Liannebost

Dat gaat helaas niet met mobiel. Ben blij als mijn laptop het weer doet.

Hoe kan ik deze topic dan verwijderen? Vanuit mobiel...

Ja klopt. Ik zit nu in de mobiele site en sommige dingen zijn nogal zoeken voor mij

Mijn laptop is stuk gegaan, kom nergens meer in en via bios worden geen drivers erkend, kan dus ook niks veranderen

Ik zie net dat de discussie gesloten is, sorry dat ik niet kon reageren, dat kwam omdat mijn scherm zo klein was, was verdwaalt tussen de forums, maar dat heb ik ook aangegeven

Heb je gevonden wat er met de acer is? Ik zit eindelijk in de mobiele site, dus ik zal niks meer dubbel sturen.

Ik hoop eigenlijk alleen de harde schijf. Hij komt niet meer verder dan de Bios!

Volgens mij is eigenlijk de harde schijf kapot, want ik zag in de Bios dat er 633 kb geheugen opstond.

Mijn laptop had gisteren een virus en ik dacht dat het erna weg was, maar ik vond hem nog raar doen, kreeg non stop bestanden op de pc, die ik er niet op had gezet. dus ik weet niet of ik er teveel af heb gegooid, hij gaat in ieder geval niet meer aan.

Zou iemand me kunnen helpen?

Mijn acer aspire 9300 doet niks meer! Ik kom in de bios, maar vanuit daar kan ik ook niks doen. Had de boot ook al op de videokaart gezet, daar kom ik dan een paar zinnen verder mee totdat er weer ctrl, alt, del staat, voor restart. Ik geloof dat mijn harde schijf kapot is, want in de bios staat bij system memory: 633 kb. Ik zou er graag uit willen, maar USB pakt die niet en ik ben nu met mijn telefoon het berichten, dus ik kan nu ook niet veel doen. Groetjes Lianne

Ik heb gelukkig geen last meer van Savings Sidekick! (even afkloppen ;-)) Ziet het er netjes uit??? gelukkig! Ik weet zelf niet wat er staat, helaas. bedankt allemaal!

