_pref("CT2724386.DialogsGetterLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.DownloadReferralCookieData", ""); user_pref("CT2724386.FirstServerDate", "25-11-2012"); user_pref("CT2724386.FirstTime", true); user_pref("CT2724386.FirstTimeFF3", true); user_pref("CT2724386.FirstTimeHiddenVer", true); user_pref("CT2724386.FixPageNotFoundErrors", false); user_pref("CT2724386.GroupingServerCheckInterval", 1440); user_pref("CT2724386.GroupingServiceUrl", "http://grouping.services.conduit.com/"); user_pref("CT2724386.HPInstall", false); user_pref("CT2724386.HasUserGlobalKeys", true); user_pref("CT2724386.Initialize", true); user_pref("CT2724386.InitializeCommonPrefs", true); user_pref("CT2724386.InstallationAndCookieDataSentCount", 1); user_pref("CT2724386.InstallationId", "ConduitNSISIntegration"); user_pref("CT2724386.InstallationType", "ConduitNSISIntegration"); user_pref("CT2724386.InstalledDate", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.InvalidateCache", false); user_pref("CT2724386.IsGrouping", false); user_pref("CT2724386.IsInitSetupIni", true); user_pref("CT2724386.IsOpenThankYouPage", false); user_pref("CT2724386.IsOpenUninstallPage", true); user_pref("CT2724386.LanguagePackLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.LanguagePackReloadIntervalMM", 1440); user_pref("CT2724386.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx"); user_pref("CT2724386.LastLogin_3.12.2.3", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.LatestVersion", "3.16.0.3"); user_pref("CT2724386.Locale", "en"); user_pref("CT2724386.MCDetectTooltipHeight", "83"); user_pref("CT2724386.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); user_pref("CT2724386.MCDetectTooltipWidth", "295"); user_pref("CT2724386.MyStuffEnabledAtInstallation", true); user_pref("CT2724386.OriginalFirstVersion", "3.12.2.3"); user_pref("CT2724386.RadioIsPodcast", false); user_pref("CT2724386.RadioLastCheckTime", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.RadioLastUpdateIPServer", "3"); user_pref("CT2724386.RadioLastUpdateServer", "129249036863500000"); user_pref("CT2724386.RadioMediaID", "21080102"); user_pref("CT2724386.RadioMediaType", "Media Player"); user_pref("CT2724386.RadioMenuSelectedID", "EBRadioMenu_CT272438621080102"); user_pref("CT2724386.RadioShrinkedFromSetup", false); user_pref("CT2724386.RadioStationName", "Mix%201620%20Am"); user_pref("CT2724386.RadioStationURL", "http://69.115.65.9:8000"); user_pref("CT2724386.SearchCaption", "IncrediMail MediaBar 2 Customized Web Search"); user_pref("CT2724386.SearchFromAddressBarIsInit", true); user_pref("CT2724386.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2724386&q="); user_pref("CT2724386.SearchInNewTabEnabled", true); user_pref("CT2724386.SearchInNewTabIntervalMM", 1440); user_pref("CT2724386.SearchInNewTabLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID"); user_pref("CT2724386.SendProtectorDataViaLogin", true); user_pref("CT2724386.ServiceMapLastCheckTime", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.SettingsLastCheckTime", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.SettingsLastUpdate", "1352142245"); user_pref("CT2724386.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2724386&SearchSource=13"); user_pref("CT2724386.ThirdPartyComponentsInterval", 504); user_pref("CT2724386.ThirdPartyComponentsLastCheck", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.ThirdPartyComponentsLastUpdate", "1331805997"); user_pref("CT2724386.ToolbarShrinkedFromSetup", false); user_pref("CT2724386.TrusteLinkUrl", "http://trust.conduit.com/CT2724386"); user_pref("CT2724386.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityTool user_pref("CT2724386.UserID", "UN34769622826360073"); user_pref("CT2724386.WeatherNetwork", ""); user_pref("CT2724386.WeatherPollDate", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.WeatherUnit", "C"); user_pref("CT2724386.alertChannelId", "1116652"); user_pref("CT2724386.autoDisableScopes", -1); user_pref("CT2724386.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426 user_pref("CT2724386.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426 user_pref("CT2724386.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C45333439344A414C565B5 user_pref("CT2724386.backendstorage./9b+7e.:2z527", "2423"); user_pref("CT2724386.backendstorage./9b+7e06cg5el8:", "6E6D6C6F6B6D71766E72"); user_pref("CT2724386.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747372757173777C7478242F4B49474F42357D5D5C3D"); user_pref("CT2724386.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426 user_pref("CT2724386.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57"); user_pref("CT2724386.backendstorage./9b-0?3g>d", "6C6A3D41414172417A4572467920794A7820257D2220232A7E232455265757282C5C2F2C"); user_pref("CT2724386.backendstorage./9b-0?3g@6:5;", ""); user_pref("CT2724386.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D576 user_pref("CT2724386.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576"); user_pref("CT2724386.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750"); user_pref("CT2724386.backendstorage./9b5ba==9cjag", "6F6B6E3D3F3F6C737A73767345464C787B4F207C51"); user_pref("CT2724386.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C6F6B6D71766E73737473"); user_pref("CT2724386.backendstorage./9b9643g3/9e", "6A"); user_pref("CT2724386.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D"); user_pref("CT2724386.backendstorage./9b<:222h64<", "393F352F3E"); user_pref("CT2724386.backendstorage./9b<:222h64<l8daj", "6D7070707673747975732A787B727D7675207B"); user_pref("CT2724386.backendstorage./9b=+03eh8h8j?:", "4443"); user_pref("CT2724386.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52"); user_pref("CT2724386.backendstorage./9b?b0d:8aj62<h", "6D"); user_pref("CT2724386.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B"); user_pref("CT2724386.backendstorage.cbfirsttime", "53756E204E6F7620323520323031322032313A30383A313420474D542B303130302028526F6D616E636520287374616E646 user_pref("CT2724386.backendstorage.http://api28_thetrafficstat_net.pid2", "32303762646130383238653664623337"); user_pref("CT2724386.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit. user_pref("CT2724386.globalFirstTimeInfoLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.homepageProtectorEnableByLogin", true); user_pref("CT2724386.initDone", true); user_pref("CT2724386.isAppTrackingManagerOn", true); user_pref("CT2724386.isFirstRadioInstallation", false); user_pref("CT2724386.myStuffEnabled", true); user_pref("CT2724386.myStuffPublihserMinWidth", 400); user_pref("CT2724386.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID" user_pref("CT2724386.myStuffServiceIntervalMM", 1440); user_pref("CT2724386.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF user_pref("CT2724386.navigateToUrlOnSearch", false); user_pref("CT2724386.revertSettingsEnabled", true); user_pref("CT2724386.searchProtectorDialogDelayInSec", 10); user_pref("CT2724386.searchProtectorEnableByLogin", true); user_pref("CT2724386.testingCtid", ""); user_pref("CT2724386.toolbarAppMetaDataLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))"); user_pref("CT2724386.toolbarContextMenuLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))"); user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2724386/CT2724386", "\"9de81c057480df7103489501191bfde63\""); user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", "\"1340713590\""); user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386", "\"f1c77625c0e9bd1c80a2fd6901845fa9\""); user_pref("CommunityToolbar.ToolbarsList", "CT2724386"); user_pref("CommunityToolbar.ToolbarsList2", "CT2724386"); user_pref("CommunityToolbar.ToolbarsList4", "CT2724386"); ---- Lines conduit removed from prefs.js ---- user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1116652/1112356/BE", "\"0\""); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA=="); user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw=="); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\""); user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"0343677cfb1cd1:0\""); user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"e20848adcc9f63369aac91b7a8f5f90e\""); user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Brigitte\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\98uikema.default\\conduitComm user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com"); user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com"); ---- Lines WebSearch removed from prefs.js ---- user_pref("browser.search.defaultenginename,S", "WebSearch"); user_pref("browser.search.defaulturl", "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q= user_pref("browser.search.order.1", "WebSearch"); user_pref("browser.search.order.1,S", "WebSearch"); user_pref("browser.search.selectedEngine,S", "WebSearch"); user_pref("keyword.URL", "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q="); ---- Lines search.com removed from prefs.js ---- user_pref("CommunityToolbar.originalHomepage", "http://search.protectedsearch.com?si=41570&home=true&tid=3026"); user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="); ---- Lines Web Search removed from prefs.js ---- user_pref("browser.search.defaultengine", "Web Search"); user_pref("CommunityToolbar.originalSearchEngine", "Web Search"); ---- Lines CommunityToolbar removed from prefs.js ---- user_pref("CommunityToolbar.globalUserId", "1a1e4e88-0a31-48bb-8509-0160f6b35c12"); user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3"); user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Nov 25 2012 21:07:59 GMT+0100 (Romance (standaardtijd))"); user_pref("CommunityToolbar.notifications.alertEnabled", true); user_pref("CommunityToolbar.notifications.alertInfoInterval", 60); user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))"); user_pref("CommunityToolbar.notifications.locale", "en"); user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))"); user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); user_pref("CommunityToolbar.notifications.showTrayIcon", false); user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); user_pref("CommunityToolbar.notifications.userId", "c24d9db5-ed9b-49c0-9130-8ba38b9f9339"); ---- Lines dosearches removed from prefs.js ---- user_pref("browser.newtab.url", "http://www.dosearches.com/newtab/?utm_source=b&utm_medium=slbnew&utm_campaign=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS& user_pref("browser.search.defaultenginename", "dosearches"); user_pref("browser.search.selectedEngine", "dosearches"); user_pref("browser.startup.homepage", "http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIB ---- Lines browser.startup.page removed from prefs.js ---- user_pref("browser.startup.page", 3); ---- FireFox user.js and prefs.js backups ---- user_20141801_2118_.backup prefs_20141801_2118_.backup ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command] @="C:\\Program Files\\Mozilla Firefox\\firefox.