Ga naar inhoud

philspain

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    156

  • Registratiedatum

  • Laatst bezocht

 Inhoudstype 

Alles dat geplaatst werd door philspain

  1. philspain
    Logfile of random's system information tool 1.09 (written by random/random) Run by User at 2013-10-31 12:38:29 Microsoft® Windows Vista™ Home Premium Service Pack 2 System drive C: has 53 GB (47%) free of 114 GB Total RAM: 3069 MB (61% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:38:55, on 31/10/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19088) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2014\avgui.exe C:\Windows\PLFSetL.exe C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIVE.EXE C:\Windows\System32\mobsync.exe C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\User\Desktop\RSIT.exe C:\Program Files\trend micro\User.exe C:\Windows\system32\DllHost.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2530 Series" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: CSPEH - Unknown owner - C:\Users\User\AppData\Local\Temp\CSPEH.exe (file missing) O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HDYEHKZ - Unknown owner - C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: SGNITIQPEOFL - Unknown owner - C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 6346 bytes ======Scheduled tasks folder====== C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job C:\Windows\tasks\bestLyrics-34-chromeinstaller.job C:\Windows\tasks\bestLyrics-34-codedownloader.job C:\Windows\tasks\bestLyrics-34-enabler.job C:\Windows\tasks\bestLyrics-34-firefoxinstaller.job C:\Windows\tasks\bestLyrics-34-updater.job C:\Windows\tasks\GoogleUpdateTaskMachineCore.job C:\Windows\tasks\GoogleUpdateTaskMachineUA.job C:\Windows\tasks\PerfectOptimizer_home.job C:\Windows\tasks\User_Feed_Synchronization-{D6A5BA18-8CD6-4C00-B34F-1C1CF83A5543}.job =========Mozilla firefox========= ProfilePath - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default prefs.js - "browser.startup.homepage" - "www.hln.be" prefs.js - "extensions.enabledItems" - "{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.3.6, {1E73965B-8B48-48be-9C8D-68B920ABC1C4}:10.0.0.1319, {e001c731-5e37-4538-a5cb-8168736a2360}:0.9.9.90, {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.8.6, {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}:6.0.17, {CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}:6.0.19, {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}:6.0.20, {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}:6.0.21, {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}:6.0.22, {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23, {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24, performeroptimum@livejasmin.com:3.1.5.5, scrapbookplus@addons.mozilla.org:1.8.17.31, {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1319, zigboom@hotmail.com:1.3.1, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.19, flaminglow-ff3-30@glowplug.bitasylum.net:4.0.3.06, glowygold-ff3-30@glowplug.bitasylum.net:4.0.3.06, {de5809e0-2b07-11dd-bd0b-0800200c9a66}:1.2.0, {07b2a769-ed19-4483-87ce-c643914c81bb}:3.0.0.91" prefs.js - "keyword.URL" - "http://search.ividi.org/?src=tbsp&id=b4998904000000000000001f3c2a7970&affilt=3&q=" "{20a82645-c095-46ed-80e3-08825760534b}"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ "{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=] "Description"=iTunes Detector Plug-in "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0] "Description"= "Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] "Description"=DivX Plus Web Player "Path"=C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] "Description"=DivX VOD Helper Plug-in "Path"=C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin] "Description"=Google Earth in your browser "Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.15.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Windows\system32\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.15.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6] "Description"=Yahoo Messenger State Plugin "Path"=C:\Program Files\Yahoo!\Shared\npYState.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] "Description"=Ag Player Plugin "Path"=c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308] "Description"=WLPG Install MIME type "Path"=C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5] "Description"=Windows Presentation Foundation plug-in for Mozilla browsers "Path"=C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nppl3260;version=6.0.12.448] "Description"=RealPlayer LiveConnect-Enabled Plug-In "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448] "Description"=6.0.12.448 "Path"=C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=] "Description"= "Path"= [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@RIM.com/WebSLLauncher,version=1.0] "Description"=BlackBerry Web Software Loading Helper Plug-In for Mozilla browsers "Path"=C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader] "Description"=Handles PDFs in-place in Firefox "Path"=C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll C:\Program Files\Mozilla Firefox\extensions\ {972ce4c6-7e08-4474-a285-3208198ce6fd} {CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} C:\Program Files\Mozilla Firefox\components\ binary.manifest browsercomps.dll C:\Program Files\Mozilla Firefox\plugins\ np-mswmp.dll npffividiplg.dll nppdf32.dll npqtplugin.dll npqtplugin2.dll npqtplugin3.dll npqtplugin4.dll npqtplugin5.dll npqtplugin6.dll npqtplugin7.dll QuickTimePlugin.class WMP Firefox Plugin License.rtf WMP Firefox Plugin RelNotes.txt C:\Program Files\Mozilla Firefox\searchplugins\ amazon-en-GB.xml avg_igeared.xml bing.xml chambers-en-GB.xml eBay-en-GB.xml google.xml twitter.xml wikipedia.xml yahoo-en-GB.xml C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\extensions\ 3fe3e99e-6ac7-4996-bc83-e4a963a1ce42@a89bad3e-4379-43b5-a94f-0dfcf2f8a23f.com zigboom@hotmail.com {ACAA314B-EEBA-48e4-AD47-84E31C44796C} {b9db16a4-6edc-47ec-a1f4-b86292ed211d} C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\gca71xw1.default\searchplugins\ askcom.xml ividi.xml Mysearchdial.xml MyStart Search.xml SearchResults.xml Search_Results.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08 77424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}] DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2013-02-07 194912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java Plug-In SSV Helper - C:\Program Files\Java\jre7\bin\ssv.dll [2013-02-23 461216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8B8B2E80-1444-451D-AC8E-EB9A847F3887}] ividi Helper Object - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll [2013-07-25 301464] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}] Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-02-23 170912] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] {CCC7A320-B3CA-4199-B1A6-9F516DD69829} {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AVG_UI"=C:\Program Files\AVG\AVG2014\avgui.exe [2013-10-07 4908592] "Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576] "PLFSetL"=C:\Windows\PLFSetL.exe [2007-07-05 94208] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "fsm"= [] "EPLTarget\P0000000000000001"=C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE [2012-02-26 249440] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2013-05-08 41056] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-09-13 59720] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccleaner] C:\Program Files\CCleaner\CCleaner.exe [2009-10-22 1700664] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ClickPotatoLiteSA] C:\Program Files\ClickPotatoLite\bin\10.0.630.0\ClickPotatoLiteSA.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2013-04-04 887432] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Messenger (Yahoo!)] C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe [2009-11-10 5244216] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MobileBroadband] C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\MobileBroadband.exe [2011-06-28 279552] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PLFSetL] C:\Windows\PLFSetL.exe [2007-07-05 94208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl] C:\Windows\RtHDVCpl.exe [2007-09-27 4702208] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel] C:\Windows\Skytel.exe [2007-09-27 1826816] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSDMonitor] C:\Program Files\Common Files\PC Tools\sMonitor\SSDMonitor.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdateStar Drivers] C:\Program Files\UpdateStar Drivers\drivers.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\vProt] C:\Program Files\AVG Secure Search\vprot.exe [] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk] C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [2002-04-19 110592] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^User^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^IMVU.lnk] C:\Users\User\AppData\Roaming\IMVUClient\IMVUQualityAgent.exe --startup [] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "EnableUIADesktopToggle"=0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "BindDirectlyToPropertySetStorage"=0 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "msacm.imaadpcm"=imaadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "msacm.msadpcm"=msadp32.acm "midimapper"=midimap.dll "wavemapper"=msacm32.drv "VIDC.UYVY"=msyuv.dll "VIDC.YUY2"=msyuv.dll "VIDC.YVYU"=msyuv.dll "VIDC.IYUV"=iyuv_32.dll "VIDC.I420"=msh263.drv "VIDC.YVU9"=tsbyuv.dll "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "vidc.cvid"=iccvid.dll "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "aux1"=wdmaud.drv "MSVideo8"=VfWWDM32.dll "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave2"=wdmaud.drv "mixer2"=wdmaud.drv "midi2"=wdmaud.drv "msacm.siren"=sirenacm.dll "VIDC.FFDS"=ff_vfw.dll "vidc.XVID"=xvidvfw.dll "msacm.ac3filter"=ac3filter.acm "msacm.avis"=ff_acm.acm "vidc.DIVX"=DivX.dll "vidc.yv12"=DivX.dll ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 ======List of files/folders created in the last 1 month====== 2013-10-31 12:38:29 ----D---- C:\rsit 2013-10-31 12:38:29 ----D---- C:\Program Files\trend micro 2013-10-30 14:22:51 ----D---- C:\Windows\ERDNT 2013-10-30 14:22:13 ----D---- C:\Program Files\ERUNT 2013-10-28 18:40:50 ----D---- C:\Program Files\iVIDI.org plugin 2013-10-28 18:40:09 ----D---- C:\Program Files\bestLyrics-34 2013-10-24 19:00:14 ----D---- C:\Program Files\Common Files\snp2uvc 2013-10-24 18:52:55 ----SHD---- C:\Config.Msi 2013-10-24 18:06:26 ----D---- C:\Program Files\Unitech LLC 2013-10-24 18:06:01 ----D---- C:\Users\User\AppData\Roaming\Unitech LLC 2013-10-24 18:00:44 ----D---- C:\Users\User\AppData\Roaming\AVG2014 2013-10-24 17:55:08 ----D---- C:\ProgramData\AVG2014 2013-10-13 13:41:48 ----D---- C:\Program Files\iPod 2013-10-13 13:41:46 ----D---- C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2013-10-13 13:41:46 ----D---- C:\Program Files\iTunes 2013-10-13 13:38:28 ----D---- C:\Program Files\Apple Software Update 2013-10-13 12:50:20 ----D---- C:\Program Files\jZip 2013-10-08 14:08:52 ----D---- C:\Users\User\AppData\Roaming\Spotify ======List of files/folders modified in the last 1 month====== 2013-10-31 12:38:44 ----D---- C:\Windows\Prefetch 2013-10-31 12:38:29 ----D---- C:\Program Files 2013-10-31 12:38:24 ----D---- C:\Windows\Temp 2013-10-31 12:37:40 ----D---- C:\ProgramData\MFAData 2013-10-30 17:12:33 ----D---- C:\Windows\system32\drivers 2013-10-30 16:55:42 ----SHD---- C:\System Volume Information 2013-10-30 14:29:52 ----D---- C:\Windows\System32 2013-10-30 14:22:51 ----D---- C:\Windows 2013-10-30 14:16:11 ----D---- C:\Windows\inf 2013-10-30 14:16:11 ----A---- C:\Windows\system32\PerfStringBackup.INI 2013-10-30 14:08:18 ----D---- C:\Windows\SoftwareDistribution 2013-10-30 14:07:16 ----D---- C:\Program Files\4shared Desktop 2013-10-28 18:40:44 ----D---- C:\Windows\Tasks 2013-10-28 18:40:44 ----D---- C:\Windows\system32\Tasks 2013-10-24 20:10:00 ----RSD---- C:\Windows\Fonts 2013-10-24 19:00:16 ----D---- C:\Windows\SUYIN NB Cam 2013-10-24 19:00:15 ----D---- C:\Windows\twain_32 2013-10-24 19:00:15 ----D---- C:\Windows\system32\x64 2013-10-24 19:00:15 ----D---- C:\Windows\system32\drivers\x64 2013-10-24 19:00:14 ----D---- C:\Program Files\Common Files 2013-10-24 18:52:57 ----SHD---- C:\Windows\Installer 2013-10-24 18:28:09 ----HD---- C:\ProgramData 2013-10-24 18:24:26 ----D---- C:\Program Files\Mozilla Firefox 2013-10-24 18:01:41 ----D---- C:\Program Files\AVG 2013-10-15 14:40:58 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2013-10-13 15:58:42 ----D---- C:\Windows\system32\catroot 2013-10-13 13:41:48 ----D---- C:\Program Files\Common Files\Apple 2013-10-11 12:24:28 ----D---- C:\Windows\system32\catroot2 ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R0 AVGIDSHX;AVGIDSHX; C:\Windows\system32\DRIVERS\avgidshx.sys [2013-09-02 145720] R0 Avglogx;AVG Logging Driver; C:\Windows\system32\DRIVERS\avglogx.sys [2013-09-02 223032] R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx86.sys [2013-08-20 102200] R0 Avgrkx86;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx86.sys [2013-09-08 27448] R1 Avgdiskx;AVG Disk Driver; C:\Windows\system32\DRIVERS\avgdiskx.sys [2013-09-25 120632] R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdriverx.sys [2013-09-02 209208] R1 AVGIDSShim;AVGIDSShim; C:\Windows\system32\DRIVERS\avgidsshimx.sys [2013-09-10 22840] R1 Avgldx86;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx86.sys [2013-09-02 176952] R1 Avgtdix;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdix.sys [2013-08-01 193848] R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx86.sys [2013-08-01 37664] R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2007-08-07 12672] R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-08-08 45568] R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008] R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400] R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-08-07 8704] R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-05-09 3552256] R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-21 179712] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2012-08-21 26840] R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544] R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2007-08-07 984064] R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2007-08-07 208384] R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-27 1950552] R3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664] R3 RimVSerPort;RIM Virtual Serial Port v2; C:\Windows\system32\DRIVERS\RimSerial.sys [2009-01-09 27136] R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192] R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088] R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2007-08-13 1749376] R3 vodafone_K3805-z_dc_enum;Vodafone K3805-z DC Enumerator (ZTE); C:\Windows\system32\DRIVERS\vodafone_K3805-z_dc_enum.sys [2010-09-01 80000] R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2007-08-07 660480] R3 winbondcir;Winbond IR Transceiver; C:\Windows\system32\DRIVERS\winbondcir.sys [2007-03-28 43008] S3 dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584] S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384] S3 Dot4Scan;Scan Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Scan.sys [2008-01-21 10752] S3 dot4usb;Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864] S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632] S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2008-01-21 200704] S3 Huawei;HUAWEI Mobile Connect - USB Smart Card Reader; C:\Windows\system32\DRIVERS\ewdcsc.sys [] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [] S3 hwusbfake;Huawei DataCard USB Fake; C:\Windows\system32\DRIVERS\ewusbfake.sys [] S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192] S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888] S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504] S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016] S3 RimUsb;BlackBerry Smartphone; C:\Windows\System32\Drivers\RimUsb.sys [2008-05-20 22784] S3 SynasUSB;SynasUSB; C:\Windows\system32\drivers\SynasUSB.sys [2006-11-23 18432] S3 TASCAM_US122144;TASCAM USB 2.0 Audio Device driver; C:\Windows\System32\Drivers\tascusb2.sys [2008-07-25 367616] S3 TASCAM_US122L_MIDI;TASCAM US-122L WDM MIDI Device; C:\Windows\system32\drivers\tscusb2m.sys [2008-07-25 18944] S3 TASCAM_US122L_WDM;TASCAM US-122L WDM; C:\Windows\system32\drivers\tscusb2a.sys [2008-07-25 33792] S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2012-12-13 45056] S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328] S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016] S3 vodafone_K3805-z_cdc_acm;Vodafone K3805-z CDC-ACM driver (ZTE); C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_acm.sys [2010-09-01 85888] S3 vodafone_K3805-z_cdc_ecm;vodafone_K3805-z_cdc_ecm; C:\Windows\system32\DRIVERS\vodafone_K3805-z_cdc_ecm.sys [2010-09-01 50304] S3 vodafone_K3805-z_cpo;Vodafone K3805-z Install; C:\Windows\system32\DRIVERS\vodafone_K3805-z_cpo.sys [2010-09-01 9728] S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-10-01 40448] S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328] S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2009-04-11 6656] S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2013-09-07 55624] R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-05-08 671744] R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [2013-10-03 3538480] R2 avgwd;AVG WatchDog; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [2013-09-25 301152] R2 EpsonScanSvc;Epson Scanner Service; C:\Windows\system32\EscSvc.exe [2011-12-11 122000] R2 VmbService;Vodafone Mobile Broadband Service; C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe [2011-06-28 9216] R2 vToolbarUpdater15.4.0;vToolbarUpdater15.4.0; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe [2013-08-01 1616048] R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-28 1713536] R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-08-07 386560] R3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-21 21504] S2 gupdate;Servicio Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176] S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-03-01 161384] S3 CSPEH;CSPEH; C:\Users\User\AppData\Local\Temp\CSPEH.exe [] S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2011-01-19 136176] S3 HDYEHKZ;HDYEHKZ; C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe [] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2013-10-01 553288] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-04-18 115608] S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712] S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184] S3 SGNITIQPEOFL;SGNITIQPEOFL; C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe [] -----------------EOF-----------------
  2. philspain
    Hallo, Tijdens het surfen gaat ie soms zeer traag ! Ik heb gescant met MBAM en die vond een paar "POP UPTIONAL CROSSRIDER A" malware Toch maar even een HJTHS logje geplaatst. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 14:32:37, on 30/10/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19088) FIREFOX: 20.0.1 (en-GB) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\AVG\AVG2014\avgui.exe C:\Windows\PLFSetL.exe C:\Windows\System32\spool\drivers\w32x86\3\E_TATIIVE.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Users\User\Desktop\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O1 - Hosts: ::1 localhost O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: ividi Helper Object - {8B8B2E80-1444-451D-AC8E-EB9A847F3887} - C:\Program Files\Unitech LLC\ividi\1.8.23.0\bh\ividi.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2014\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [PLFSetL] C:\Windows\PLFSetL.exe O4 - HKCU\..\Run: [EPLTarget\P0000000000000001] C:\Windows\system32\spool\DRIVERS\W32X86\3\E_TATIIVE.EXE /EPT "EPLTarget\P0000000000000001" /M "WF-2530 Series" O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\User\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\IMVU\Run IMVU.lnk (file missing) O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2014\avgwdsvc.exe O23 - Service: CSPEH - Unknown owner - C:\Users\User\AppData\Local\Temp\CSPEH.exe (file missing) O23 - Service: Epson Scanner Service (EpsonScanSvc) - Seiko Epson Corporation - C:\Windows\system32\EscSvc.exe O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: HDYEHKZ - Unknown owner - C:\Users\User\AppData\Local\Temp\HDYEHKZ.exe (file missing) O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: SGNITIQPEOFL - Unknown owner - C:\Users\User\AppData\Local\Temp\SGNITIQPEOFL.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: Vodafone Mobile Broadband Service (VmbService) - Vodafone - C:\Program Files\Vodafone\Vodafone Mobile Broadband\Bin\VmbService.exe O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe -- End of file - 5838 bytes
  3. philspain
    Hallo, sorry ik ben een tijdje weg geweest, ik heb gedaan als gevraagd maar m'n probleem is nog niet opgelost, ook op externe speakers blijft ie haperen ! Het is alsof iets teveel CPU vraagt en dat daarom m'n player niet normaal werkt ? Geen idee ik ben maar aan het raden !