# AdwCleaner v2.005 - Logfile created 10/28/2012 at 15:01:51 # Updated 14/10/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 3 (32 bits) # User : Lianne - LIANNE # Boot Mode : Normal # Running from : C:\Documents and Settings\Lianne\My Documents\Downloads\adwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : Browser Manager ***** [Files / Folders] ***** Deleted on reboot : C:\Documents and Settings\All Users\Application Data\Browser Manager File Deleted : C:\Documents and Settings\Lianne\Application Data\Mozilla\Firefox\Profiles\c44mg3cj.default\searchplugins\funmoods.xml File Deleted : C:\Documents and Settings\Lianne\Application Data\Mozilla\Firefox\Profiles\c44mg3cj.default\searchplugins\SweetIm.xml File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml File Deleted : C:\user.js Folder Deleted : C:\Documents and Settings\All Users\Application Data\Babylon Folder Deleted : C:\Documents and Settings\All Users\Application Data\IBUpdaterService Folder Deleted : C:\Documents and Settings\All Users\Application Data\SweetIM Folder Deleted : C:\Documents and Settings\All Users\Application Data\Tarma Installer Folder Deleted : C:\Documents and Settings\Lianne\Application Data\Babylon Folder Deleted : C:\Documents and Settings\Lianne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bbjciahceamgodcoidkjpchnokgfpphh Folder Deleted : C:\Documents and Settings\Lianne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\cjpglkicenollcignonpgiafdgfeehoj Folder Deleted : C:\Documents and Settings\Lianne\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle Folder Deleted : C:\Documents and Settings\Lianne\Local Settings\Application Data\Savings Sidekick Folder Deleted : C:\Program Files\Savings Sidekick Folder Deleted : C:\Program Files\SweetIM ***** [Registry] ***** Data Deleted : HKLM\..\Windows [AppInit_DLLs] = c:\docume~1\alluse~1\applic~1\browse~1\23811~1.154\{61d8b~1\browse~1.dll Key Deleted : HKCU\Software\Cr_Installer Key Deleted : HKCU\Software\DataMngr Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKCU\Software\InstalledBrowserExtensions Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110011501160} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1631550F-191D-4826-B069-D9439253D926} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5018CFD2-804D-4C99-9F81-25EAEA2769DE} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E87806B5-E908-45FD-AF5E-957D83E58E68} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8} Key Deleted : HKCU\Software\PriceGong Key Deleted : HKCU\Software\Savings Sidekick Key Deleted : HKCU\Software\Somoto Key Deleted : HKLM\Software\Babylon Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{22222222-2222-2222-2222-220022502260} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.BHO.1 Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox Key Deleted : HKLM\SOFTWARE\Classes\CrossriderApp0005060.Sandbox.1 Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55555555-5555-5555-5555-550055505560} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66666666-6666-6666-6666-660066506660} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1 Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{44444444-4444-4444-4444-440044504460} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\Software\DataMngr Key Deleted : HKLM\Software\dlQUE Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\cjpglkicenollcignonpgiafdgfeehoj Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhdepfaagokllfmhfbcfmocaeigmoebo Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohd****efph Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011501160} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DealPly Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Funmoods Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Savings Sidekick Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Softonic Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011501160} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Savings Sidekick Key Deleted : HKLM\Software\Tarma Installer Key Deleted : HKU\S-1-5-21-1844237615-1788223648-682003330-1003\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9} Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EEE6C35B-6118-11DC-9C72-001320C79847}] Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [{b64982b1-d112-42b5-b1e4-d3867c4533f8}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.18702 Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls - Tabs] = hxxp://searchfunmoods.com/?f=2&a=iron2&chnl=iron2&cd=2XzuyEtN2Y1L1QzutDtDtC0CtByCtBtCtCtDzz0DtA0DtByDtN0D0Tzu0CtBzyyCtN1L2XzutBtFtBtFtDtFtAyEyE&cr=1735310644 --> hxxp://www.google.com -\\ Mozilla Firefox v16.0.2 (nl) Profile name : default File : C:\Documents and Settings\Lianne\Application Data\Mozilla\Firefox\Profiles\c44mg3cj.default\prefs.js C:\Documents and Settings\Lianne\Application Data\Mozilla\Firefox\Profiles\c44mg3cj.default\user.js ... Deleted ! Deleted : user_pref("browser.search.defaultenginename", "Funmoods"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", true); Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=114508&tt=431[...] Deleted : user_pref("extensions.Softonic.admin", false); Deleted : user_pref("extensions.Softonic.aflt", "SD"); Deleted : user_pref("extensions.Softonic.autoRvrt", "false"); Deleted : user_pref("extensions.Softonic.cntry", "NL"); Deleted : user_pref("extensions.Softonic.cv", "cv5"); Deleted : user_pref("extensions.Softonic.dfltLng", "nl"); Deleted : user_pref("extensions.Softonic.dfltlng", "nl"); Deleted : user_pref("extensions.Softonic.dfltsrch", "false"); Deleted : user_pref("extensions.Softonic.envrmnt", "production"); Deleted : user_pref("extensions.Softonic.excTlbr", false); Deleted : user_pref("extensions.Softonic.hdrMd5", "801098C2890DAB689B2C35D60268C922"); Deleted : user_pref("extensions.Softonic.hmpg", false); Deleted : user_pref("extensions.Softonic.hrdid", "6c803d25000000000000001c2621108d"); Deleted : user_pref("extensions.Softonic.id", "6c803d25000000000000001c2621108d"); Deleted : user_pref("extensions.Softonic.instlDay", "15634"); Deleted : user_pref("extensions.Softonic.instlRef", "MON00086"); Deleted : user_pref("extensions.Softonic.instlday", "15634"); Deleted : user_pref("extensions.Softonic.instlref", "MON00086"); Deleted : user_pref("extensions.Softonic.isdcmntcmplt", "false"); Deleted : user_pref("extensions.Softonic.keywordurl", ""); Deleted : user_pref("extensions.Softonic.lastVrsnTs", "1.6.7.40:51:49"); Deleted : user_pref("extensions.Softonic.mntrvrsn", "1.3.0"); Deleted : user_pref("extensions.Softonic.newTab", false); Deleted : user_pref("extensions.Softonic.newtab", "false"); Deleted : user_pref("extensions.Softonic.newtaburl", ""); Deleted : user_pref("extensions.Softonic.prdct", "Softonic"); Deleted : user_pref("extensions.Softonic.propectorlck", 89436508); Deleted : user_pref("extensions.Softonic.prtnrId", "softonic"); Deleted : user_pref("extensions.Softonic.prtnrid", "softonic"); Deleted : user_pref("extensions.Softonic.rvrtMsg", "Click Yes to keep current home page and default