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command] @="C:\\Program Files\\Internet Explorer\\iexplore.exe" ==== Deleting Files \ Folders ====================== C:\Users\Brigitte\AppData\Local\Mobogenie deleted C:\Users\Brigitte\AppData\Local\genienext deleted C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted C:\Users\Brigitte\AppData\Locallow\DataMngr deleted C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha deleted C:\Users\Brigitte\AppData\Locallow\ilividmoviestoolbarha deleted C:\Program Files\Mozilla Firefox deleted C:\Program Files\ViewPassword deleted C:\windows\Tasks\ViewPassword update.job deleted C:\windows\system32\Tasks\ViewPassword update deleted C:\Users\Brigitte\daemonprocess.txt deleted C:\Users\Brigitte\.android deleted C:\Program Files\EZDownloader deleted C:\Program Files\ss helper deleted C:\Program Files\Protected Search deleted C:\Program Files\WebSearch deleted C:\Program Files\The Sea App (Internet Explorer) deleted C:\Program Files\Conduit deleted C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted C:\Users\Brigitte\AppData\Roaming\UpdaterEX deleted C:\Users\Brigitte\AppData\Roaming\DealPly deleted C:\ProgramData\eSafe deleted C:\ProgramData\saaVEnshAre deleted C:\ProgramData\SearchNewTab deleted C:\ProgramData\InstallMate deleted C:\Users\Brigitte\AppData\Local\SearchProtect deleted C:\Users\Brigitte\AppData\Local\cache deleted C:\Users\Brigitte\AppData\Local\Conduit deleted C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader deleted C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search deleted C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted C:\windows\System32\Tasks\DealPly deleted C:\Users\Brigitte\Downloads\iLividSetup-r1040-n-bi.exe deleted C:\Users\Brigitte\Downloads\iLividSetup-r120-n-bi.exe deleted C:\Users\Brigitte\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2014.exe deleted C:\Users\Brigitte\AppData\LocalLow\uTorrentControl_v2 deleted C:\Users\Brigitte\AppData\LocalLow\SimplyTech deleted C:\Users\Brigitte\AppData\LocalLow\PriceGong deleted C:\Users\Brigitte\AppData\LocalLow\Conduit deleted C:\windows\system32\tasks\ProtectedSearch deleted C:\windows\system32\tasks\UpdaterEX deleted C:\windows\tasks\UpdaterEX.job deleted C:\windows\Launcher.exe deleted C:\windows\System32\SearchProtect deleted C:\Users\Brigitte\Documents\Optimizer Pro deleted C:\Users\Brigitte\Documents\Mobogenie deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\firefox@glindorus.net.xpi deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\ilividmoviestoolbarha deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\staged deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\CT2724386 deleted C:\Users\Public\Desktop\EZDownloader.lnk deleted C:\Users\Brigitte\Desktop\iLivid.lnk deleted C:\Users\Brigitte\Desktop\Mobogenie.lnk deleted C:\Users\Brigitte\Desktop\avg_free_stb_all_2014_4158_softonic.exe deleted C:\Users\Brigitte\Desktop\werk\avg_free_stb_all_2014_4158_softonic[1].exe deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{83ac1a2f-92fc-4314-bc93-c5782d0ba7be} deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\conduitCommon deleted ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\Brigitte\AppData\Local\Temp ==== 2014-01-14 12:17:46 282791611C9DBA51A4425DE58CC8DF27 7710720 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\01141317-00001f48-wxm4arvyf7\WLXSuite.msi 2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe 2014-01-05 13:34:59 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe 2014-01-05 13:34:59 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe ====== Java Cache ===== ====== C:\windows\system32 ===== 2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\windows\System32\win32k.sys 2014-01-14 12:17:25 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\windows\System32\XAPOFX1_5.dll 2014-01-14 12:17:25 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\windows\System32\XAudio2_7.dll 2014-01-14 12:17:25 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\windows\System32\D3DCompiler_43.dll 2014-01-14 12:17:24 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\windows\System32\d3dx11_43.dll 2014-01-14 12:17:24 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\windows\System32\d3dx10_42.dll ====== C:\windows\system32\drivers ===== 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\windows\System32\drivers\usbhub.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\windows\System32\drivers\usbport.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\windows\System32\drivers\usbehci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\windows\System32\drivers\usbohci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\windows\System32\drivers\usbuhci.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\windows\System32\drivers\usbd.sys 2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\windows\System32\drivers\netio.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\windows\System32\drivers\usbccgp.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2014-01-18 16:36:23 -------- d-----w- C:\Program Files\trend micro 2014-01-18 13:16:45 -------- d-----w- C:\Program Files\Lavasoft 2014-01-16 17:46:09 -------- d-----w- C:\Program Files\EuroTalk Interactive ======= C: ===== ====== C:\Users\Brigitte\AppData\Roaming ====== 2014-01-18 13:20:37 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics 2014-01-16 17:46:14 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\EuroTalk 2014-01-15 12:28:52 978ABE7248592A3665A5D9B5BEEFD3EE 288 ----a-w- C:\Users\Brigitte\AppData\Roaming\.backup.dm 2014-01-01 12:16:56 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch 2014-01-01 12:16:31 -------- d-----w- C:\Users\Brigitte\AppData\Local\Torch ====== C:\Users\Brigitte ====== 2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe 2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe 2014-01-18 14:36:20 -------- d-----w- C:\ProgramData\BitDefender 2014-01-18 13:15:46 -------- d-----w- C:\ProgramData\Lavasoft 2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe 2014-01-16 17:46:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now! 2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe 2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe 2014-01-01 12:17:06 -------- d-----w- C:\ProgramData\TorchCrashHandler 2013-12-28 20:22:51 -------- d-----w- C:\ProgramData\AVG 1213b Campaign ====== C: exe-files == 2014-01-18 17:04:08 E2282FC6D371FE1D91FBBFA9C3C9D3B8 1009952 ----a-w- C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe 2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe 2014-01-18 16:36:23 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Brigitte.exe 2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe 2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe 2014-01-14 12:16:45 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7d35043c1cf112204\DXSETUP.exe 2014-01-14 12:16:43 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7c33ef9e1cf112203\DXSETUP.exe 2014-01-14 12:16:42 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7bbcead01cf112202\DXSETUP.exe 2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe 2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe 2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe === C: other files == 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\udaterui.exe /StartedFromRunKey" "LogMeIn GUI"="c:\Program Files\LogMeIn\x86\LogMeInSystray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Folders ====================== 2012-04-03 17:32:12 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/01/2014 21:28] C:\windows\tasks\AVG_SYS_TASK.job --a------ C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe [05/12/2013 19:06] C:\windows\tasks\AVG_SYS_TASK_DELETE.job --a------ [undetermined Task] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job --a------ [undetermined Task] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/07/2012 21:46] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48] ==== Other Scheduled Tasks ====================== "C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\system32\tasks\AVG_SYS_TASK" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe] "C:\windows\system32\tasks\AVG_SYS_TASK_DELETE" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe] "C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\{C850CDCE-2B72-458E-8CFF-58F265C69A33}" ["c:\program files\internet explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux ? Skype "C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{0b67060e-62bf-4fc6-a316-c327841d0451}"="C:\Program Files\ViewPassword\150.xpi" [] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Brigitte\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 34E3709244736B8976820F730E5A8815 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U31 A878453A1714870EAADA83E6434BDB77 - C:\Program Files\Java\jre6\bin\plugin2\npdeployJava1.dll - Java Deployment Toolkit 6.0.310.5 A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 4676A8E1EE37E71486717ECD1E61C17B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 8082F66DC9C8167FF1AA548736F58457 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 53FE2D34B143EFDB80685281E751B91C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[] ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[] ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[] jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files\ViewPassword\150.crx[] kjlkjjohncghchjiniokhljcgmlajgpb - C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx[25/10/2012 08:47] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[] Movies Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob safeorWeb - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk uTorrentControl_v2 - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Select City - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo ViewPassword - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc Protected Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb Google Wallet - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Movies Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob Ask Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne glindorus - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe safeorWeb - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk DropToS - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo Torch Games - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad FaceLift - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk ViewPassword - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc Torch Helper - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Torch Torrent - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc Google Wallet - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed Hola - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh ==== Chrome Fix ====================== C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.the-searcheng.info_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.the-searcheng.info_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_f.dealply.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_f.dealply.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_h.dealply.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_h.dealply.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dosearches.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dosearches.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vertalen.babylon.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vertalen.babylon.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.protectedsearch.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.protectedsearch.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure.tlbsearch.com_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure.tlbsearch.com_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0 deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kjlkjjohncghchjiniokhljcgmlajgpb_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kjlkjjohncghchjiniokhljcgmlajgpb_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage-journal deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage deleted successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPC8117077-769C-4E32-B8B5-2D6088E47052&SSPV=" "Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}" "Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307" "Start Page"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307" "Search Page"="http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026" "Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" "Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI] "(Default)"="http://search.msn.com/results.asp?q=%s" [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search] "Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896" "Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully HKEY_CLASSES_ROOT\CLSID\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Mozilla\Firefox\Extensions\{0b67060e-62bf-4fc6-a316-c327841d0451} deleted successfully ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb deleted successfully HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\e9737a78-b8c6-4465-9feb-7e2a4f782ad9 deleted successfully HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaCR deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\The Sea App deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714 deleted successfully HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1 deleted successfully ==== Empty IE Cache ====================== C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Brigitte\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\Brigitte\AppData\Local\Mozilla\Firefox\Profiles\98uikema.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=6210 folders=908 373562616 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\LogMeInRemoteUser\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Users\Brigitte\AppData\Local\Temp will be emptied at reboot C:\windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\windows\Temp successfully emptied C:\Users\Brigitte\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on Sat 18/01/2014 at 21:26:17,15 ======================
  3. Fonzer
    Hey Kape, bedankt voor de snelle reactie Chrome ziet er al heel wat beter uit.... maar merk dat ik toch nog af en toe een pop-up krijg. Hieronder het logje zoals je gevraagd had. Zoek.exe v5.0.0.0 Updated 18-Januari-2014 Tool run by Brigitte on Sat 18/01/2014 at 19:20:10,30. Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86 Running in: Normal Mode Internet Access Detected Launched: C:\Users\Brigitte\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used] ==== System Restore Info ====================== 18/01/2014 19:22:06 Zoek.exe System Restore Point Created Succesfully. ==== Empty Folders Check ====================== C:\Program Files\MSXML 4.0 deleted successfully C:\ProgramData\PDFC deleted successfully C:\Users\Brigitte\AppData\Local\CutePDF Writer deleted successfully C:\Users\Brigitte\AppData\Local\PDFC deleted successfully C:\Users\Brigitte\AppData\Local\VirtualStore deleted successfully ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61096323-3324-48fb-925b-4206f342e162} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61096323-3324-48fb-925b-4206f342e162} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{137e72ff-50ed-4c67-8370-641ad61f2025} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_CLASSES_ROOT\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_CLASSES_ROOT\CLSID\{61096323-3324-48fb-925b-4206f342e162} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162} deleted successfully HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_CLASSES_ROOT\CLSID\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully HKEY_CLASSES_ROOT\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{137e72ff-50ed-4c67-8370-641ad61f2025} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{61096323-3324-48fb-925b-4206f342e162} deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully ==== Deleting Services ====================== HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MgAssistService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MgAssistService deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util glindorus deleted successfully HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util glindorus deleted successfully ==== Registry Fix Code ====================== Windows Registry Editor Version 5.00 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "mobilegeni daemon"=- ""=- [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "iLivid"=- "NextLive"=- [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"=- [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] ==== Deleting Files \ Folders ====================== C:\Microgaming\Casino not found C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar deleted C:\Program Files\uTorrentControl_v2 deleted C:\Users\Brigitte\AppData\Roaming\newnext.me deleted C:\Program Files\Movies Toolbar deleted C:\ProgramData\SSaiverAedddon deleted C:\ProgramData\djplgkgacgbgeggaldhknlocbfijlpmd deleted C:\ProgramData\79aa0853f68303e0 deleted C:\ProgramData\safeorWeb deleted C:\ProgramData\Wincert deleted C:\ProgramData\Datamngr deleted C:\Program Files\SearchProtect deleted "C:\Program Files\Mozilla Firefox\searchplugins\dosearches.xml" deleted "C:\Program Files\Mozilla Firefox\searchplugins\Web Search.xml" deleted "C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\Web Search.xml" deleted "C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\WebSearch.xml" deleted "C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\MyStart Search.xml" deleted "C:\Program Files\glindorus\updateglindorus.exe" deleted "C:\Program Files\Mobogenie\DaemonProcess.exe" deleted "C:\Program Files\Mobogenie\DCR.dll" deleted "C:\Program Files\Mobogenie\Device.dll" deleted "C:\Program Files\Mobogenie\libeay32.dll" deleted "C:\Program Files\Mobogenie\msvcp100.dll" deleted "C:\Program Files\Mobogenie\msvcr100.dll" deleted "C:\Program Files\Mobogenie\QtCore4.dll" deleted "C:\Program Files\Mobogenie\QtGui4.dll" deleted "C:\Program Files\Mobogenie\QtNetwork4.dll" deleted "C:\Program Files\Mobogenie\QtSql4.dll" deleted "C:\Program Files\Mobogenie\QtWebKit4.dll" deleted "C:\Program Files\Mobogenie\ssleay32.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe" deleted "C:\Users\Brigitte\AppData\Local\iLivid\libeay32.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\msvcp100.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\msvcr100.