  4. philspain
    Oh sorry, Het is een SAMSUNG notebook, model NC10 ; 10 inch Ja het is mogelijk om aan te sluiten op externe speakers
  5. philspain
    http://speccy.piriform.com/results/Q23wmVggEdUeieJykggifjB
  6. philspain
    Ik heb het geprobeerd doch het heeft niet geholpen.
  7. philspain
    Gewoon mp3 , ook als ik spotify open en een song start blijft de song steeds hangen ? Hetzelfde met windows mediaplayer, en andere players ? Ik denk dat er iets scheelt met m'n soundkaart ?
  8. philspain
    Hallo, ik vind het raar dat 156 mensen mijn berichtje gezien hebben en dat ik geen 1 reactie heb ontvangen ?
  9. philspain
    Ik heb sinds kort een probleem ! Ik heb verschillende media music players op m'n notebook ! Welke ik ook gebruik - spotify, windows media player, karafun, ...enz, ze blijven allemaal haperen als ik een song afspeel !? Weet iemand hoe dit zou kunnen komen ? Thnx Phil
  10. philspain
    M'n pc is echt veel sneller nu ! Bedankt Kape ! Ik heb echter nog een probleem met m'n media player(s) ! Maar dat zal ik in een andere rubriek moeten plaatsen denk ik !
  11. philspain
    Ja hij is behoorlijk sneller nu !!
  12. philspain
    Het is gelukt !! # AdwCleaner v2.306 - Logfile created 08/01/2013 at 10:10:14 # Updated 19/07/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : User - SAMSUNG-3D2B3F4 # Boot Mode : Normal # Running from : C:\Documents and Settings\User\My Documents\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : BrowserDefendert ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\All Users\Application Data\BrowserDefender Deleted on reboot : C:\Documents and Settings\User\Application Data\BabSolution Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\bProtector_extensions.rdf File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\bprotector_extensions.sqlite File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\bprotector_prefs.js File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\searchplugins\Babylon.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\searchplugins\BrowserDefender.xml File Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\bProtector Web Data File Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\bprotectorpreferences Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon Folder Deleted : C:\Documents and Settings\User\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\User\Application Data\delta Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\ffxtlbr@delta.com Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\AVG Secure Search Folder Deleted : C:\Documents and Settings\User\Start Menu\Programs\BrowserDefender Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\delta ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\261519~1.190\{c16c1~1\browse~1.dll Key Deleted : HKCU\Software\5ae8a8bb735b945 Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\BabSolution Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Delta Key Deleted : HKCU\Software\Iminent Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKLM\SOFTWARE\5ae8a8bb735b945 Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D616A4A2-7B38-4DBC-9093-6FE7A4A21B17} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaappCore.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd Key Deleted : HKLM\SOFTWARE\Classes\delta.deltadskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr Key Deleted : HKLM\SOFTWARE\Classes\delta.deltaHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc Key Deleted : HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7} Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF} Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\Delta Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0238BBE24EA3A70408B81E4BB89C15E5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\29799DE249E7DBC459FC6C8F07EB8375 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\43C098337DB065A49B665D4EA7F16D1C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A71991503412AEB42838B02C5ED9F9CD Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F7652513C62FF63448CFF05163719DB7 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchTheWebARP Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKU\S-1-5-21-1409082233-706699826-527237240-1004\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page] Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{82E1477C-B154-48D3-9891-33D83C26BCD3}] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - bProtectTabs] = hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=18DB00242CD9CF88&affID=119752&tsp=4960 --> hxxp://www.google.com -\\ Mozilla Firefox v22.0 (en-US) File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\prefs.js C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\user.js ... Deleted ! Deleted : user_pref("browser.newtab.url", "hxxp://www1.delta-search.com/?babsrc=NT_ss&mntrId=18DB00242CD9CF88&[...] Deleted : user_pref("browser.search.order.1", "Delta Search"); Deleted : user_pref("browser.search.selectedEngine", "Delta Search"); Deleted : user_pref("browser.startup.homepage", "hxxp://www1.delta-search.com/?babsrc=HP_ss&mntrId=18DB00242CD[...] Deleted : user_pref("extensions.delta.admin", false); Deleted : user_pref("extensions.delta.aflt", "babsst"); Deleted : user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); Deleted : user_pref("extensions.delta.autoRvrt", "false"); Deleted : user_pref("extensions.delta.dfltLng", "en"); Deleted : user_pref("extensions.delta.excTlbr", false); Deleted : user_pref("extensions.delta.ffxUnstlRst", true); Deleted : user_pref("extensions.delta.id", "18db39e400000000000000242cd9cf88"); Deleted : user_pref("extensions.delta.instlDay", "15917"); Deleted : user_pref("extensions.delta.instlRef", "sst"); Deleted : user_pref("extensions.delta.newTab", false); Deleted : user_pref("extensions.delta.prdct", "delta"); Deleted : user_pref("extensions.delta.prtnrId", "delta"); Deleted : user_pref("extensions.delta.rvrt", "false"); Deleted : user_pref("extensions.delta.smplGrp", "none"); Deleted : user_pref("extensions.delta.tlbrId", "base"); Deleted : user_pref("extensions.delta.tlbrSrchUrl", ""); Deleted : user_pref("extensions.delta.vrsn", "1.8.22.0"); Deleted : user_pref("extensions.delta.vrsni", "1.8.22.0"); Deleted : user_pref("extensions.delta.vrsnTs", "1.8.22.018:01:44"); Deleted : user_pref("extensions.delta_i.babExt", ""); Deleted : user_pref("extensions.delta_i.babTrack", "affID=119752&tsp=4960"); Deleted : user_pref("extensions.delta_i.srcExt", "ss"); -\\ Google Chrome v28.0.1500.72 File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.3053] : urls_to_restore_on_startup ={"restore_on_startup": 4, [ "hxxp://www1.delta-search.com/?babsrc=HP_[...] ************************* AdwCleaner[s1].txt - [353 octets] - [20/07/2013 18:20:27] AdwCleaner[s2].txt - [50213 octets] - [20/07/2013 18:21:10] AdwCleaner[s3].txt - [17275 octets] - [01/08/2013 10:10:14] ########## EOF - C:\AdwCleaner[s3].txt - [17336 octets] ##########
  13. philspain
    Geen onregelmatigheden bij cpu ontdekt in taakbeheer. Heb nog wat programma's verwijderd die ik niet meer gebruik, en nog even eens een hijack logje gemaakt ! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 16:32:34, on 31/07/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG2013\avgrsx.exe C:\Program Files\AVG\AVG2013\avgcsrvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files\AVG\AVG2013\avgidsagent.exe C:\Program Files\AVG\AVG2013\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\mmrtkrnl.exe C:\WINDOWS\system32\igfxpers.exe C:\WINDOWS\system32\hkcmd.exe C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\AVG\AVG2013\avgui.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\Program Files\AVG\AVG2013\avgnsx.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\loggingserver.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\igfxext.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe -- End of file - 7637 bytes
  14. philspain
    Nee dat heb ik niet meer, is in een winkel vervangen ! Ik heb malwarebytes nog eens laten lopen en die heeft niets gevonden ! Heb jij een idee waarom mijn players (WMA , Karafun) haperen bij het afspelen ? Ik heb een gevoel dat er iets op mn pc draait dat veel cpu neemt, zou dat kunnen ?
