evelie
-
Items
49 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Alles dat geplaatst werd door evelie
-
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Super!!! Geen reclames meer... Super bedankt! Dan nog 1 vraagje, hoe krijg ik trg mijn webcam geregeld? Wil niet werken -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Zoek.exe Version 4.0.0.4 Updated 19-08-2013 Tool run by user on di 20-08-2013 at 23:52:05,04. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user\Downloads\zoek (2).exe [script inserted] ==== Older Logs ====================== C:\zoek-results20-08-2013-2347.log 83500 bytes C:\zoek-results25-03-2013-1602.log 2899 bytes ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\Tango\Tango.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Users\user\Downloads\zoek (2).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== Deleting Files \ Folders ====================== ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 2811 MB CPU Info: AMD Athlon II P320 Dual-Core Processor CPU Speed: 2093,4 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: ATI Mobility Radeon HD 4200 | ATI Mobility Radeon HD 4200 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11n Network Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (D: | ) D: hp CDDVDW TS-L633N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 297,9GB Hard Disks - Free: C: 236,1GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 07/16/10 | HPQOEM - 3 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 143B Internet Explorer Version: 10.0.9200.16660 Sun Java version: No Java Installed? Country: Nederland Language: NLD ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\user\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-08-15 17:41:34 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-08-15 17:41:34 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-08-15 17:41:31 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-08-15 17:41:31 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-08-15 17:41:30 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-15 17:41:30 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-08-15 17:41:29 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-08-15 17:41:26 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-08-15 17:41:25 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-08-15 17:41:22 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-08-15 17:41:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-08-15 17:41:18 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-08-15 17:41:17 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-08-15 17:41:15 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-08-15 17:41:07 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-08-15 13:49:42 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-08-15 13:49:41 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-15 13:49:41 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-08-15 13:49:41 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-08-15 13:49:09 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2013-08-15 13:49:03 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 13:48:59 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 13:48:54 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-08-15 13:48:53 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-08-15 13:48:46 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-08-15 13:48:45 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-08-15 13:48:45 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-08-15 13:48:45 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-08-15 13:48:41 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-08-15 13:48:29 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-15 17:41:34 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-08-15 17:41:33 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-08-15 17:41:31 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-08-15 17:41:31 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-08-15 17:41:30 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-08-15 17:41:30 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-08-15 17:41:29 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-08-15 