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\QtCore4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\QtGui4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\QtNetwork4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\QtWebKit4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\QtXml4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\ssleay32.dll" deleted "C:\Program Files\glindorus\bin\sqlite3.dll" deleted "C:\Program Files\glindorus\bin\utilglindorus.exe" deleted "C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qgif4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qico4.dll" deleted "C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted "C:\Program Files\glindorus" not deleted "C:\Program Files\Mobogenie" deleted "C:\Users\Brigitte\AppData\Local\iLivid" deleted "C:\Program Files\glindorus\bin" not deleted "C:\Users\Brigitte\AppData\Local\iLivid\imageformats" deleted ==== Files Recently Created / Modified ====================== ====== C:\windows ==== ====== C:\Users\Brigitte\AppData\Local\Temp ==== 2014-01-14 12:17:46 282791611C9DBA51A4425DE58CC8DF27 7710720 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\01141317-00001f48-wxm4arvyf7\WLXSuite.msi 2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe 2014-01-05 13:34:59 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe 2014-01-05 13:34:59 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe ====== Java Cache ===== ====== C:\windows\system32 ===== 2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\windows\System32\win32k.sys 2014-01-14 12:17:25 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\windows\System32\XAPOFX1_5.dll 2014-01-14 12:17:25 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\windows\System32\XAudio2_7.dll 2014-01-14 12:17:25 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\windows\System32\D3DCompiler_43.dll 2014-01-14 12:17:24 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\windows\System32\d3dx11_43.dll 2014-01-14 12:17:24 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\windows\System32\d3dx10_42.dll ====== C:\windows\system32\drivers ===== 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\windows\System32\drivers\usbhub.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\windows\System32\drivers\usbport.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\windows\System32\drivers\usbehci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\windows\System32\drivers\usbohci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\windows\System32\drivers\usbuhci.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\windows\System32\drivers\usbd.sys 2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\windows\System32\drivers\netio.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\windows\System32\drivers\usbccgp.sys ====== C:\windows\Tasks ====== ====== C:\windows\Temp ====== ======= C:\Program Files ===== 2014-01-18 16:36:23 -------- d-----w- C:\Program Files\trend micro 2014-01-18 13:16:45 -------- d-----w- C:\Program Files\Lavasoft 2014-01-16 17:46:09 -------- d-----w- C:\Program Files\EuroTalk Interactive 2013-12-28 20:19:01 -------- d-----w- C:\Program Files\ViewPassword ======= C: ===== ====== C:\Users\Brigitte\AppData\Roaming ====== 2014-01-18 13:20:37 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics 2014-01-16 17:46:14 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\EuroTalk 2014-01-15 12:28:52 978ABE7248592A3665A5D9B5BEEFD3EE 288 ----a-w- C:\Users\Brigitte\AppData\Roaming\.backup.dm 2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\Mobogenie 2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\genienext 2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\cache 2014-01-14 12:18:11 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie 2014-01-01 12:16:56 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch 2014-01-01 12:16:31 -------- d-----w- C:\Users\Brigitte\AppData\Local\Torch 2014-01-01 12:11:00 -------- d-----w- C:\Users\Brigitte\AppData\Locallow\DataMngr 2014-01-01 12:10:24 -------- d-----w- C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha 2014-01-01 12:10:20 -------- d-----w- C:\Users\Brigitte\AppData\Locallow\ilividmoviestoolbarha ====== C:\Users\Brigitte ====== 2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe 2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe 2014-01-18 14:36:20 -------- d-----w- C:\ProgramData\BitDefender 2014-01-18 13:15:46 -------- d-----w- C:\ProgramData\Lavasoft 2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe 2014-01-16 17:46:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now! 2014-01-14 12:18:51 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Brigitte\daemonprocess.txt 2014-01-14 12:18:49 -------- d-----w- C:\Users\Brigitte\.android 2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe 2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe 2014-01-09 20:03:25 A99ABB043DF796C6C941154EE858AAE9 1751600 ----a-w- C:\Users\Brigitte\Downloads\iLividSetup-r1040-n-bi.exe 2014-01-01 12:17:06 -------- d-----w- C:\ProgramData\TorchCrashHandler 2013-12-28 20:22:51 -------- d-----w- C:\ProgramData\AVG 1213b Campaign ====== C: exe-files == 2014-01-18 17:04:08 E2282FC6D371FE1D91FBBFA9C3C9D3B8 1009952 ----a-w- C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe 2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe 2014-01-18 16:36:23 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Brigitte.exe 2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe 2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe 2014-01-14 12:16:45 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7d35043c1cf112204\DXSETUP.exe 2014-01-14 12:16:43 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7c33ef9e1cf112203\DXSETUP.exe 2014-01-14 12:16:42 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7bbcead01cf112202\DXSETUP.exe 2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe 2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe 2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe === C: other files == 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys 2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys 2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys 2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys 2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys 2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys 2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys 2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys 2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys 2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start" "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe" "WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe" "IgfxTray"="C:\windows\system32\igfxtray.exe" "HotKeysCmds"="C:\windows\system32\hkcmd.exe" "Persistence"="C:\windows\system32\igfxpers.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\udaterui.exe /StartedFromRunKey" "LogMeIn GUI"="c:\Program Files\LogMeIn\x86\LogMeInSystray.exe" "SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe " "SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe" "Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe " [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden" "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background" "DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun" "Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" ==== Startup Folders ====================== 2012-04-03 17:32:12 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk ==== Task Scheduler Jobs ====================== C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/01/2014 21:28] C:\windows\tasks\AVG_SYS_TASK.job --a------ C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe [05/12/2013 19:06] C:\windows\tasks\AVG_SYS_TASK_DELETE.job --a------ [undetermined Task] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job --a------ [undetermined Task] C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/07/2012 21:46] C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48] C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48] C:\windows\tasks\UpdaterEX.job --a------ C:\Users\Brigitte\AppData\Roaming\UPDATE1\UPDATE1\UPDATE1.exe [] C:\windows\tasks\ViewPassword Update.job --a------ [undetermined Task] ==== Other Scheduled Tasks ====================== "C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe] "C:\windows\system32\tasks\AVG_SYS_TASK" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe] "C:\windows\system32\tasks\AVG_SYS_TASK_DELETE" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe] "C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe] "C:\windows\system32\tasks\DealPly" [C:\Users\Brigitte\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE] "C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe] "C:\windows\system32\tasks\UpdaterEX" [C:\Users\Brigitte\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE] "C:\windows\system32\tasks\ViewPassword Update" [C:\Program Files\ViewPassword\ViewPassword.exe] "C:\windows\system32\tasks\{C850CDCE-2B72-458E-8CFF-58F265C69A33}" ["c:\program files\internet explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux ? Skype "C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc] "C:\windows\system32\tasks\ProtectedSearch\Protected Search" ["C:\Program Files\Protected Search\ProtectedSearch.exe"] ==== Firefox Extensions Registry ====================== [HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions] "{0b67060e-62bf-4fc6-a316-c327841d0451}"="C:\Program Files\ViewPassword\150.xpi" [28/12/2013 21:19] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default - Undetermined - %ProfilePath%\extensions\staged - uTorrentControl_v2 - %ProfilePath%\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} - Protected Toolbar - %ProfilePath%\extensions\{83ac1a2f-92fc-4314-bc93-c5782d0ba7be} - IncrediMail MediaBar 2 Community Toolbar - %ProfilePath%\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} - glindorus - %ProfilePath%\extensions\firefox@glindorus.net.xpi AppDir: C:\Program Files\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} ==== Firefox Plugins ====================== Profilepath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Brigitte\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin 6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1 D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1 BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1 C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1 AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1 CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1 1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1 34E3709244736B8976820F730E5A8815 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U31 A878453A1714870EAADA83E6434BDB77 - C:\Program Files\Java\jre6\bin\plugin2\npdeployJava1.dll - Java Deployment Toolkit 6.0.310.5 A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin 8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector 4676A8E1EE37E71486717ECD1E61C17B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director 8082F66DC9C8167FF1AA548736F58457 