  15. philspain
    Ik heb nog niet veel verbetering gemerkt eigenlijk. Het opstarten van programma's gaat erg traag, als ik bijvoorbeeld windows media player of karafun player run, dan blijven die haperen ! Iets dat ik vroeger nooit heb gehad ! Het is eigenlijk allemaal begonnen sinds ik een nieuw scherm heb laten steken !
  16. philspain
    Heb nieuwe zoek.exe gedownload, doch werkt nog steeds niet, ook niet in veilige modus !
  17. philspain
    Goedemorgen, de pc heeft de hele nacht gescand ! Er waren 18 medium risk objects, en er zijn er 15 in quarantine geplaatst ! De andere 3 niet ! Ik weet nu niet wat ik verder moet doen ! Hieronder het logje van de scan ! Emsisoft Emergency Kit - Version 4.0 Last update: 30/07/2013 20:10:26 User account: SAMSUNG-3D2B3F4\User Scan settings: Scan type: Deep Scan Objects: Rootkits, Memory, Traces, C:\ Detect Riskware: Off Scan archives: On ADS Scan: On File extension filter: Off Advanced caching: On Direct disk access: Off Scan start: 30/07/2013 20:11:26 Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> ADVERTISERCODE detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> BANNER detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> CREFERER detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> HOMEDIR detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> PROFILE detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> REFERER detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> SAFEMODE detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> UNINSTALL detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> UNINSTALL_LANG detected: Trace.Registry.Golden Palace Casino (A) Value: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\POKERINSTALLER -> FULLPATH detected: Trace.Registry.Pacific Poker (A) Value: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\POKERINSTALLER -> INSTALLER_GUID detected: Trace.Registry.Pacific Poker (A) Value: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\POKERINSTALLER -> URL_CASINO_2 detected: Trace.Registry.Pacific Poker (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\ETORO detected: Trace.Registry.eToro (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\ETORO detected: Trace.Registry.eToro (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER detected: Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER\POKER detected: Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER\POKER\INIT detected: Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\POKERINSTALLER detected: Trace.Registry.PacificPoker (A) Scanned 388830 Found 18 Scan end: 31/07/2013 05:24:01 Scan time: 9:12:35 Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER Quarantined Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER\POKER Quarantined Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\PACIFICPOKER\POKER\INIT Quarantined Trace.Registry.PacificPoker (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\POKERINSTALLER Quarantined Trace.Registry.PacificPoker (A) Key: HKEY_LOCAL_MACHINE\SOFTWARE\ETORO Quarantined Trace.Registry.eToro (A) Key: HKEY_USERS\S-1-5-21-1409082233-706699826-527237240-1004\SOFTWARE\ETORO Quarantined Trace.Registry.eToro (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> ADVERTISERCODE Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> BANNER Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> CREFERER Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> HOMEDIR Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> PROFILE Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> REFERER Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> SAFEMODE Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> UNINSTALL Quarantined Trace.Registry.Golden Palace Casino (A) Value: HKEY_LOCAL_MACHINE\SOFTWARE\GOLDEN PALACE CASINO PT -> UNINSTALL_LANG Quarantined Trace.Registry.Golden Palace Casino (A) Quarantined 15
  18. philspain
    ja ik vind het ongelooflijk, heb daarnet in veilige modus geprobeerd maar ook daar doet ie helemaal niets !
  19. philspain
    Goedemorgen, Ik heb zoek.exe gedownload, ik heb avg tijdelijk disabled . Doch als ik dubbelklik op zoek.exe gebeurt er helemaal niets ! Er komt voor 2 sconden een zandlopertje en dan verdwijnt dat en er gebeurt niets !
  20. philspain
    Hallo Kape ! nee ook niet in veilige modus !
  21. philspain
    Hallo, Sorry was even in het buitenland ! Ik heb Junkware removel gedownload, maar als ik het probeer te runnen doet ie helemaal niets !
  22. philspain
    Hallo Kape, ja gevonden, hieronder het gevraagde ! # AdwCleaner v2.305 - Logfile created 07/20/2013 at 18:21:10 # Updated 11/07/2013 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : User - SAMSUNG-3D2B3F4 # Boot Mode : Normal # Running from : C:\Documents and Settings\User\My Documents\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\elchiiiejkobdbblfejjkbphbddgmljf Deleted on reboot : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\searchplugins\Conduit.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\searchplugins\Search_Results.xml File Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\searchplugins\softonic.xml File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Deleted : C:\WINDOWS\system32\conduitEngine.tmp Folder Deleted : C:\Documents and Settings\All Users\Application Data\boost_interprocess Folder Deleted : C:\Documents and Settings\User\Application Data\dvdvideosoftiehelpers Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\Conduit Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\ConduitCommon Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\ConduitEngine Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\CT2438727 Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\CT2786678 Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\{75623d5d-4683-402a-b610-ac4bab767c86} Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\{7abe12ca-e995-4ab4-9a4e-ef8820a20182} Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\{7b13ec3e-999a-4b70-b9cb-2617b8323822} Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\engine@conduit.com Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\extensions\ffxtlbra@softonic.com Folder Deleted : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\jziptoolbargaw Folder Deleted : C:\Documents and Settings\User\Application Data\searchresultstb Folder Deleted : C:\Documents and Settings\User\Application Data\Softonic Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\Conduit Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\jZip Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\PackageAware Folder Deleted : C:\Documents and Settings\User\Local Settings\Application Data\uTorrentBar Folder Deleted : C:\Program Files\Common Files\DVDVideoSoft\TB Folder Deleted : C:\Program Files\Free Offers from Freeze.com Folder Deleted : C:\Program Files\Softonic Folder Deleted : C:\Program Files\uTorrentBar Folder Deleted : C:\Program Files\Windows iLivid Toolbar ***** [Registry] ***** Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Headlight Key Deleted : HKCU\Software\jZip Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9D717F81-9148-4F12-8568-69135F087DB0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKCU\Software\Softonic Key Deleted : HKCU\Software\uTorrentBar Key Deleted : HKCU\Software\YahooPartnerToolbar Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{44B50C01-4993-48E2-ADEE-D812BAE2E9A2} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A3E2F089-DDBB-4CBF-B06C-5D44DA316ED3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A5679AB0-C59E-49E7-83C4-5289F844A6E0} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA0167C2-6295-41B8-9BDA-704B2F5E4CD9} Key Deleted : HKLM\SOFTWARE\Classes\Conduit.Engine Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94} Key Deleted : HKLM\SOFTWARE\Classes\S Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd Key Deleted : HKLM\SOFTWARE\Classes\Softonic.dskBnd.1 Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr Key Deleted : HKLM\SOFTWARE\Classes\Softonic.SoftonicHlpr.1 Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore Key Deleted : HKLM\SOFTWARE\Classes\SoftonicApp.appCore.1 Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc Key Deleted : HKLM\SOFTWARE\Classes\srv.SoftonicSrvc.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2604146 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2786678 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{11D9E165-B8C1-4734-A56C-BC4FCACA966B} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B15F118E-AF21-45E8-A809-29FDD7362565} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\Software\Freeze.com Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\elchiiiejkobdbblfejjkbphbddgmljf Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\Software\Informer Technologies, Inc.