17:41:28 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-08-15 17:41:25 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-08-15 17:41:25 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-08-15 17:41:24 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-08-15 17:41:20 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-08-15 17:41:18 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-08-15 17:41:17 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-08-15 17:41:12 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-08-15 17:41:11 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-08-15 13:49:42 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-08-15 13:49:41 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-08-15 13:49:41 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-08-15 13:49:41 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-08-15 13:49:09 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2013-08-15 13:48:57 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-08-15 13:48:55 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-08-15 13:48:54 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-08-15 13:48:41 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-08-15 13:48:29 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2013-08-14 01:57:40 9AC9C0EEBA4C821D3C42441219B615E9 780 ----a-w- C:\Windows\Sysnative\.crusader ====== C:\Windows\Sysnative\drivers ===== 2013-08-15 13:48:28 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-15 13:48:26 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-07-25 14:54:59 E86C64478D9A90D62255FE9EB0150C6E 175 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum 2013-07-25 14:54:59 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum 2013-07-25 14:54:59 2E83D2621E87C493AB45DC6655BA77D4 175 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum 2013-07-25 14:54:49 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2013-07-25 14:54:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-14 01:34:40 -------- d-----w- C:\Program Files\HitmanPro ======= C:\Program Files (x86) ===== 2013-08-06 22:57:02 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-07-30 18:17:31 3005 ----a-w- C:\Program Files (x86)\WebCakeLayers.crx ======= C: ===== ====== C:\Users\user\AppData\Roaming ====== 2013-08-20 21:45:56 -------- d-----w- C:\users\user\AppData\Local\Temp 2013-08-17 22:57:35 -------- d-----w- C:\users\user\AppData\Locallow\Google ====== C:\Users\user ====== 2013-08-18 12:31:13 F265E08A4A53E0FAFF655BF04C490F0C 666633 ----a-w- C:\Users\user\Downloads\adwcleaner (1).exe 2013-08-17 22:57:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2013-08-17 22:55:31 EFA066251FA0201D9AFE488A1F2F837F 784840 ----a-w- C:\Users\user\Downloads\GoogleEarthSetup.exe 2013-08-14 01:34:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-08-14 01:33:57 -------- d-----w- C:\ProgramData\HitmanPro 2013-08-14 01:30:21 248547E58ACFD1D474C1D692B82F6F77 9853928 ----a-w- C:\Users\user\Downloads\HitmanPro_x64.exe 2013-08-14 01:30:16 A5A273E596D685664192E4B04DC1350E 9167352 ----a-w- C:\Users\user\Downloads\HitmanPro.exe ====== C: exe-files == 2013-08-18 12:31:13 F265E08A4A53E0FAFF655BF04C490F0C 666633 ----a-w- C:\Users\user\Downloads\adwcleaner (1).exe 2013-08-17 22:56:48 B21EBE35B22BE09004D4E5C3EA4BC9F2 25415728 ----a-w- C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe 2013-08-17 22:55:31 EFA066251FA0201D9AFE488A1F2F837F 784840 ----a-w- C:\Users\user\Downloads\GoogleEarthSetup.exe 2013-08-15 17:41:30 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-15 17:41:30 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\System32\ie4uinit.exe 2013-08-15 17:41:30 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe 2013-08-15 17:41:26 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-08-15 17:41:26 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-15 13:49:03 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 13:48:59 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 13:48:57 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\System32\ntoskrnl.exe 2013-08-15 13:48:45 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-08-15 13:48:45 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-08-15 13:48:45 