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat 53FE2D34B143EFDB80685281E751B91C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[20/08/2013 06:55] ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[] ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[19/11/2012 20:00] ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[30/10/2013 19:07] jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files\ViewPassword\150.crx[28/12/2013 21:18] kjlkjjohncghchjiniokhljcgmlajgpb - C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx[25/10/2012 08:47] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[19/11/2012 20:00] Movies Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob glindorus - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe safeorWeb - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk uTorrentControl_v2 - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda Select City - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo ViewPassword - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc Protected Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb Google Wallet - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Movies Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob Ask Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne glindorus - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe safeorWeb - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk DropToS - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo Torch Games - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad FaceLift - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk ViewPassword - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc Torch Helper - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg Torch Torrent - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc Google Wallet - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed Hola - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh undetermined - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully HKEY_CLASSES_ROOT\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully ==== shortcuts on Users Desktops ====================== C:\Users\Brigitte\Desktop\Continue PDF Creator Installation.lnk - C:\Users\Brigitte\AppData\Local\Temp\ICReinstall_PDFCreatorSetup.exe /RR C:\Users\Brigitte\Desktop\Documenten op Brigitte's Apparaat.LNK - C:\Users\Brigitte\Documents\Documenten op Brigitte's Apparaat C:\Users\Brigitte\Desktop\Downloads - Snelkoppeling.lnk - C:\Users\Brigitte\Downloads C:\Users\Brigitte\Desktop\filmpjes 2013 - Snelkoppeling (2).lnk - G:\MP_ROOT\100ANV01\filmpjes 2013 C:\Users\Brigitte\Desktop\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe C:\Users\Brigitte\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites C:\Users\Brigitte\Desktop\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Brigitte\Desktop\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe C:\Users\Brigitte\Desktop\Start - Snelkoppeling.lnk - F:\Start.exe C:\Users\Brigitte\Desktop\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe C:\Users\Brigitte\Desktop\Windows Mobile Apparaatcentrum.lnk - C:\Windows\WindowsMobile\wmdc.exe /show C:\Users\Brigitte\Desktop\Youtube.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe YouTube --run-by-youtube C:\Users\Brigitte\Desktop\µTorrent.lnk - C:\Users\Brigitte\Desktop\BACKUP OUDE DATA\Documents\reggy\Lokale schijf © - Snelkoppeling.lnk - C:\ C:\Users\Brigitte\Desktop\cd\32.????????????????? - Snelkoppeling - kopie.lnk - C:\Users\Brigitte\Desktop\cd\32.????????????????? - Snelkoppeling.lnk - C:\Users\Brigitte\Desktop\werk\imm002_0 - Snelkoppeling.lnk - F:\Roll\imm002_0.jpg C:\Users\Brigitte\Desktop\werk\imm004_2 - Snelkoppeling.lnk - F:\Roll\imm004_2.jpg C:\Users\Brigitte\Desktop\werk\imm005_3 - Snelkoppeling.lnk - F:\Roll\imm005_3.jpg C:\Users\Brigitte\Desktop\werk\imm006_4 - Snelkoppeling.lnk - F:\Roll\imm006_4.jpg C:\Users\Brigitte\Desktop\werk\imm007_5 - Snelkoppeling.lnk - F:\Roll\imm007_5.jpg C:\Users\Brigitte\Desktop\werk\imm008_6 - Snelkoppeling.lnk - F:\Roll\imm008_6.jpg C:\Users\Brigitte\Desktop\werk\imm009_7 - Snelkoppeling.lnk - F:\Roll\imm009_7.jpg C:\Users\Brigitte\Desktop\werk\imm010_8 - Snelkoppeling.lnk - F:\Roll\imm010_8.jpg C:\Users\Brigitte\Desktop\werk\imm011_9 - Snelkoppeling.lnk - F:\Roll\imm011_9.jpg C:\Users\Brigitte\Desktop\werk\imm012_10 - Snelkoppeling.lnk - F:\Roll\imm012_10.jpg C:\Users\Brigitte\Desktop\werk\imm013_11 - Snelkoppeling.lnk - F:\Roll\imm013_11.jpg C:\Users\Brigitte\Desktop\werk\imm014_12 - Snelkoppeling.lnk - F:\Roll\imm014_12.jpg C:\Users\Brigitte\Desktop\werk\imm015_13 - Snelkoppeling.lnk - F:\Roll\imm015_13.jpg C:\Users\Brigitte\Desktop\werk\imm016_14 - Snelkoppeling.lnk - F:\Roll\imm016_14.jpg C:\Users\Brigitte\Desktop\werk\imm017_15 - Snelkoppeling.lnk - F:\Roll\imm017_15.jpg C:\Users\Brigitte\Desktop\werk\imm018_16 - Snelkoppeling.lnk - F:\Roll\imm018_16.jpg C:\Users\Brigitte\Desktop\werk\imm019_17 - Snelkoppeling.lnk - F:\Roll\imm019_17.jpg C:\Users\Brigitte\Desktop\werk\imm020_18 - Snelkoppeling.lnk - F:\Roll\imm020_18.jpg C:\Users\Brigitte\Desktop\werk\imm021_19 - Snelkoppeling.lnk - F:\Roll\imm021_19.jpg C:\Users\Brigitte\Desktop\werk\imm022_20 - Snelkoppeling.lnk - F:\Roll\imm022_20.jpg C:\Users\Brigitte\Desktop\werk\imm023_21 - Snelkoppeling.lnk - F:\Roll\imm023_21.jpg C:\Users\Brigitte\Desktop\werk\imm024_22 - Snelkoppeling.lnk - F:\Roll\imm024_22.jpg C:\Users\Brigitte\Desktop\werk\imm025_23 - Snelkoppeling.lnk - F:\Roll\imm025_23.jpg C:\Users\Brigitte\Desktop\werk\imm026_24 - Snelkoppeling.lnk - F:\Roll\imm026_24.jpg C:\Users\Brigitte\Desktop\werk\imm027_25 - Snelkoppeling.lnk - F:\Roll\imm027_25.jpg C:\Users\Brigitte\Desktop\werk\imm028_26 - Snelkoppeling.lnk - F:\Roll\imm028_26.jpg C:\Users\Brigitte\Desktop\werk\imm029_27 - Snelkoppeling.lnk - F:\Roll\imm029_27.jpg C:\Users\Brigitte\Desktop\werk\imm030_28 - Snelkoppeling.lnk - F:\Roll\imm030_28.jpg C:\Users\Brigitte\Desktop\werk\imm031_29 - Snelkoppeling.lnk - F:\Roll\imm031_29.jpg C:\Users\Brigitte\Desktop\werk\imm032_30 - Snelkoppeling.lnk - F:\Roll\imm032_30.jpg C:\Users\Brigitte\Desktop\werk\imm033_31 - Snelkoppeling.lnk - F:\Roll\imm033_31.jpg C:\Users\Brigitte\Desktop\werk\imm034_32 - Snelkoppeling.lnk - F:\Roll\imm034_32.jpg C:\Users\Brigitte\Desktop\werk\imm035_33 - Snelkoppeling.lnk - F:\Roll\imm035_33.jpg C:\Users\Brigitte\Desktop\werk\imm036_34 - Snelkoppeling.lnk - F:\Roll\imm036_34.jpg C:\Users\Brigitte\Desktop\werk\imm037_35 - Snelkoppeling.lnk - F:\Roll\imm037_35.jpg C:\Users\Brigitte\Desktop\werk\imm038_36 - Snelkoppeling.lnk - F:\Roll\imm038_36.jpg C:\Users\Brigitte\Desktop\werk\imm039_37 - Snelkoppeling.lnk - F:\Roll\imm039_37.jpg ==== shortcuts on All Users Desktop ====================== C:\Users\Public\Desktop\EZDownloader.lnk - C:\Program Files\EZDownloader\EZDownloader.exe C:\Users\Public\Desktop\Golden Palace Poker.lnk - C:\GoldenPalace\StartGoldenPalace.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe PortalDoSites C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe C:\Users\Public\Desktop\Off-linediensten van Home'Bank.lnk - C:\Program Files\ING\Off-line\HomeBank.exe C:\Users\Public\Desktop\Second Life Viewer.lnk - C:\Program Files\SecondLifeViewer\SecondLife.exe --set InstallLanguage en C:\Users\Public\Desktop\Talk Now.lnk - C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe C:\Users\Public\Desktop\µTorrent.lnk - ==== shortcuts in Users Start Menu ====================== C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe ==== shortcuts in All Users Start Menu ====================== C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now - Full Screen.lnk - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now.lnk - ==== shortcuts in Quick Launch ====================== C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Golden Palace Poker.lnk - C:\GoldenPalace\StartGoldenPalace.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe PortalDoSites C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk - C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ING Home'Bank.lnk - C:\Program Files\ING\Off-line\HomeBank.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Publisher 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Second Life Viewer.lnk - C:\Program Files\SecondLifeViewer\SecondLife.exe --set InstallLanguage en C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\xlicons.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pptico.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Publisher 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pubs.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\wordicon.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1 C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk - C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk - ==== shortcuts After Repair ====================== C:\Users\Brigitte\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brigitte\Desktop\Youtube.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe ==== C:\zoek_backup content ====================== C:\zoek_backup (files=3482 folders=231 205526675 bytes) ==== After Reboot ====================== ==== Deleting Files / Folders ====================== "C:\Program Files\glindorus" not found ==== EOF on Sat 18/01/2014 at 19:29:41,92 ======================
  4. Fonzer