\OpenCandy Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{898EA8C8-E7FF-479B-8935-AEC46303B9E5} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3614D305-2DBB-4991-9297-750DD60FFC73} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7ABE12CA-E995-4AB4-9A4E-EF8820A20182} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D4FBFFED-F534-48BE-917B-0106CFBF6EDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2102} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\conduitEngine Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Softonic Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar Key Deleted : HKLM\Software\SearchquSRTB Key Deleted : HKLM\Software\Softonic Key Deleted : HKLM\Software\uTorrentBar Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://search.softonic.com/MOY00013/tb_v1?SearchSource=15&cc= --> hxxp://www.google.com -\\ Mozilla Firefox v22.0 (en-US) File : C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\prefs.js C:\Documents and Settings\User\Application Data\Mozilla\Firefox\Profiles\yxa2rv9h.default\user.js ... Deleted ! Deleted : user_pref("CT2438727..clientLogIsEnabled", false); Deleted : user_pref("CT2438727..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2438727..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2438727.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Deleted : user_pref("CT2438727.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2438727.CTID", "CT2438727"); Deleted : user_pref("CT2438727.CommunitiesChangesLastCheckTime", "0"); Deleted : user_pref("CT2438727.CurrentServerDate", "22-12-2011"); Deleted : user_pref("CT2438727.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2438727.DialogsGetterLastCheckTime", "Tue Dec 20 2011 06:02:24 GMT+0100 (Romance Standa[...] Deleted : user_pref("CT2438727.DownloadReferralCookieData", ""); Deleted : user_pref("CT2438727.FirstServerDate", "19-1-2011"); Deleted : user_pref("CT2438727.FirstTime", true); Deleted : user_pref("CT2438727.FirstTimeFF3", true); Deleted : user_pref("CT2438727.FirstTimeSettingsDone", true); Deleted : user_pref("CT2438727.FixPageNotFoundErrors", true); Deleted : user_pref("CT2438727.GroupingInvalidateCache", false); Deleted : user_pref("CT2438727.GroupingLastCheckTime", "0"); Deleted : user_pref("CT2438727.GroupingLastServerUpdateTime", "0"); Deleted : user_pref("CT2438727.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2438727.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2438727.HasUserGlobalKeys", true); Deleted : user_pref("CT2438727.HomePageProtectorEnabled", false); Deleted : user_pref("CT2438727.HomepageBeforeUnload", "www.facebook.com"); Deleted : user_pref("CT2438727.Initialize", true); Deleted : user_pref("CT2438727.InitializeCommonPrefs", true); Deleted : user_pref("CT2438727.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2438727.InstalledDate", "Wed Jan 19 2011 11:44:54 GMT+0100 (Romance Standard Time)"); Deleted : user_pref("CT2438727.InvalidateCache", false); Deleted : user_pref("CT2438727.IsAlertDBUpdated", true); Deleted : user_pref("CT2438727.IsGrouping", false); Deleted : user_pref("CT2438727.IsMulticommunity", false); Deleted : user_pref("CT2438727.IsOpenThankYouPage", true); Deleted : user_pref("CT2438727.IsOpenUninstallPage", true); Deleted : user_pref("CT2438727.LanguagePackLastCheckTime", "Thu Dec 22 2011 11:37:19 GMT+0100 (Romance Standar[...] Deleted : user_pref("CT2438727.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2438727.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2438727.LastLogin_2.7.1.3", "Thu Jan 27 2011 05:37:10 GMT+0100 (Romance Standard Time)"[...] Deleted : user_pref("CT2438727.LastLogin_3.2.5.2", "Sat Apr 16 2011 09:50:12 GMT+0200 (Romance Daylight Time)"[...] Deleted : user_pref("CT2438727.LastLogin_3.8.1.0", "Thu Dec 22 2011 19:37:19 GMT+0100 (Romance Standard Time)"[...] Deleted : user_pref("CT2438727.LatestVersion", "3.8.1.0"); Deleted : user_pref("CT2438727.Locale", "en"); Deleted : user_pref("CT2438727.LoginCache", 4); Deleted : user_pref("CT2438727.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2438727.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2438727.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2438727.MyStuffEnabledAtInstallation", false); Deleted : user_pref("CT2438727.RadioLastCheckTime", "0"); Deleted : user_pref("CT2438727.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT2438727.RadioLastUpdateServer", "0"); Deleted : user_pref("CT2438727.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2438727.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Deleted : user_pref("CT2438727.SearchEngineBeforeUnload", "Search Results"); Deleted : user_pref("CT2438727.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2438727.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT243[...] Deleted : user_pref("CT2438727.SearchInNewTabEnabled", true); Deleted : user_pref("CT2438727.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2438727.SearchInNewTabLastCheckTime", "Thu Dec 22 2011 11:37:18 GMT+0100 (Romance Stand[...] Deleted : user_pref("CT2438727.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2438727.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...] Deleted : user_pref("CT2438727.SearchProtectorEnabled", false); Deleted : user_pref("CT2438727.SearchProtectorToolbarDisabled", true); Deleted : user_pref("CT2438727.ServiceMapLastCheckTime", "Thu Dec 22 2011 11:37:18 GMT+0100 (Romance Standard [...] Deleted : user_pref("CT2438727.SettingsCheckIntervalMin", 120); Deleted : user_pref("CT2438727.SettingsLastCheckTime", "Thu Dec 22 2011 18:54:47 GMT+0100 (Romance Standard Ti[...] Deleted : user_pref("CT2438727.SettingsLastUpdate", "1322100585"); Deleted : user_pref("CT2438727.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2438727.ThirdPartyComponentsLastCheck", "Sat Dec 17 2011 00:31:19 GMT+0100 (Romance Sta[...] Deleted : user_pref("CT2438727.ThirdPartyComponentsLastUpdate", "1312887586"); Deleted : user_pref("CT2438727.ToolbarDisabled", false); Deleted : user_pref("CT2438727.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2438727.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2438727"); Deleted : user_pref("CT2438727.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2438727.UserID", "UN43755211489171664"); Deleted : user_pref("CT2438727.ValidationData_Search", 0); Deleted : user_pref("CT2438727.ValidationData_Toolbar", 2); Deleted : user_pref("CT2438727.alertChannelId", "832836"); Deleted : user_pref("CT2438727.backendstorage.currentgame", "7A796E6761"); Deleted : user_pref("CT2438727.clientLogIsEnabled", true); Deleted : user_pref("CT2438727.clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.asm[...] Deleted : user_pref("CT2438727.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2438727.globalFirstTimeInfoLastCheckTime", "Thu Dec 22 2011 19:37:18 GMT+0100 (Romance [...] Deleted : user_pref("CT2438727.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2438727.initDone", true); Deleted : user_pref("CT2438727.isAppTrackingManagerOn", true); Deleted : user_pref("CT2438727.myStuffEnabled", true); Deleted : user_pref("CT2438727.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2438727.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2438727.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2438727.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2438727.oldAppsList", "129017707048431316,129017707048587567,111,129509324767711885,129[...] Deleted : user_pref("CT2438727.revertSettingsEnabled", true); Deleted : user_pref("CT2438727.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2438727.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2438727.testingCtid", ""); Deleted : user_pref("CT2438727.toolbarAppMetaDataLastCheckTime", "Thu Dec 22 2011 12:05:08 GMT+0100 (Romance S[...] Deleted : user_pref("CT2438727.toolbarContextMenuLastCheckTime", "Sat Dec 17 2011 00:31:22 GMT+0100 (Romance S[...] Deleted : user_pref("CT2438727.uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Reg[...] Deleted : user_pref("CT2438727.usagesFlag", 2); Deleted : user_pref("CT2604146..clientLogIsEnabled", false); Deleted : user_pref("CT2604146..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2604146..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2604146.