search set[...] Deleted : user_pref("extensions.Softonic.savedVrsnTs", "1"); Deleted : user_pref("extensions.Softonic.sg", "az"); Deleted : user_pref("extensions.Softonic.smplGrp", "none"); Deleted : user_pref("extensions.Softonic.smplgrp", "none"); Deleted : user_pref("extensions.Softonic.srch", ""); Deleted : user_pref("extensions.Softonic.srchprvdr", ""); Deleted : user_pref("extensions.Softonic.tlbrId", "base"); Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MON00086/tb_v1?SearchSource[...] Deleted : user_pref("extensions.Softonic.tlbrid", "base"); Deleted : user_pref("extensions.Softonic.tlbrsrchurl", "hxxp://search.softonic.com/MON00086/tb_v1?SearchSource[...] Deleted : user_pref("extensions.Softonic.vrsn", "1.6.7.4"); Deleted : user_pref("extensions.Softonic.vrsnTs", "1.6.7.40:51:49"); Deleted : user_pref("extensions.Softonic.vrsni", "1.6.7.4"); Deleted : user_pref("extensions.Softonic.vrsnts", "1.6.7.40:51:49"); Deleted : user_pref("extensions.Softonic_i.newTab", false); Deleted : user_pref("extensions.Softonic_i.smplGrp", "none"); Deleted : user_pref("extensions.Softonic_i.vrsnTs", "1.6.7.40:51:49"); Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationThankYouPage", true); Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationTime", 1350873057); Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.searchUserConifrmation", false[...] Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setHomepage", false); Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setNewTab", false); Deleted : user_pref("extensions.crossriderapp5060.5060.InstallationUserSettings.setSearch", false); Deleted : user_pref("extensions.crossriderapp5060.5060.active", true); Deleted : user_pref("extensions.crossriderapp5060.5060.addressbar", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundjs", "\n\n\"undefined\"!=typeof _GPL_BG_NEW&&[...] Deleted : user_pref("extensions.crossriderapp5060.5060.backgroundver", 7); Deleted : user_pref("extensions.crossriderapp5060.5060.can_run_bg_code", true); Deleted : user_pref("extensions.crossriderapp5060.5060.certdomaininstaller", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.changeprevious", false); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallationTime.value", "1350873057"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.expiration", "Fri Feb 01 2030 00:00:00 [...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_aoi.value", "1350873057"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.expiration", "Sun Oct 28 2012 15:[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_blocklist.value", "%22nonexistantdomain.com[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.expiration", "Mon Oct 29 2012 [...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_country_code.value", "%22NL%22"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.expiration", "Fri Feb 01 2030 00:00:00 [...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_crr.value", "1351432755"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.expiration", "Fri Feb 01 [...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_hotfix20111102645.value", "%221%22"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.expiration", "Fri Feb 01 2[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_installer_params.value", "%7B%22source_id%2[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_parent_zoneid.value", "%2245990%22"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.expiration", "Fri Feb 01 2030 0[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_pc_20120828.value", "1350876333843"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.expiration", "Fri Feb 01 2030 00[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_product_id.value", "%221265%22"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.expiration", "Fri Feb 01 2030 00:00:[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie._GPL_zoneid.value", "%2296291%22"); Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.expiration", "Fri Feb 01 2030 00:00:00 GM[...] Deleted : user_pref("extensions.crossriderapp5060.5060.cookie.dbtest.value", "1350873103653"); Deleted : user_pref("extensions.crossriderapp5060.5060.description", "Savings Sidekick"); Deleted : user_pref("extensions.crossriderapp5060.5060.domain", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.enablesearch", false); Deleted : user_pref("extensions.crossriderapp5060.5060.fbremoteurl", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.group", 0); Deleted : user_pref("extensions.crossriderapp5060.5060.homepage", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.iframe", false); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.expiration", "Fri Feb 0[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.InstallerIdentifiers.value", "%7B%22installe[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.expiration", "Fri Feb 01 20[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_appVer.value", "37"); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.expiration", "Fri Feb [...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_lastVersion.value", "0"); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.expiration", "Fri Feb 01 2030[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_meta.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.expiration", "Sun Oct 28[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_nextCheck.value", "true"); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.expiration", "Fri Feb 01 203[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_queue.value", "%7B%7D"); Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.expiration", "Fri[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.Resources_remote_resources.value", "%7B%22re[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.expiration", "Fri Feb 01 20[...] Deleted : user_pref("extensions.crossriderapp5060.5060.internaldb.SoftwareDetected.value", "%7B%22AnySoftware%[...] Deleted : user_pref("extensions.crossriderapp5060.5060.js", "\n\nif(\"undefined\"!=typeof _GPL_PLUGIN){var _GP[...] Deleted : user_pref("extensions.crossriderapp5060.5060.manifesturl", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.name", "Savings Sidekick"); Deleted : user_pref("extensions.crossriderapp5060.5060.newtab", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.opensearch", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.code", "appAPI._cr_config={appID:funct[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.name", "base"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1.ver", 3); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.code", "Array.prototype.indexOf|[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.name", "GPL Plugin (Loader)"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000014.ver", 7); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.code", "var _GPL_BG={vars:{},rul[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.name", "GPL Background (BG)"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_1000015.ver", 4); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.code", "(function(a){a.selectedText=f[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.name", "CrossriderAppUtils"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_13.ver", 2); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.code", "if(typeof(appAPI)===\"undefin[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.name", "CrossriderUtils"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_14.ver", 2); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.code", "(function(f){var u={};var e=M[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.name", "FacebookFFIE"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_15.ver", 1); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.code", "(function(f,{if(typeof(==[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.name", "FFAppAPIWrapper"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_16.ver", 3); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.code", "if(typeof window!