    Hallo, De vriendin van mijn schoonvader haar laptop heeft kuren. De snelheid is niet zo zeer een probleem, maar wel de ellendige pop-ups en reclame-advertenties. Zelf in Chrome! Ik krijg ze maar niet weg met bv Ad-aware. Kunnen jullie een handje helpen? Hieronder het logje. Alvast bedankt, Steven Logfile of random's system information tool 1.09 (written by random/random) Run by Brigitte at 2014-01-18 17:39:59 Microsoft Windows 7 Professional Service Pack 1 System drive C: has 151 GB (52%) free of 288 GB Total RAM: 3000 MB (32% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:40:02, on 18/01/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v11.0 (11.00.9600.16428) Boot mode: Normal Running processes: C:\windows\system32\taskhost.exe C:\windows\system32\Dwm.exe C:\windows\Explorer.EXE C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe C:\Program Files\Mobogenie\DaemonProcess.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\IDT\WDM\sttray.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\Program Files\LogMeIn\x86\LogMeInSystray.exe C:\Windows\WindowsMobile\wmdc.exe C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe C:\Program Files\Skype\Phone\Skype.exe C:\windows\system32\igfxsrvc.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe C:\Windows\System32\rundll32.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe C:\windows\system32\SearchFilterHost.exe C:\Users\Brigitte\Desktop\RSIT (1).exe C:\Program Files\trend micro\Brigitte.exe C:\windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms} R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms} R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = PortalDoSites R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll O2 - BHO: Protected Toolbar - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: glindorus - {9598e82a-7e09-4438-b425-b9e9718c3c73} - C:\Program Files\glindorus\glindorusbho.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL O2 - BHO: TheSea.TheSeaPlugin - {C585D593-E7F3-4852-A200-561686EE02E4} - mscoree.dll (file missing) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: ViewPassword - {e76da439-a1f1-4cfd-88c1-1fb8bac7e620} - C:\Program Files\ViewPassword\150.dll O3 - Toolbar: Protected Toolbar - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey O4 - HKLM\..\Run: [LogMeIn GUI] "c:\Program Files\LogMeIn\x86\LogMeInSystray.exe" O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe O4 - HKLM\..\Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe" O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [uTorrent] "C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [iLivid] "C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe" -autorun O4 - HKCU\..\Run: [NextLive] C:\windows\system32\rundll32.exe "C:\Users\Brigitte\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: Bluetooth.lnk = ? O9 - Extra button: (no name) - {137e72ff-50ed-4c67-8370-641ad61f2025} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Quatro Casino - Ž`__ø÷÷876¸µµÛÚÚhhg˜——@??íë멦¦PPOÊÅÅ,,,€ÿ - C:\Microgaming\Casino\QuatroCasino\casinogame.exe (file missing) (HKCU) O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM) O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM) O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing) O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing) O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\LogMeIn.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files\Mobogenie\MgAssist.exe O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Brigitte\AppData\Local\Torch\Update\TorchCrashHandler.exe O23 - Service: Update glindorus - Unknown owner - C:\Program Files\glindorus\updateglindorus.exe O23 - Service: Util glindorus - Unknown owner - C:\Program Files\glindorus\bin\utilglindorus.exe -- End of file - 15630 bytes ======Scheduled tasks folder====== C:\windows\tasks\Adobe Flash Player Updater.job C:\windows\tasks\AVG_SYS_TASK.job C:\windows\tasks\AVG_SYS_TASK_DELETE.job C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job C:\windows\tasks\GoogleUpdateTaskMachineCore.job C:\windows\tasks\GoogleUpdateTaskMachineUA.job C:\windows\tasks\UpdaterEX.job C:\windows\tasks\ViewPassword Update.job =========Mozilla firefox========= ProfilePath - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default prefs.js - "browser.search.useDBForOrder" - false prefs.js - "browser.startup.homepage" - "http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307" prefs.js - "keyword.URL" - "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q=" [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 11.9.900.170 Plugin "Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer] "Description"=Adobe Shockwave Player "Path"=C:\windows\system32\Adobe\Director\np32dsw.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE] "Description"= "Path"=disabled [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0] "Description"=Office Authorization plug-in for NPAPI browsers "Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] "Description"=Microsoft SharePoint Plug-in for Firefox "Path"=C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5] "Description"=VLC Multimedia Plugin "Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll nsIQTScriptablePlugin.xpt C:\Program Files\Mozilla Firefox\searchplugins\ bing.xml bolcom-nl.xml dosearches.xml google.xml marktplaats-nl.xml Web Search.xml wikipedia-nl.xml C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\ staged {7473b6bd-4691-4744-a82b-7854eb3d70b6} {83ac1a2f-92fc-4314-bc93-c5782d0ba7be} {d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\ MyStart Search.xml Web Search.xml WebSearch.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}] Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2013-08-20 92560] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}] Protected Toolbar - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll [2012-10-25 1030728] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}] uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-03 325408] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73}] glindorus - C:\Program Files\glindorus\glindorusbho.dll [2013-10-05 249632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}] Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}] TheSea.TheSeaPlugin - C:\windows\system32\mscoree.dll [2010-11-05 297808] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-03 42272] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620}] ViewPassword - C:\Program Files\ViewPassword\150.dll [2013-12-28 146944] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {61096323-3324-48fb-925b-4206f342e162} - Protected Toolbar - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll [2012-10-25 1030728] {7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936] {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2013-08-20 92560] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-01-28 256056] "IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904] "SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272] "WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768] "IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-12 141848] "HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-12 175640] "Persistence"=C:\windows\system32\igfxpers.exe [2010-03-12 166936] "SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-01-29 495708] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712] "APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-03-27 421736] "McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-01-12 161088] "LogMeIn GUI"=c:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2011-09-16 63048] "Windows Mobile Device Center"=C:\windows\WindowsMobile\wmdc.exe [2007-05-31 648072] "mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe [2014-01-09 766656] ""= [] "AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe [2013-12-11 3540312] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden [] "Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17149576] "msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184] "DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408] "Facebook Update"=C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13 138096] "uTorrent"=C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe [2013-09-24 1130576] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-12-18 5717272] "iLivid"=C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe [2013-09-08 6827008] "NextLive"=C:\Users\Brigitte\AppData\Roaming\newnext.me\nengine.dll [2014-01-06 1283584] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll " [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\windows\system32\igfxdev.dll [2010-01-25 225792] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"=credssp.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "ConsentPromptBehaviorAdmin"=0 "ConsentPromptBehaviorUser"=3 "EnableLUA"=0 "EnableUIADesktopToggle"=0 "PromptOnSecureDesktop"=0 "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "DisableTaskMgr"=0 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoRun"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe] "Debugger="tasklist.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "vidc.i420"=iyuv_32.dll "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "MSVideo8"=VfWWDM32.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "msacm.siren"=sirenacm.dll "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2014-01-18 17:36:23 ----D---- C:\rsit 2014-01-18 17:36:23 ----D---- C:\Program Files\trend micro 2014-01-18 15:36:20 ----D---- C:\ProgramData\BitDefender 2014-01-18 14:20:37 ----D---- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics 2014-01-18 14:18:48 ----D---- C:\Users\Brigitte\AppData\Roaming\Lavasoft 2014-01-18 14:17:57 ----A---- C:\windows\system32\bdnc.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\OEMbdpredir.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\httproxy.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\bdsmtpp.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\bdpredir.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\bdpop3p.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\bdfwcore.dll 2014-01-18 14:17:55 ----A---- C:\windows\system32\BdFirewallSDK.dll 2014-01-18 14:16:45 ----D---- C:\Program Files\Lavasoft 2014-01-18 14:15:59 ----D---- C:\Program Files\Common Files\Lavasoft 2014-01-18 14:15:46 ----D---- C:\ProgramData\Lavasoft 2014-01-16 18:46:14 ----D---- C:\Users\Brigitte\AppData\Roaming\EuroTalk 2014-01-16 18:46:09 ----D---- C:\Program Files\EuroTalk Interactive 2014-01-15 08:05:44 ----A---- C:\windows\system32\win32k.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbuhci.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbport.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbohci.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbhub.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbehci.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbd.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbccgp.sys 2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\netio.sys 2014-01-14 13:18:48 ----D---- C:\Users\Brigitte\AppData\Roaming\newnext.me 2014-01-14 13:18:07 ----D---- C:\Program Files\Mobogenie 2014-01-14 13:17:25 ----A---- C:\windows\system32\XAudio2_7.dll 2014-01-14 13:17:25 ----A---- C:\windows\system32\XAPOFX1_5.dll 2014-01-14 13:17:25 ----A---- C:\windows\system32\D3DCompiler_43.dll 2014-01-14 13:17:24 ----A---- C:\windows\system32\d3dx11_43.dll 2014-01-14 13:17:24 ----A---- C:\windows\system32\d3dx10_42.dll 2014-01-05 19:12:41 ----D---- C:\ProgramData\SSaiverAedddon 2014-01-05 19:12:41 ----D---- C:\ProgramData\djplgkgacgbgeggaldhknlocbfijlpmd 2014-01-05 19:12:26 ----D---- C:\ProgramData\79aa0853f68303e0 2014-01-05 19:12:25 ----D---- C:\ProgramData\safeorWeb 2014-01-01 13:17:06 ----D---- C:\ProgramData\TorchCrashHandler 2014-01-01 13:10:31 ----D---- C:\ProgramData\Wincert 2014-01-01 13:10:02 ----D---- C:\Program Files\Movies Toolbar 2014-01-01 13:10:01 ----D---- C:\ProgramData\Datamngr 2013-12-28 21:22:51 ----D---- C:\ProgramData\AVG 1213b Campaign 2013-12-28 21:19:01 ----D---- C:\Program Files\ViewPassword 2013-12-19 06:56:11 ----D---- C:\Program Files\MSECache ======List of files/folders modified in the last 1 month====== 2014-01-18 17:36:34 ----D---- C:\windows\Prefetch 2014-01-18 17:36:23 ----RD---- C:\Program Files 2014-01-18 17:33:58 ----D---- C:\windows\Temp 2014-01-18 17:33:08 ----D---- C:\Users\Brigitte\AppData\Roaming\Skype 2014-01-18 16:34:11 ----D---- C:\windows\system32\config 2014-01-18 15:36:28 ----D---- C:\windows\System32 2014-01-18 15:36:20 ----HD---- C:\ProgramData 2014-01-18 14:34:25 ----D---- C:\Users\Brigitte\AppData\Roaming\uTorrent 2014-01-18 14:32:46 ----A---- C:\ProgramData\HPWALog.txt 2014-01-18 14:17:57 ----SHD---- C:\windows\Installer 2014-01-18 14:17:55 ----D---- C:\windows\system32\drivers 2014-01-18 14:17:55 ----D---- C:\windows\inf 2014-01-18 14:17:53 ----D---- C:\windows\system32\DriverStore 2014-01-18 14:17:53 ----D---- C:\windows\system32\catroot 2014-01-18 14:15:59 ----D---- C:\Program Files\Common Files 2014-01-18 01:44:46 ----A---- C:\windows\system32\PerfStringBackup.INI 2014-01-18 01:39:37 ----D---- C:\ProgramData\LogMeIn 2014-01-16 16:23:25 ----D---- C:\Program Files\SearchProtect 2014-01-15 09:24:43 ----D---- C:\windows\winsxs 2014-01-15 09:13:39 ----D---- C:\windows\system32\MRT 2014-01-15 09:11:38 ----A---- C:\windows\system32\MRT.exe 2014-01-15 08:04:26 ----D---- C:\windows\system32\catroot2 2014-01-14 13:17:56 ----D---- C:\Program Files\Common Files\microsoft shared 2014-01-14 13:17:22 ----D---- C:\windows\Logs 2014-01-12 14:43:07 ----SD---- C:\Users\Brigitte\AppData\Roaming\Microsoft 2014-01-12 13:32:59 ----D---- C:\Users\Brigitte\AppData\Roaming\vlc 2014-01-11 19:18:28 ----SHD---- C:\$Recycle.Bin 2014-01-09 13:30:24 ----D---- C:\Program Files\F-Secure 2014-01-09 13:29:44 ----D---- C:\ProgramData\fssg 2014-01-09 13:29:38 ----D---- C:\Windows 2014-01-09 13:24:33 ----D---- C:\ProgramData\MFAData 2014-01-09 13:24:33 ----D---- C:\ProgramData\AVG2014 2014-01-07 11:19:22 ----AD---- C:\ProgramData\TEMP 2014-01-06 21:28:10 ----A---- C:\windows\system32\FlashPlayerApp.exe 2013-12-28 21:22:56 ----D---- C:\windows\system32\Tasks 2013-12-28 21:22:55 ----D---- C:\windows\Tasks 2013-12-19 17:49:22 ----D---- C:\windows\system32\wdi ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-08 331288] R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200] R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440] R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 175360] R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2013-07-17 77192] R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2013-07-17 90704] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880] R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [2011-07-12 67664] R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128] R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 296064] R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128] R2 LMIInfo;LogMeIn Kernel Information Provider; \??\c:\Program Files\LogMeIn\x86\RaInfo.sys [2013-06-02 13624] R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 47640] R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328] R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-03 242240] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [2013-07-17 154464] R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-07-16 15872] R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-01-25 6282240] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880] R3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys [2011-09-16 10144] R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 133632] R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2011-09-08 1117800] R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-01-30 73344] R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2010-01-29 423424] R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728] R3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2013-07-17 340624] R3 vpcbus;Hostbusservice voor Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416] R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336] R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336] S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704] S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720] S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312] S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 30312] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888] S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816] S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696] S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728] S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416] S3 btwaudio;Bluetooth-audioapparaat; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 86056] S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072] S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472] S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248] S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368] S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536] S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632] S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304] S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064] S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776] S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808] S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680] S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2013-08-20 182680] S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 28032] S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720] S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224] S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2012-02-15 43520] S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352] S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328] S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736] S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920] S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 388096] S4 LMIRfsClientNP;LMIRfsClientNP; C:\windows\system32\drivers\LMIRfsClientNP.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088] R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928] R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [2009-03-03 81920] R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144] R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504] R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232] R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-01-01 2301216] R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272] R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840] R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe [2013-12-11 494136] R2 LMIGuardianSvc;LMIGuardianSvc; c:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2013-12-14 375120] R2 LMIMaint;LogMeIn Maintenance Service; c:\Program Files\LogMeIn\x86\RaMaint.exe [2013-12-14 202576] R2 LogMeIn;LogMeIn; c:\Program Files\LogMeIn\x86\LogMeIn.exe [2011-09-16 390528] R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-01-12 120128] R2 MgAssistService;MgAssist Service; C:\Program Files\Mobogenie\MgAssist.exe [2014-01-09 63168] R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 20992] R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [2010-01-29 229458] R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Brigitte\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-12-21 1205760] R2 Update glindorus;Update glindorus; C:\Program Files\glindorus\updateglindorus.exe [2014-01-14 97056] R2 Util glindorus;Util glindorus; C:\Program Files\glindorus\bin\utilglindorus.exe [2014-01-14 97056] R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 20992] R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-12-17 230968] R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 821608] R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [] S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-18 116648] S2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06 257416] S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992] S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-18 116648] S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 108032] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352] S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000] S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752] S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392] S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992] S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1343400] S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992] S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240] -----------------EOF-----------------
  5. Fonzer
    De pc draait weer gelijk nieuw! Thnx voor de hulp! Steven
  6. Fonzer
    Alle problemen zijn inderdaad verdwenen..... De snelheid is nog wel wat aan de trage kant, maar daar werken we aan. Ik volg de instructies van het forum om de snelheid terug te krijgen zoals ze was. Ik denk dat er gewoon te veel programma's worden meegesleurd bij het opstarten.... (ik zal samen met mijn vader eens bekijken wat hij niet nodig heeft . Bedankt voor de snelle en professionele hulp. Steven