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2604146.CTID", "CT2604146"); Deleted : user_pref("CT2604146.Chat.Meebo.ServerLastCheckTime", "Fri Apr 15 2011 18:26:55 GMT+0200 (Romance Da[...] Deleted : user_pref("CT2604146.Chat.Meebo.ServerLastResponseTime", "Fri Apr 15 2011 18:26:56 GMT+0200 (Romance[...] Deleted : user_pref("CT2604146.Chat.Meebo.rooms.2030dff2c5edb1", 14); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.30plusa87dca4f", 11); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.communitychat09d14109", 0); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.entertainmentc0ed09fb", 2); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.health3693b665", 2); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.musicj375cf270", 6); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.newsxu117b840d", 15); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.recreationab17d1f9", 1); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.spirituality39155c53", 0); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.sports522528d3", 0); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.technology8bb9fd5b", 0); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.teenagers833b8249", 4); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.travel8c2e48db", 2); Deleted : user_pref("CT2604146.Chat.Meebo.rooms.videogames2fe066e0", 2); Deleted : user_pref("CT2604146.Chat.ServerLastCheckTime", "Fri Apr 15 2011 16:53:31 GMT+0200 (Romance Daylight[...] Deleted : user_pref("CT2604146.CurrentServerDate", "15-4-2011"); Deleted : user_pref("CT2604146.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2604146.DownloadReferralCookieData", ""); Deleted : user_pref("CT2604146.EMailNotifierPollDate", "Fri Apr 15 2011 18:56:58 GMT+0200 (Romance Daylight Ti[...] Deleted : user_pref("CT2604146.FeedLastCount129163062160134584", 20); Deleted : user_pref("CT2604146.FeedLastCount129163062191696694", 0); Deleted : user_pref("CT2604146.FeedLastCount129163062192009197", 30); Deleted : user_pref("CT2604146.FeedPollDate128795077986382124", "Fri Apr 15 2011 16:53:31 GMT+0200 (Romance Da[...] Deleted : user_pref("CT2604146.FeedPollDate128795078397943899", "Fri Apr 15 2011 16:53:31 GMT+0200 (Romance Da[...] Deleted : user_pref("CT2604146.FeedPollDate128981243906575437", "Fri Apr 15 2011 18:36:57 GMT+0200 (Romance Da[...] Deleted : user_pref("CT2604146.FeedPollDate129163062191696694", "Fri Apr 15 2011 18:56:57 GMT+0200 (Romance Da[...] Deleted : user_pref("CT2604146.FeedTTL128795078397943899", 40); Deleted : user_pref("CT2604146.FeedTTL128981243906575437", 40); Deleted : user_pref("CT2604146.FirstServerDate", "15-4-2011"); Deleted : user_pref("CT2604146.FirstTime", true); Deleted : user_pref("CT2604146.FirstTimeFF3", true); Deleted : user_pref("CT2604146.FixPageNotFoundErrors", true); Deleted : user_pref("CT2604146.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2604146.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2604146.Initialize", true); Deleted : user_pref("CT2604146.InitializeCommonPrefs", true); Deleted : user_pref("CT2604146.InstallationAndCookieDataSentCount", 1); Deleted : user_pref("CT2604146.InstalledDate", "Fri Apr 15 2011 16:53:32 GMT+0200 (Romance Daylight Time)"); Deleted : user_pref("CT2604146.InvalidateCache", false); Deleted : user_pref("CT2604146.IsGrouping", false); Deleted : user_pref("CT2604146.IsMulticommunity", false); Deleted : user_pref("CT2604146.IsOpenThankYouPage", true); Deleted : user_pref("CT2604146.IsOpenUninstallPage", true); Deleted : user_pref("CT2604146.LanguagePackLastCheckTime", "Fri Apr 15 2011 16:53:32 GMT+0200 (Romance Dayligh[...] Deleted : user_pref("CT2604146.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2604146.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2604146.LastLogin_3.2.5.2", "Fri Apr 15 2011 16:53:28 GMT+0200 (Romance Daylight Time)"[...] Deleted : user_pref("CT2604146.LatestVersion", "3.3.3.2"); Deleted : user_pref("CT2604146.Locale", "en-us"); Deleted : user_pref("CT2604146.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2604146.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2604146.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2604146.RadioIsPodcast", false); Deleted : user_pref("CT2604146.RadioLastCheckTime", "Fri Apr 15 2011 16:53:32 GMT+0200 (Romance Daylight Time)[...] Deleted : user_pref("CT2604146.RadioLastUpdateIPServer", "3"); Deleted : user_pref("CT2604146.RadioLastUpdateServer", "3"); Deleted : user_pref("CT2604146.RadioMediaID", "9962"); Deleted : user_pref("CT2604146.RadioMediaType", "Media Player"); Deleted : user_pref("CT2604146.RadioMenuSelectedID", "EBRadioMenu_CT26041469962"); Deleted : user_pref("CT2604146.RadioShrinked", "shrinked"); Deleted : user_pref("CT2604146.RadioStationName", "California%20Rock"); Deleted : user_pref("CT2604146.RadioStationURL", "hxxp://feedlive.net/california.asx"); Deleted : user_pref("CT2604146.SHRINK_TOOLBAR", 0); Deleted : user_pref("CT2604146.SavedHomepage", "hxxp://www.facebook.com"); Deleted : user_pref("CT2604146.SearchEngine", "Search||hxxp://search.conduit.com/Results.aspx?q=UCM_SEARCH_TER[...] Deleted : user_pref("CT2604146.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2604146.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT260[...] Deleted : user_pref("CT2604146.SearchInNewTabEnabled", true); Deleted : user_pref("CT2604146.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2604146.SearchInNewTabLastCheckTime", "Fri Apr 15 2011 16:53:31 GMT+0200 (Romance Dayli[...] Deleted : user_pref("CT2604146.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2604146.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2604146.ServiceMapLastCheckTime", "Fri Apr 15 2011 16:53:26 GMT+0200 (Romance Daylight [...] Deleted : user_pref("CT2604146.SettingsLastCheckTime", "Fri Apr 15 2011 16:53:26 GMT+0200 (Romance Daylight Ti[...] Deleted : user_pref("CT2604146.SettingsLastUpdate", "1299110333"); Deleted : user_pref("CT2604146.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2604146.ThirdPartyComponentsLastCheck", "Fri Apr 15 2011 16:53:26 GMT+0200 (Romance Day[...] Deleted : user_pref("CT2604146.ThirdPartyComponentsLastUpdate", "1246786978"); Deleted : user_pref("CT2604146.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Deleted : user_pref("CT2604146.UserID", "UN31991538398031527"); Deleted : user_pref("CT2604146.ValidationData_Toolbar", 2); Deleted : user_pref("CT2604146.WeatherNetwork", ""); Deleted : user_pref("CT2604146.WeatherPollDate", "Fri Apr 15 2011 18:30:47 GMT+0200 (Romance Daylight Time)"); Deleted : user_pref("CT2604146.WeatherUnit", "C"); Deleted : user_pref("CT2604146.alertChannelId", "996967"); Deleted : user_pref("CT2604146.components.1000234", true); Deleted : user_pref("CT2604146.myStuffEnabled", true); Deleted : user_pref("CT2604146.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2604146.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2604146.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2604146.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2604146.toolbarAppMetaDataLastCheckTime", "Fri Apr 15 2011 16:53:28 GMT+0200 (Romance D[...] Deleted : user_pref("CT2604146.toolbarContextMenuLastCheckTime", "Fri Apr 15 2011 16:53:32 GMT+0200 (Romance D[...] Deleted : user_pref("CT2786678..clientLogIsEnabled", true); Deleted : user_pref("CT2786678..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2786678..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2786678.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2786678.CTID", "CT2786678"); Deleted : user_pref("CT2786678.CurrentServerDate", "10-2-2011"); Deleted : user_pref("CT2786678.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2786678.DownloadReferralCookieData", ""); Deleted : user_pref("CT2786678.EMailNotifierPollDate", "Thu Feb 10 2011 16:08:49 GMT+0100 (Romance Standard Ti[...] Deleted : user_pref("CT2786678.FeedLastCount5690698542593514850", 428); Deleted : user_pref("CT2786678.FeedPollDate129301619375443753", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375443759", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444699", "Thu Feb 10 2011 15:53:49 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444705", "Thu Feb 10 2011 15:53:49 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444711", "Thu Feb 10 2011 15:53:49 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444717", "Thu Feb 10 2011 15:53:49 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444723", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444729", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444735", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444741", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedPollDate129301619375444747", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance St[...] Deleted : user_pref("CT2786678.FeedTTL129301619375444699", 10); Deleted : user_pref("CT2786678.FeedTTL129301619375444723", 15); Deleted : user_pref("CT2786678.FeedTTL129301619375444735", 5); Deleted : user_pref("CT2786678.FeedTTL129301619375444747", 5); Deleted : user_pref("CT2786678.FirstServerDate", "8-2-2011"); Deleted : user_pref("CT2786678.FirstTime", true); Deleted : user_pref("CT2786678.FirstTimeFF3", true); Deleted : user_pref("CT2786678.FixPageNotFoundErrors", false); Deleted : user_pref("CT2786678.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2786678.