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-08-14 01:34:41 47752D574C2D29BC807C0CF73093FB8A 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-08-14 01:34:40 248547E58ACFD1D474C1D692B82F6F77 9853928 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2013-08-14 01:30:21 248547E58ACFD1D474C1D692B82F6F77 9853928 ----a-w- C:\Users\user\Downloads\HitmanPro_x64.exe 2013-08-14 01:30:16 A5A273E596D685664192E4B04DC1350E 9167352 ----a-w- C:\Users\user\Downloads\HitmanPro.exe 2013-08-14 01:07:15 075AB6BDAF350744F7AA4DCBD0188172 888152 ----a-w- C:\Users\user\AppData\Roaming\uTorrent\updates\3.3.1_30017.exe === C: other files == 2013-08-15 13:48:28 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\System32\drivers\tssecsrv.sys 2013-08-15 13:48:26 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\System32\drivers\tcpip.sys ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Softonic for Windows"="C:\Users\user\AppData\Local\Softonic\Softonic.exe -minimize" "uTorrent"="C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Softonic for Windows"="C:\Users\user\AppData\Local\Softonic\Softonic.exe -minimize" "uTorrent"="C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Folders ====================== 2013-01-22 23:27:10 2046 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20-08-2013 23:29] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000Core.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 22:40] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000UA.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 22:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 17:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 17:10] ==== Firefox Extensions ====================== ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chrome Look ====================== HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\user\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[31-01-2013 03:22] Google Docs - Gast - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo Google Search - Gast - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - Gast - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Gmail - Gast - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia DvdVideoSoft Free Youtube Download - user - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp ==== Chrome Fix ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {CB42C524-40E8-41B9-B630-EE89F44BA6C7} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=020613&q={searchTerms}&src=IE-SearchBox" ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\user\AppData\Local\Softonic\Softonic.exe" -minimize O4 - HKCU\..\Run: [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FA1E0D4A-AE05-470F-A76E-EE2C327E56B3}: NameServer = 212.217.0.1 212.217.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WM4TIYBB will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eu7oqqak.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\iysuyrxl.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\uaonk95b.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\x2r8zr9s.default\Cache emptied successfully C:\users\user\AppData\Local\Mozilla\Firefox\Profiles\7onkgtuy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WM4TIYBB" not found ==== EOF on wo 21-08-2013 at 0:17:37,12 ====================== -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Zoek.exe Version 4.0.0.4 Updated 19-08-2013 Tool run by user on di 20-08-2013 at 23:13:11,94. Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\user\Downloads\zoek (1).exe [script inserted] ==== Older Logs ====================== C:\zoek-results25-03-2013-1602.log 2899 bytes ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{282A98E5-28C1-4E31-95DA-17DE7E46B73B} deleted successfully HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{83EFAD78-7D7A-4A4B-A2CA-28A7DA301963} deleted successfully HKEY_CLASSES_ROOT\CLSID\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully ==== Deleting CLSID Registry Values ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{318A227B-5E9F-45BD-8999-7F8F10CA4CF5} deleted successfully ==== Running Processes ====================== C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe C:\Program Files (x86)\Google\Update\1.3.21.153\GoogleCrashHandler.exe C:\Program Files (x86)\Tango\Tango.