  7. Fonzer
    Kape, bedankt voor de snelle reactie... hieronder de gevraagde logjes: HIJACK AdwCleaner en tenslotte Malwarebytes
  8. Fonzer
    Hallo daar, Mijn vader heeft weer prijs.... Het politievirus. Deze keer niet van FCCU (België) maar van "Groot-Brittannië". Het vervelende scherm heb ik reeds weg gekregen met behulp van de windowsunlocker van Kaspersky, zoals beschreven in dit forum. Kunnen jullie echter eens vlug een blik werpen op onderstaand hijack-logje. De computer werkt immers zeer traag.... Alvast bedankt, Steven
  9. Fonzer
    Yeaaahhhh..... De pc loopt weer als een treintje.... Mijn vader zal gelukkig zijn! Muchas Gracias voor de snelle en goede hulp :adore: Steven
  10. Fonzer
    Jawel jawel.... ik heb ze kunnen verwijderen.... hieronder een logje van de scan die ik juist nog eens laten lopen heb... Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.09.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Lucien :: PC_VAN_LUCIEN [administrator] 10/04/2012 18:12:40 mbam-log-2012-04-10 (18-12-40).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 220328 Verstreken tijd: 4 minuut/minuten, 8 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Greetz Steven
  11. Fonzer
    Hallo iedereen, Hey Kape, Na veel geduld is het gevraagde mij eindelijk gelukt. Het programmatje Malwarebytes bleef maar vastlopen bij het verwijderen van de "infecties". Tevergeefs de computer opnieuw opgestart, opnieuw Malwarebytes geïnstalleerd... Uiteindelijk heb ik de computer door Ad-Aware laten scannen, voor maar liefst 6 uur. Deze heeft wel alle gevonden infecties kunnen verwijderen. Vervolgens terug Malwarebytes laten runnen, en ook deze kon nu de gevonden "infecties" verwijderen. Ik heb hem vervolgens nog eens laten runnen... met als resultaat geen infectie meer! Hieronder nog een postje van Malwarebytes .... Malwarebytes Anti-Malware 1.61.0.1400 www.malwarebytes.org Databaseversie: v2012.04.09.07 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Lucien :: PC_VAN_LUCIEN [administrator] 10/04/2012 15:38:00 mbam-log-2012-04-10 (15-55-22).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 256874 Verstreken tijd: 14 minuut/minuten, 45 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 9 C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\Bin (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\Bin\2.5.1 (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\cs (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\cs\antiphishing (Adware.SmartShopper) -> Geen actie ondernomen. C:\syst63e.bin (Trojan.SpyEyes) -> Geen actie ondernomen. Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Ik hoop dat we er nu vanaf zijn..... Kape ==> Greetz Steven
  12. Fonzer
    Beste Kape, Bedankt voor de supper snelle reactie! We hebben gedaan wat je vroeg... al lukte de scan met Malwarebytes Anti-Malware niet zoals gehoopt! Ik heb het programma 3 x in veilige modus laten lopen... toch bij het verwijderen van de "infecties" liep het steeds vast. Wij hebben het programma vervolgens in de "normale" windows laten lopen. Ook hier loopt hij vast bij het verwijderen... Ik krijg die infecties dus niet weg... Ik post hieronder een logje dat ik maakte voor het verwijderen van de infecties: Malwarebytes Anti-Malware 1.60.1.1000 www.malwarebytes.org Databaseversie: v2012.04.09.05 Windows Vista Service Pack 2 x86 NTFS Internet Explorer 9.0.8112.16421 Lucien :: PC_VAN_LUCIEN [administrator] 9/04/2012 19:16:12 mbam-log-2012-04-09 (19-29-44).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 256539 Verstreken tijd: 11 minuut/minuten, 11 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 12 C:\Users\Lucien\AppData\Roaming\SystemProc (Trojan.Agent) -> Geen actie ondernomen. C:\Program Files\FunWebProducts (PUP.MyWebSearch) -> Geen actie ondernomen. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D} (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Mozilla Firefox\extensions\{9CE11043-9A15-4207-A565-0C94C42D590D}\chrome\content (Worm.Prolaco.M) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\Bin (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\Bin\2.5.1 (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\cs (Adware.SmartShopper) -> Geen actie ondernomen. C:\Program Files\Smart-Shopper\cs\antiphishing (Adware.SmartShopper) -> Geen actie ondernomen. C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartShopper (Adware.SmartShopper) -> Geen actie ondernomen. C:\syst63e.bin (Trojan.SpyEyes) -> Geen actie ondernomen. Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Hieronder een HiJack-logje Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 19:32:18, on 9/04/2012 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Program Files\Windows Defender\MSASCui.exe C:\hp\support\hpsysdrv.exe C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe C:\WINDOWS\RtHDVCpl.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\HP\HP Software Update\hpwuschd2.exe C:\WINDOWS\System32\rundll32.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Belgium Identity Card\beid35gui.exe C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe C:\Program Files\Windows Media Player\wmpnscfg.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\WinZip\WZQKPICK.EXE C:\Windows\system32\wbem\unsecapp.exe C:\WINDOWS\System32\rundll32.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files\Telenet Security Pack\Common\FSLAUNCHER0.EXE C:\Windows\system32\conime.exe C:\hp\kbd\kbd.exe C:\Windows\System32\mobsync.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Windows\system32\Macromed\Flash\FlashUtil11g_ActiveX.exe C:\HIJACK\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HP | MSN R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files\Telenet Security Pack\NRS\iescript\baselitmus.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe O4 - HKLM\..\Run: [KBD] C:\HP\KBD\KbdStub.EXE O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [CCUTRAYICON] FactoryMode O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\Telenet Security Pack\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\Telenet Security Pack\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 10\Nero BackItUp\NBAgent.exe" /WinStart O4 - HKLM\..\Run: [Family Tree Builder Update] C:\Program Files\MyHeritage\Bin\FTBCheckUpdates.exe O4 - HKLM\..\Run: [hmonitor] C:\Program Files\Hmonitor\hmonitor.exe O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - HKCU\..\Run: [TomTomHOME.exe] "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s O4 - HKCU\..\Run: [uIWatcher] C:\Program Files\Ashampoo\Ashampoo UnInstaller 3\UIWatcher.exe O4 - HKCU\..\Run: [HPADVISOR] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY O4 - HKCU\..\Run: [AutoStartNPSAgent] C:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe O4 - HKCU\..\Run: [Auto Run Software for Photo Frame] "C:\Program Files\Philips\Philips PhotoFrame\PhotoManager.exe" /autorun O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.911.3380\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden O4 - HKCU\..\Run: [spotify] "C:\Users\Lucien\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe O4 - Startup: OneNote 2007 Schermopname en Snel starten.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.5.3.cab O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2009.07.28_v5.5.8.1/FacebookPhotoUploader55.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Intel® Alert Service (AlertService) - Intel® Corporation - C:\Program Files\Intel\IntelDH\CCU\AlertService.exe O23 - Service: SAMSUNG AllShare Service (AllShare) - Unknown owner - C:\Program Files\Samsung\SAMSUNG PC Share Manager\WiselinkPro.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: DQLWinService - Unknown owner - C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - Unknown owner - C:\Program Files\Telenet Security Pack\Anti-Virus\fsgk32st.exe O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\FWES\Program\fsdfwd.exe O23 - Service: FSMA - F-Secure Corporation - C:\Program Files\Telenet Security Pack\Common\FSMA32.EXE O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files\Telenet Security Pack\ORSP Client\fsorsp.exe O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe O23 - Service: Intel® Software Services Manager (ISSM) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\ISSM.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: Intel® Viiv Media Server (M1 Server) - Unknown owner - C:\Program Files\Intel\IntelDH\Intel Media Server\Media Server\bin\mediaserver.exe O23 - Service: Intel® Application Tracker (MCLServiceATL) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\MCLServiceATL.exe O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe O23 - Service: PC Speed Up Service (PCSUService) - Unknown owner - C:\Program Files\PC Speed Up\PCSUService.exe O23 - Service: Intel® Remoting Service (Remote UI Service) - Intel® Corporation - C:\Program Files\Intel\IntelDH\Intel Media Server\Shells\Remote UI Service.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies, Inc. - C:\Program Files\WinPcap\rpcapd.exe O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe O23 - Service: TeamViewer 6 (TeamViewer6) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version6\TeamViewer_Service.exe O23 - Service: TomTomHOMEService - TomTom - C:\Program Files\TomTom HOME 2\TomTomHOMEService.exe O23 - Service: ZiggyTV Toolbar Helper - ZiggyTV - C:\Program Files\ZiggyTV Toolbar\ZiggyTVSvc.exe -- End of file - 13446 bytes Ik moet wel zeggen dat voor de rest alles wel lijkt te werken.... dus voor deze al heel erg bedankt!
  13. Fonzer
    Beste, Mijn vader zijn computer is geïnfecteerd met het FCCU-virus. Wij hebben reeds alles geprobeerd om het kwijt te raken. Hebben zelf de raad gevolgd op de site van de Fed. Pol., maar spijtig genoeg zonder resultaat. Ik ben wel in de mogelijkheid geweest om op te starten in de veilige modus met netwerkmogelijkheden. Wij hebben een HiJack-logje gemaakt... Zie hieronder.... Kunnen jullie eens kijken en eventueel wat hulp bieden? Alvast bedankt, Steven
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.