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2786678.HasUserGlobalKeys", true); Deleted : user_pref("CT2786678.Initialize", true); Deleted : user_pref("CT2786678.InitializeCommonPrefs", true); Deleted : user_pref("CT2786678.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2786678.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2786678.InstalledDate", "Tue Feb 08 2011 16:05:08 GMT+0100 (Romance Standard Time)"); Deleted : user_pref("CT2786678.IsGrouping", false); Deleted : user_pref("CT2786678.IsMulticommunity", false); Deleted : user_pref("CT2786678.IsOpenThankYouPage", true); Deleted : user_pref("CT2786678.IsOpenUninstallPage", false); Deleted : user_pref("CT2786678.LanguagePackLastCheckTime", "Thu Feb 10 2011 16:05:24 GMT+0100 (Romance Standar[...] Deleted : user_pref("CT2786678.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2786678.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2786678.LastLogin_3.2.5.2", "Thu Feb 10 2011 15:53:49 GMT+0100 (Romance Standard Time)"[...] Deleted : user_pref("CT2786678.LatestVersion", "3.2.5.2"); Deleted : user_pref("CT2786678.Locale", "en"); Deleted : user_pref("CT2786678.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2786678.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2786678.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2786678.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2786678.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT278[...] Deleted : user_pref("CT2786678.SearchInNewTabEnabled", true); Deleted : user_pref("CT2786678.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2786678.SearchInNewTabLastCheckTime", "Thu Feb 10 2011 16:05:14 GMT+0100 (Romance Stand[...] Deleted : user_pref("CT2786678.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2786678.SearchInNewTabUsageUrl", "hxxp://Usage.Hosting.conduit-services.com/UsageServic[...] Deleted : user_pref("CT2786678.ServiceMapLastCheckTime", "Thu Feb 10 2011 16:05:04 GMT+0100 (Romance Standard [...] Deleted : user_pref("CT2786678.SettingsLastCheckTime", "Thu Feb 10 2011 15:53:48 GMT+0100 (Romance Standard Ti[...] Deleted : user_pref("CT2786678.SettingsLastUpdate", "1297181872"); Deleted : user_pref("CT2786678.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2786678.ThirdPartyComponentsLastCheck", "Tue Feb 08 2011 16:05:03 GMT+0100 (Romance Sta[...] Deleted : user_pref("CT2786678.ThirdPartyComponentsLastUpdate", "1246790578"); Deleted : user_pref("CT2786678.TrusteLinkUrl", "hxxp://trust.conduit.com/EB_ORIGINAL_CTID"); Deleted : user_pref("CT2786678.UserID", "UN43233791262573420"); Deleted : user_pref("CT2786678.ValidationData_Toolbar", 0); Deleted : user_pref("CT2786678.WeatherNetwork", ""); Deleted : user_pref("CT2786678.WeatherPollDate", "Thu Feb 10 2011 15:53:50 GMT+0100 (Romance Standard Time)"); Deleted : user_pref("CT2786678.WeatherUnit", "C"); Deleted : user_pref("CT2786678.alertChannelId", "1178763"); Deleted : user_pref("CT2786678.myStuffEnabled", true); Deleted : user_pref("CT2786678.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2786678.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2786678.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2786678.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2786678.testingCtid", ""); Deleted : user_pref("CT2786678.toolbarAppMetaDataLastCheckTime", "Thu Feb 10 2011 16:05:13 GMT+0100 (Romance S[...] Deleted : user_pref("CT2786678.toolbarContextMenuLastCheckTime", "Tue Feb 08 2011 16:05:15 GMT+0100 (Romance S[...] Deleted : user_pref("CT2786678.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1178763/1174448/ES", "\"0\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/832836/828639/ES", "\"0\"")[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/909619/905414/ES", "\"0\"")[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/996967/992686/ES", "\"0\"")[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2438727", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2604146", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2786678", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.8.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2438727",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/toolbar/", "\"63438026930213[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=0", "63[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=1/11/20[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/17/20[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=2/22/20[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.engine.conduit-services.com/?browser=FF&lut=3/13/20[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2438727/CT2438727[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2604146/CT2604146[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.search.conduit.com/root/CT2786678/CT2786678[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/27/243/CT2438727/Images/Blank.png", "\"2[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/7/176/CT1764407/Images/63421989998628125[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/equalizer[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/maxi.gif"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/minimize.[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play.gif"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/play_mini[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/stop.gif"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/BankImages/RadioSkins/Bluenote/vol.gif",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://storage.conduit.com/images/skins/zynga/seperator.gif", "\"46[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"1d8[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en-us", "\"[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://twitter.com/users/show/16332734.xml", "\"fcbd944532eb8843c97[...] Deleted : user_pref("CommunityToolbar.EngineOwner", "CT2786678"); Deleted : user_pref("CommunityToolbar.EngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Deleted : user_pref("CommunityToolbar.EngineOwnerToolbarId", "utorrentbar"); Deleted : user_pref("CommunityToolbar.IsMyStuffImportedToEngine", true); Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Documents and Settings\\User\\Application [...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.8.1.0"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwner", "CT2786678"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerGuid", "{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}"); Deleted : user_pref("CommunityToolbar.OriginalEngineOwnerToolbarId", "utorrentbar"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "chrome://browser-region/locale/region.pr[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2438727,CT2786678,ConduitEngine,CT2604146"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2438727,CT2786678,ConduitEngine,CT2604146"); Deleted : user_pref("CommunityToolbar.alert.alertInfoInterval", 1440); Deleted : user_pref("CommunityToolbar.alert.alertInfoLastCheckTime", "Sat Apr 16 2011 09:55:38 GMT+0200 (Roman[...] Deleted : user_pref("CommunityToolbar.alert.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.locale", "en"); Deleted : user_pref("CommunityToolbar.alert.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.alert.loginLastCheckTime", "Fri Apr 15 2011 16:44:03 GMT+0200 (Romance D[...] Deleted : user_pref("CommunityToolbar.alert.loginLastUpdateTime", "1291048634"); Deleted : user_pref("CommunityToolbar.alert.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.alert.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.alert.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.alert.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.alert.userId", "{92e8103e-9c51-446b-a7dc-b5dc0af65c56}"); Deleted : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Thu Feb 10 2011 16:05:18 GMT+0100 (Rom[...] Deleted : user_pref("CommunityToolbar.globalUserId", "95a0bb3a-10e2-4a36-bd46-7ef1e2f2e7bc"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2604146"); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Dec 17 2011 00:31:2[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Thu Dec 22 2011 17:32:32 GMT+0100 (R[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "d8ef8764-e55a-410a-9727-04e8e8486e23"); Deleted : user_pref("CommunityToolbar.twitter.user_16332734.LastCheckTime", "Fri Apr 15 2011 16:53:34 GMT+0200[...] Deleted : user_pref("ConduitEngine.CTID", "ConduitEngine"); Deleted : user_pref("ConduitEngine.FirstServerDate", "02/08/2011 18"); Deleted : user_pref("ConduitEngine.FirstTime", true); Deleted : user_pref("ConduitEngine.FirstTimeFF3", true); Deleted : user_pref("ConduitEngine.FixPageNotFoundErrors", false); Deleted : user_pref("ConduitEngine.HasUserGlobalKeys", true); Deleted : user_pref("ConduitEngine.Initialize", true); Deleted : user_pref("ConduitEngine.InitializeCommonPrefs", true); Deleted : user_pref("ConduitEngine.InstallationType", "UnknownIntegration"); Deleted : user_pref("ConduitEngine.InstalledDate", "Tue Feb 08 2011 16:05:14 GMT+0100 (Romance Standard Time)"[...] Deleted : user_pref("ConduitEngine.IsMulticommunity", false); Deleted : user_pref("ConduitEngine.IsOpenThankYouPage", false); Deleted : user_pref("ConduitEngine.IsOpenUninstallPage", false); Deleted : user_pref("ConduitEngine.LanguagePackLastCheckTime", "Fri Apr 15 2011 16:44:04 GMT+0200 (Romance Day[...] Deleted : user_pref("ConduitEngine.LastLogin_3.2.5.2", "Sat Apr 16 2011 09:50:14 GMT+0200 (Romance Daylight Ti[...] Deleted : user_pref("ConduitEngine.PublisherContainerWidth", 0); Deleted : user_pref("ConduitEngine.SearchFromAddressBarIsInit", true); Deleted : user_pref("ConduitEngine.