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Users\user\Downloads\zoek (1).exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\SysWOW64\cmd.exe ==== Deleting Services ====================== ==== FireFox Fix ====================== ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default user.js not found ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines tuvaro removed from prefs.js ---- ---- Lines tuvaro modified from prefs.js ---- ---- Lines CT2865317 removed from prefs.js ---- ---- Lines CT2865317 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default user.js not found ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines tuvaro removed from prefs.js ---- ---- Lines tuvaro modified from prefs.js ---- ---- Lines CT2865317 removed from prefs.js ---- ---- Lines CT2865317 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default user.js not found ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines tuvaro removed from prefs.js ---- ---- Lines tuvaro modified from prefs.js ---- ---- Lines CT2865317 removed from prefs.js ---- ---- Lines CT2865317 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\x2r8zr9s.default user.js not found ---- Lines delta removed from prefs.js ---- ---- Lines delta modified from prefs.js ---- ---- Lines tuvaro removed from prefs.js ---- ---- Lines tuvaro modified from prefs.js ---- ---- Lines CT2865317 removed from prefs.js ---- ---- Lines CT2865317 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines qvo6 removed from prefs.js ---- ---- Lines qvo6 modified from prefs.js ---- ---- Lines Search removed from prefs.js ---- ---- Lines Search modified from prefs.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines defaulttab removed from prefs.js ---- ---- Lines defaulttab modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default ---- Lines delta removed from prefs.js ---- user_pref("CT2865317.originalHomepage", "http://www1.delta-search.com/?babsrc=HP_ss&mntrId=82CDC446195B76CF&affID=119357&tsp=4943"); user_pref("CT2865317.originalSearchEngine", "Delta Search"); user_pref("browser.search.order.1", "Delta Search"); user_pref("extensions.delta.admin", false); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.id", "82cdbe08000000000000c446195b76cf"); user_pref("extensions.delta.instlDay", "15900"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.newTab", false); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.54:34:34"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4943"); user_pref("extensions.delta_i.srcExt", "ss"); ---- Lines delta modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1374764086217,\"rdfTime\":1368089726000},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG SafeGuard toolbar\\\\FireFoxExt\\\\15.4.0.5\",\"mtime\":1375131796778,\"rdfTime\":1375131775409}}},{\"name\":\"app-global\",\"addons\":{\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\browser\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1374437586354,\"rdfTime\":1374437586054}}},{\"name\":\"app-profile\",\"addons\":{\"addon@defaulttab.com\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\addon@defaulttab.com.xpi\",\"mtime\":1376666782147},\"ffxtlbr@delta.com\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\ffxtlbr@delta.com\",\"mtime\":1373769273903,\"rdfTime\":1352283188000},\"plugin@getwebcake.com\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\plugin@getwebcake.com\",\"mtime\":1372964969181,\"rdfTime\":1371740886000},\"pricepeep@getpricepeep.com\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\pricepeep@getpricepeep.com.xpi\",\"mtime\":1370027954000},\"trtv3@trtv.com\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\trtv3@trtv.com.xpi\",\"mtime\":1372581844000},\"{87775fdb-6972-41f9-ae51-8326e38cb206}\":{\"descriptor\":\"C:\\\\Users\\\\user\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\7onkgtuy.default\\\\extensions\\\\{87775fdb-6972-41f9-ae51-8326e38cb206}\",\"mtime\":1376667579421,\"rdfTime\":1375018146875}}}]"); ---- Lines delta removed from user.js ---- user_pref("extensions.delta.tlbrSrchUrl", ""); user_pref("extensions.delta.id", "82cdbe08000000000000c446195b76cf"); user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}"); user_pref("extensions.delta.instlDay", "15900"); user_pref("extensions.delta.vrsn", "1.8.21.5"); user_pref("extensions.delta.vrsni", "1.8.21.5"); user_pref("extensions.delta.vrsnTs", "1.8.21.54:34:34"); user_pref("extensions.delta.prtnrId", "delta"); user_pref("extensions.delta.prdct", "delta"); user_pref("extensions.delta.aflt", "babsst"); user_pref("extensions.delta.smplGrp", "none"); user_pref("extensions.delta.tlbrId", "base"); user_pref("extensions.delta.instlRef", "sst"); user_pref("extensions.delta.dfltLng", "nl"); user_pref("extensions.delta.excTlbr", false); user_pref("extensions.delta.ffxUnstlRst", true); user_pref("extensions.delta.admin", false); user_pref("extensions.delta_i.babTrack", "affID=119357&tsp=4943"); user_pref("extensions.delta_i.babExt", ""); user_pref("extensions.delta_i.srcExt", "ss"); user_pref("extensions.delta.autoRvrt", "false"); user_pref("extensions.delta.rvrt", "false"); user_pref("extensions.delta.newTab", false); ---- Lines tuvaro removed from prefs.js ---- user_pref("extensions.tuvaro.admin", false); user_pref("extensions.tuvaro.aflt", "orgnl"); user_pref("extensions.tuvaro.appId", "{2768469C-717B-401F-8532-C6D88BAE0339}"); user_pref("extensions.tuvaro.autoRvrt", "false"); user_pref("extensions.tuvaro.cam", ""); user_pref("extensions.tuvaro.dfltLng", ""); user_pref("extensions.tuvaro.dfltSrch", true); user_pref("extensions.tuvaro.dnsErr", true); user_pref("extensions.tuvaro.excTlbr", false); user_pref("extensions.tuvaro.ffxUnstlRst", false); user_pref("extensions.tuvaro.hmpg", true); user_pref("extensions.tuvaro.hmpgUrl", "http://tuvaro.com/ws/?source=99ec39d5&tbp=homepage&toolbarid=base&u=82cdbe08000000000000c446195b76cf"); user_pref("extensions.tuvaro.hpOld0", ""); user_pref("extensions.tuvaro.id", "82cdbe08000000000000c446195b76cf"); user_pref("extensions.tuvaro.instlDay", "15818"); user_pref("extensions.tuvaro.instlRef", "99ec39d5"); user_pref("extensions.tuvaro.kw_url", "http://tuvaro.com/ws/?source=99ec39d5&tbp=url&toolbarid=base&u=82cdbe08000000000000c446195b76cf&q="); user_pref("extensions.tuvaro.newTab", true); user_pref("extensions.tuvaro.newTabUrl", "chrome://tuvaro/content/new browser tab.html?source=99ec39d5&tbp=tab&u=82cdbe08000000000000c446195b76cf"); user_pref("extensions.tuvaro.prdct", "tuvaro"); user_pref("extensions.tuvaro.prtnrId", "tuvaro"); user_pref("extensions.tuvaro.rvrt", "false"); user_pref("extensions.tuvaro.smplGrp", "none"); user_pref("extensions.tuvaro.srchPrvdr", "Tuvaro"); user_pref("extensions.tuvaro.tlbrId", "base"); user_pref("extensions.tuvaro.tlbrSrchUrl", "http://tuvaro.com/ws/?source=99ec39d5&tbp=main&toolbarid=base&u=82cdbe08000000000000c446195b76cf&q="); user_pref("extensions.tuvaro.vrsn", "1.8.17.1"); user_pref("extensions.tuvaro.vrsni", "1.8.17.1"); user_pref("extensions.tuvaro.vrsnTs", "1.8.17.11:32:58"); ---- Lines tuvaro modified from prefs.js ---- ---- Lines tuvaro removed from user.js ---- user_pref("extensions.tuvaro.hpOld0", ""); user_pref("extensions.tuvaro.tlbrSrchUrl", "http://tuvaro.com/ws/?source=99ec39d5&tbp=main&toolbarid=base&u=82cdbe08000000000000c446195b76cf&q="); user_pref("extensions.tuvaro.id", "82cdbe08000000000000c446195b76cf"); user_pref("extensions.tuvaro.appId", "{2768469C-717B-401F-8532-C6D88BAE0339}"); user_pref("extensions.tuvaro.instlDay", "15818"); user_pref("extensions.tuvaro.vrsn", "1.8.17.1"); user_pref("extensions.tuvaro.vrsni", "1.8.17.1"); user_pref("extensions.tuvaro.vrsnTs", "1.8.17.11:32:58"); user_pref("extensions.tuvaro.prtnrId", "tuvaro"); user_pref("extensions.tuvaro.prdct", "tuvaro"); user_pref("extensions.tuvaro.aflt", "orgnl"); user_pref("extensions.tuvaro.smplGrp", "none"); user_pref("extensions.tuvaro.tlbrId", "base"); user_pref("extensions.tuvaro.instlRef", "99ec39d5"); user_pref("extensions.tuvaro.dfltLng", ""); user_pref("extensions.tuvaro.excTlbr", false); user_pref("extensions.tuvaro.ffxUnstlRst", false); user_pref("extensions.tuvaro.admin", false); user_pref("extensions.tuvaro.cam", ""); user_pref("extensions.tuvaro.autoRvrt", "false"); user_pref("extensions.tuvaro.rvrt", "false"); user_pref("extensions.tuvaro.hmpg", true); user_pref("extensions.tuvaro.hmpgUrl", "http://tuvaro.com/ws/?source=99ec39d5&tbp=homepage&toolbarid=base&u=82cdbe08000000000000c446195b76cf"); user_pref("extensions.tuvaro.dfltSrch", true); user_pref("extensions.tuvaro.srchPrvdr", "Tuvaro"); user_pref("extensions.tuvaro.kw_url", "http://tuvaro.com/ws/?source=99ec39d5&tbp=url&toolbarid=base&u=82cdbe08000000000000c446195b76cf&q="); user_pref("extensions.tuvaro.dnsErr", true); user_pref("extensions.tuvaro.newTab", true); user_pref("extensions.tuvaro.newTabUrl", "chrome://tuvaro/content/new