==\"undefine[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.name", "jQuery"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_17.ver", 3); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.code", "var CrossriderDebugManager=(f[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.name", "debug"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_21.ver", 3); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.code", "(function(a){appAPI.queueMana[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.name", "resources"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_22.ver", 2); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.code", "var CrossriderInitializerPlug[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.name", "initializer"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_28.ver", 2); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.code", "/*! jQuery v1.7.1 jquery.com |[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.name", "jquery_1_7_1"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_4.ver", 3); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.code", "(function(){appAPI.ready=func[...] Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.name", "resources_background"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins.plugin_47.ver", 1); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_0", "17,14,16,47,1000015"); Deleted : user_pref("extensions.crossriderapp5060.5060.plugins_lists.plugins_1", "17,14,13,16,15,4,1,21,22,100[...] Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsurl", "hxxp://app-static.crossrider.com/plugin/a[...] Deleted : user_pref("extensions.crossriderapp5060.5060.pluginsversion", 15); Deleted : user_pref("extensions.crossriderapp5060.5060.publisher", "215 Apps"); Deleted : user_pref("extensions.crossriderapp5060.5060.searchstatus", 0); Deleted : user_pref("extensions.crossriderapp5060.5060.setnewtab", false); Deleted : user_pref("extensions.crossriderapp5060.5060.settingsurl", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.thankyou", ""); Deleted : user_pref("extensions.crossriderapp5060.5060.updateinterval", 360); Deleted : user_pref("extensions.crossriderapp5060.5060.ver", 37); Deleted : user_pref("extensions.crossriderapp5060.adsOldValue", 10); Deleted : user_pref("extensions.crossriderapp5060.apps", "5060"); Deleted : user_pref("extensions.crossriderapp5060.bic", "13a864f9d8321063e2fc44db171edcfb"); Deleted : user_pref("extensions.crossriderapp5060.cid", 5060); Deleted : user_pref("extensions.crossriderapp5060.firstrun", false); Deleted : user_pref("extensions.crossriderapp5060.hadappinstalled", true); Deleted : user_pref("extensions.crossriderapp5060.installationdate", 1350873096); Deleted : user_pref("extensions.crossriderapp5060.lastcheck", 22523664); Deleted : user_pref("extensions.crossriderapp5060.lastcheckitem", 22523879); Deleted : user_pref("extensions.crossriderapp5060.modetype", "production"); Deleted : user_pref("extensions.crossriderapp5060.reportInstall", true); Deleted : user_pref("extensions.enabledAddons", "langpack-nl@firefox.mozilla.org:16.0.1,crossriderapp5060@cros[...] Deleted : user_pref("extensions.funmoods.aflt", "iron2"); Deleted : user_pref("extensions.funmoods.autoRvrt", false); Deleted : user_pref("extensions.funmoods.dfltLng", ""); Deleted : user_pref("extensions.funmoods.dfltSrch", true); Deleted : user_pref("extensions.funmoods.dnsErr", true); Deleted : user_pref("extensions.funmoods.envrmnt", "production"); Deleted : user_pref("extensions.funmoods.excTlbr", false); Deleted : user_pref("extensions.funmoods.hmpg", true); Deleted : user_pref("extensions.funmoods.hmpgUrl", "hxxp://searchfunmoods.com/?f=1&a=iron2&chnl=iron2&cd=2Xzuy[...] Deleted : user_pref("extensions.funmoods.id", "001C2621108D3D25"); Deleted : user_pref("extensions.funmoods.instlDay", "15635"); Deleted : user_pref("extensions.funmoods.instlRef", "iron2"); Deleted : user_pref("extensions.funmoods.isdcmntcmplt", true); Deleted : user_pref("extensions.funmoods.mntrvrsn", "1.3.0"); Deleted : user_pref("extensions.funmoods.newTabUrl", "hxxp://searchfunmoods.com/?f=2&a=iron2&chnl=iron2&cd=2Xz[...] Deleted : user_pref("extensions.funmoods.prdct", "funmoods"); Deleted : user_pref("extensions.funmoods.prtnrId", "funmoods"); Deleted : user_pref("extensions.funmoods.srchPrvdr", "Search"); Deleted : user_pref("extensions.funmoods.tlbrId", "base"); Deleted : user_pref("extensions.funmoods.tlbrSrchUrl", "hxxp://searchfunmoods.com/?f=3&a=iron2&chnl=iron2&cd=2[...] Deleted : user_pref("extensions.funmoods.vrsn", "1.5.23.22"); Deleted : user_pref("extensions.funmoods.vrsni", "1.5.23.22"); Deleted : user_pref("extensions.funmoods_i.newTab", true); Deleted : user_pref("extensions.funmoods_i.smplGrp", "none"); Deleted : user_pref("extensions.funmoods_i.vrsnTs", "1.5.23.2218:10:3"); ************************* AdwCleaner[R1].txt - [27610 octets] - [28/10/2012 15:00:25] AdwCleaner[s1].txt - [27757 octets] - [28/10/2012 15:01:51] ########## EOF - C:\AdwCleaner[s1].txt - [27818 octets] ########## Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:09:06, on 28-10-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Java\jre7\bin\jqs.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Alwact\Bin\Alwact.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\FilesFrog Update Checker\update_checker.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\WINDOWS\system32\rundll32.exe C:\DOCUME~1\Lianne\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Lianne\My Documents\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {9E131A93-EED7-4BEB-B015-A0ADB30B5646} - (no file) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ACU] "F:\aser drivers\Modem_Foxconn _7.34.0.0_XPx86\ACU.exe" -nogui O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Alwact.exe] C:\Program Files\Alwact\Bin\Alwact.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O8 - Extra context menu item: Download by Versalsoft Internet Download - C:\Program Files\Versalsoft\InternetDownload\adddownload.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 6792 bytes