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Deleted : user_pref("ConduitEngine.SettingsLastCheckTime", "Sat Apr 16 2011 09:50:13 GMT+0200 (Romance Dayligh[...] Deleted : user_pref("ConduitEngine.UserID", "UN84785614024231310"); Deleted : user_pref("ConduitEngine.engineLocale", "en-GB"); Deleted : user_pref("ConduitEngine.enngineContextMenuLastCheckTime", "Fri Apr 15 2011 16:44:04 GMT+0200 (Roman[...] Deleted : user_pref("ConduitEngine.initDone", true); Deleted : user_pref("ConduitEngine.usagesFlag", 1); Deleted : user_pref("browser.search.defaultenginename", "Search Results"); Deleted : user_pref("browser.search.defaultthis.engineName", "HotSpot International Customized Web Search"); Deleted : user_pref("browser.search.order.1", "Search the web (Softonic)"); Deleted : user_pref("extensions.Softonic.admin", false); Deleted : user_pref("extensions.Softonic.aflt", "SD"); Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}"); Deleted : user_pref("extensions.Softonic.autoRvrt", "false"); Deleted : user_pref("extensions.Softonic.cntry", "ES"); Deleted : user_pref("extensions.Softonic.dfltLng", ""); Deleted : user_pref("extensions.Softonic.dfltSrch", true); Deleted : user_pref("extensions.Softonic.dpkLst", "3654782829,1334533236,1121012847,231756876,1895130307,60371[...] Deleted : user_pref("extensions.Softonic.dspFFXOld", "Google"); Deleted : user_pref("extensions.Softonic.excTlbr", false); Deleted : user_pref("extensions.Softonic.hdrMd5", "147450552BA9F7F616BDC6A78527A165"); Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00013/tb_v1?SearchSource=13&[...] Deleted : user_pref("extensions.Softonic.hpOld0", "www.hln.be"); Deleted : user_pref("extensions.Softonic.id", "18db39e400000000000000242cd9cf88"); Deleted : user_pref("extensions.Softonic.instlDay", "15768"); Deleted : user_pref("extensions.Softonic.instlRef", "MOY00013"); Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00013/tb_v1?SearchSource=2&cc[...] Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.8.8.1117:01:22"); Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00013/tb_v1?SearchSource=1[...] Deleted : user_pref("extensions.Softonic.pnu_BASEirobinhoodActive", "{\"newVrsn\":\"44\",\"lastVrsn\":\"44\",\[...] Deleted : user_pref("extensions.Softonic.prdct", "Softonic"); Deleted : user_pref("extensions.Softonic.prtnrId", "softonic"); Deleted : user_pref("extensions.Softonic.rvrt", "true"); Deleted : user_pref("extensions.Softonic.sg", "none"); Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)"); Deleted : user_pref("extensions.Softonic.tlbrId", "BASEirobinhoodActive"); Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00013/tb_v1?SearchSource[...] Deleted : user_pref("extensions.Softonic.vrsn", "1.8.8.11"); Deleted : user_pref("extensions.Softonic.vrsni", "1.8.8.11"); Deleted : user_pref("extensions.Softonic_i.dnsErr", true); Deleted : user_pref("extensions.Softonic_i.excTlbr", false); Deleted : user_pref("extensions.Softonic_i.hmpg", true); Deleted : user_pref("extensions.Softonic_i.newTab", true); Deleted : user_pref("extensions.Softonic_i.smplGrp", "none"); Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.8.8.1117:01:33"); Deleted : user_pref("extensions.enabledAddons", "info%40technologymob.com:1.1.1,scrapbookplus%40addons.mozilla[...] Deleted : user_pref("surfcanyon.amazon_results_enabled", true); Deleted : user_pref("surfcanyon.daily_code", "scIsOnSearchEngineDomain = function() {\nreturn contains(scCurre[...] Deleted : user_pref("surfcanyon.daily_code_timestamp", "1323600412100"); Deleted : user_pref("surfcanyon.display_similar_product_images", true); Deleted : user_pref("surfcanyon.google_search_button_click_query", "smile++lyrics"); Deleted : user_pref("surfcanyon.google_search_button_click_ts", "1309291747793"); Deleted : user_pref("surfcanyon.hourly_code", "scHourlyCodeRevision = '336f';\nscGetDocument = function() {\nr[...] Deleted : user_pref("surfcanyon.hourly_code2", "scEnableGoogle_hourly = function() {\nvar args = window.locati[...] Deleted : user_pref("surfcanyon.hourly_code_timestamp", "1324578376471"); Deleted : user_pref("surfcanyon.initialized_amazon_results", true); Deleted : user_pref("surfcanyon.initialized_roaming_suggestions", true); Deleted : user_pref("surfcanyon.initialized_search_links", true); Deleted : user_pref("surfcanyon.initialized_similar_product_images", true); Deleted : user_pref("surfcanyon.inst_id", "97336486254909458217836519809545"); Deleted : user_pref("surfcanyon.inst_timestamp", "1307051934742"); Deleted : user_pref("surfcanyon.last_seen_splash", "336"); Deleted : user_pref("surfcanyon.num_recs_clicked", "35"); Deleted : user_pref("surfcanyon.num_results_clicked", "1503"); Deleted : user_pref("surfcanyon.num_results_clicked_when_recs_available", "283"); Deleted : user_pref("surfcanyon.num_searches", "2498"); Deleted : user_pref("surfcanyon.partner_code", "WTIFFEUA"); Deleted : user_pref("surfcanyon.refinements_cache", "new xxx cartoon tube/****o video:new big tube:hentai sex:[...] Deleted : user_pref("surfcanyon.roaming_suggestions_enabled", true); Deleted : user_pref("surfcanyon.search_links_enabled", true); -\\ Google Chrome v28.0.1500.72 File : C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences Deleted [l.2224] : homepage = "hxxp://www.searchnu.com/102", ************************* AdwCleaner[s1].txt - [353 octets] - [20/07/2013 18:20:27] AdwCleaner[s2].txt - [50082 octets] - [20/07/2013 18:21:10] ########## EOF - C:\AdwCleaner[s2].txt - [50143 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:51:21, on 21/07/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\mmrtkrnl.exe C:\WINDOWS\system32\igfxsrvc.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 7920 bytes
  23. philspain
    Kape, ik ben het logje van adwcleaner kwijtgeraakt, denk je dat het ergens is opgeslagen ?
  24. philspain
    Hallo, even een logje geplaatst, pc zeer traag, heb malwarebytes laten scannen, niks gevonden ! Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 17:44:02, on 20/07/2013 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\PROGRA~1\AVG\AVG10\avgchsvx.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\WINDOWS\system32\igfxsrvc.exe C:\WINDOWS\system32\mmrtkrnl.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe C:\Program Files\SAMSUNG\MagicKBD\MagicKBD.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\SAMSUNG\MagicKBD\PerformanceManager.exe C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe C:\WINDOWS\system32\igfxext.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\PROGRA~1\AVG\AVG10\avgrsx.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVG\AVG10\avgcsrvx.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\explorer.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MOY00013/tb_v1?SearchSource=10&cc= R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Increase performance and video formats for your HTML5 <video> - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: Softonic Helper Object - {E87806B5-E908-45FD-AF5E-957D83E58E68} - C:\Program Files\Softonic\Softonic\1.8.8.11\bh\Softonic.dll O3 - Toolbar: Softonic Toolbar - {5018CFD2-804D-4C99-9F81-25EAEA2769DE} - C:\Program Files\Softonic\Softonic\1.8.8.11\SoftonicTlbr.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [EDS] C:\Program Files\Samsung\Samsung EDS\EDSAgent.exe O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [MagicKeyboard] C:\Program Files\SAMSUNG\MagicKBD\PreMKBD.exe O4 - HKLM\..\Run: [DMHotKey] C:\Program Files\Samsung\Easy Display Manager\DMLoader.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Realtime Audio Engine] "mmrtkrnl.exe" /i O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Documents and Settings\User\Application Data\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send To Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe O23 - Service: Servicio Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe -- End of file - 8879 bytes
  25. philspain
    OK , heb het proces nog eens overgedaan , met chkdsk en hoera opgelost voor nu ! Bedankt Passer , really appreciated !
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.