en ik heb nog steeds savings sidekick erin staan, kan ik dat nu gewoon verwijderen uit het systeem en dat het weg blijft?

Malwarebytes Anti-Malware 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.10.28.02 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Lianne :: LIANNE [administrator] 28-10-2012 13:43:16 mbam-log-2012-10-28 (13-43-16).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 181286 Verstreken tijd: 4 minuut/minuten, 13 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 9 HKCR\CLSID\{75A4D144-506D-4BE5-81DB-EC7DA1E7F840} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\TypeLib\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\esrv.funmoodsESrvc.1 (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCR\esrv.funmoodsESrvc (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C87FC351-A80D-43E9-9A86-CF1E29DC443A} (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\CROSSRIDER (Adware.GamePlayLab) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\SOFTWARE\INSTALLEDBROWSEREXTENSIONS\215 APPS (PUP.CrossFire.SA) -> Succesvol in quarantaine geplaatst en verwijderd. HKLM\SOFTWARE\Google\Chrome\Extensions\bbjciahceamgodcoidkjpchnokgfpphh (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. Registerwaarden gedetecteerd: 3 HKCU\Software\Crossrider|215AppVerifier (Adware.GamePlayLab) -> Data: e726fec18077514bbde94313f21a8813 -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\InstalledBrowserExtensions\215 Apps|5060 (PUP.CrossFire.SA) -> Data: Savings Sidekick -> Succesvol in quarantaine geplaatst en verwijderd. HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow|Qword Search Engine (Adware.QWO) -> Data: -> Succesvol in quarantaine geplaatst en verwijderd. Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 4 C:\Documents and Settings\Lianne\My Documents\Downloads\GCPUbyImp.gadget.exe (PUP.BundleInstaller.BI) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Lianne\Local Settings\Application Data\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bbjciahceamgodcoidkjpchnokgfpphh_0.localstorage (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Lianne\Local Settings\Application Data\funmoods.crx (PUP.Funmoods) -> Succesvol in quarantaine geplaatst en verwijderd. C:\Documents and Settings\Lianne\Favorites\Qword Search Engine.url (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:01:47, on 28-10-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\RTHDCPL.EXE C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Alwact\Bin\Alwact.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\DOCUME~1\Lianne\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\FilesFrog Update Checker\update_checker.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\Program Files\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Lianne\My Documents\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [ACU] "F:\aser drivers\Modem_Foxconn _7.34.0.0_XPx86\ACU.exe" -nogui O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Alwact.exe] C:\Program Files\Alwact\Bin\Alwact.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O8 - Extra context menu item: Download by Versalsoft Internet Download - C:\Program Files\Versalsoft\InternetDownload\adddownload.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\23811~1.154\{61d8b~1\browse~1.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7313 bytes Ik hoop dat het goed is. Sorry dat ik zo'n ramp ben met computers. En bedankt voor je geduld. Bij hijackthis deed die alleen 1 ding niet verwijderen: O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll Wordt mijn pc nu ook sneller? Het leek namelijk alsof iets hem tegen hield. Ik heb laats bijvoorbeeld met VLC media player downloaden namelijk langer dan een half uur moeten wachten tot de download klaar was en dat doet die eigenlijk met alles. Bedankt voor de goede hulp en het geduld!

Ga naar start - alle programma's - bureauaccesoires. Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor uitvoeren als administrator om het opdrachtprompt te openen. Tik in: sc stop "Browser Manager" en druk op Enter. Tik in: sc delete "Browser Manager" en druk op Enter. Tik in exit en druk Enter. Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie. Ik was naar start gegaan en heb met mijn rechter muisknop erop geklikt, daar vond ik geen uitvoeren als administrator, maar Run as..., dat heb ik geopend en staat er current user (LIANNE,lianne), als ik administrator wil pakken moet ik een paswoord in voeren.. hoe kom ik nu verder of wat moet ik doen? ps. Bedankt voor je reactie

kan iemand me helpen? ik weet niet wat te doen. En het lijkt net of de laptop zijn eigen leven heeft

Ik heb het saving sidekick virus en heb hijackthis gedownload. Hoe moet ik nu verder? Ik heb echt 0 verstand van computers. hieronder hijackthis-logje: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 9:48:25, on 28-10-2012 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\acs.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe C:\Program Files\Java\jre7\bin\jqs.exe C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Microsoft Application Virtualization Client\sftvsa.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\RocketDock\RocketDock.exe C:\Program Files\Alwact\Bin\Alwact.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\FilesFrog Update Checker\update_checker.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Application Virtualization Client\sftlist.exe C:\DOCUME~1\Lianne\LOCALS~1\Temp\RtkBtMnt.exe C:\Program Files\SlimCleaner\SlimCleaner.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Documents and Settings\Lianne\My Documents\Downloads\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Qword Search Engine R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Funmoods Search R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll O2 - BHO: CrossriderApp0005060 - {11111111-1111-1111-1111-110011501160} - C:\Program Files\Savings Sidekick\Savings Sidekick.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: E-Zsoft VideoDownloaderToolBar - {4322A444-92F8-4C3E-BD4C-013BA51E2871} - C:\Program Files\Versalsoft\InternetDownload\VDTB.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll O3 - Toolbar: (no name) - {D0F4A166-B8D4-48b8-9D63-80849FE137CB} - (no file) O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [skyTel] SkyTel.EXE O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ACU] "F:\aser drivers\Modem_Foxconn _7.34.0.0_XPx86\ACU.exe" -nogui O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [internetDownload_upgrade] "C:\Program Files\Versalsoft\InternetDownload\InternetDownload.exe" /upgrade O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [Alwact.exe] C:\Program Files\Alwact\Bin\Alwact.exe O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background O4 - HKCU\..\Run: [sDP] C:\Program Files\FilesFrog Update Checker\update_checker.exe /auto O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe (User 'Default user') O8 - Extra context menu item: Download by Versalsoft Internet Download - C:\Program Files\Versalsoft\InternetDownload\adddownload.htm O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O10 - Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll O15 - Trusted Zone: *.qword.com O20 - AppInit_DLLs: c:\docume~1\alluse~1\applic~1\browse~1\23811~1.154\{61d8b~1\browse~1.dll O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: Browser Manager - Unknown owner - C:\Documents and Settings\All Users\Application Data\Browser Manager\2.3.811.154\{61d8b74e-8d89-46ff-afa6-33382c54ac73}\browsermngr.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 8510 bytes