browser tab.html?source=99ec39d5&tbp=tab&u=82cdbe08000000000000c446195b76cf"); ---- Lines CT2865317 removed from prefs.js ---- user_pref("browser.startup.homepage", "http://search.conduit.com/?ctid=CT2865317&SearchSource=13"); user_pref("CT2865317.1000234.TWC_country", "BELGIUM"); user_pref("CT2865317.1000234.TWC_location", "Brussels, Belgium"); user_pref("CT2865317.1000234.TWC_locId", "BEXX0005"); user_pref("CT2865317.1000234.TWC_region", "OT"); user_pref("CT2865317.1000234.TWC_temp_dis", "c"); user_pref("CT2865317.1000234.TWC_TMP_city", "BRUSSELS"); user_pref("CT2865317.1000234.TWC_TMP_country", "BE"); user_pref("CT2865317.1000234.TWC_wind_dis", "kmh"); user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"30.png\",\"temperature\":\"22°C\",\"temperatureClear\":\"22°C\",\"highTemperature\":\"22°C\",\"lowTemperature\":\"16°C\",\"feelsLike\":\"22°C\",\"condition\":\"Partly Cloudy\",\"tUnit\":\"c\",\"cityName\":\"Brussels, Belgium\",\"lastUpdated\":\"7/28/13 3:25 PM Local Time\",\"humidity\":\"59%\",\"visibility\":\"6.0 mi\",\"pressure\":\"29.91 in\",\"pressureDescription\":\"steady\",\"windFrom\":\"SSW\",\"windSpeed\":\"10 Km/h\",\"hasCurrentCondition\":true,\"night\":true,\"severaAlertsCount\":0,\"loaded\":true,\"day1\":{\"icon\":\"39.png\",\"highTemperature\":\"23°C\",\"lowTemperature\":\"14°C\",\"condition\":\"PM Showers\",\"precipitation\":\"60%\",\"day\":\"1\",\"sunr\":\"6:04 AM\",\"suns\":\"9:33 PM\",\"humidity\":\"66%\",\"windFrom\":\"SW\",\"windSpeed\":\"19 Km/h\",\"dayName\":\"Monday\",\"date\":\"Jul 29, 2013\",\"hourly\":[{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"6 AM\",\"temp\":62,\"feelsLike\":61,\"humid\":90,\"wSpeed\":8,\"wDir\":205,\"pop\":0,\"uv\":0,\"dew\":59,\"icon\":31,\"wDirText\":\"SSW\",\"wDesc\":\"Clear\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"12 PM\",\"temp\":70,\"feelsLike\":70,\"humid\":63,\"wSpeed\":11,\"wDir\":233,\"pop\":20,\"uv\":5,\"dew\":57,\"icon\":30,\"wDirText\":\"SW\",\"wDesc\":\"Partly Cloudy\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"6 PM\",\"temp\":72,\"feelsLike\":72,\"humid\":59,\"wSpeed\":11,\"wDir\":238,\"pop\":50,\"uv\":2,\"dew\":57,\"icon\":11,\"wDirText\":\"WSW\",\"wDesc\":\"Showers\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"12 AM\",\"temp\":62,\"feelsLike\":61,\"humid\":84,\"wSpeed\":8,\"wDir\":227,\"pop\":0,\"uv\":0,\"dew\":57,\"icon\":31,\"wDirText\":\"SW\",\"wDesc\":\"Clear\",\"precip_type\":\"rain\"}]},\"day2\":{\"icon\":\"12.png\",\"highTemperature\":\"21°C\",\"lowTemperature\":\"17°C\",\"condition\":\"PM Rain\",\"precipitation\":\"70%\",\"day\":\"2\",\"sunr\":\"6:06 AM\",\"suns\":\"9:31 PM\",\"humidity\":\"66%\",\"windFrom\":\"WSW\",\"windSpeed\":\"22 Km/h\",\"dayName\":\"Tuesday\",\"date\":\"Jul 30, 2013\",\"hourly\":[{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"6 AM\",\"temp\":58,\"feelsLike\":56,\"humid\":90,\"wSpeed\":10,\"wDir\":234,\"pop\":0,\"uv\":0,\"dew\":55,\"icon\":31,\"wDirText\":\"SW\",\"wDesc\":\"Clear\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"9 AM\",\"temp\":61,\"feelsLike\":59,\"humid\":81,\"wSpeed\":12,\"wDir\":239,\"pop\":0,\"uv\":1,\"dew\":55,\"icon\":30,\"wDirText\":\"WSW\",\"wDesc\":\"Partly Cloudy\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"12 PM\",\"temp\":67,\"feelsLike\":67,\"humid\":58,\"wSpeed\":14,\"wDir\":243,\"pop\":0,\"uv\":5,\"dew\":52,\"icon\":34,\"wDirText\":\"WSW\",\"wDesc\":\"Mostly Sunny\",\"precip_type\":\"rain\"},{\"key\":\"06451000\",\"class\":\"hourlyforecast\",\"dateTime\":\"3 PM\",\"temp\":69,\"feelsLike\":69,\"humid\":55,\"wSpeed\":12,\"wDir\":238,\"pop\":20,\"uv\":4,\"dew\":52,\"icon\":28,\"wDirText\":\"WSW\",\"wDesc\":\"Mostly Cloudy\",\"precip_type\":\"rain\"}]},\"day3\":{\"icon\":\"39.png\",\"highTemperature\":\"24°C\",\"lowTemperature\":\"17°C\",\"condition\":\"AM Showers\",\"precipitation\":\"30%\",\"day\":\"3\",\"sunr\":\"6:07 AM\",\"suns\":\"9:30 PM\",\"humidity\":\"76%\",\"windFrom\":\"WSW\",\"windSpeed\":\"19 Km/h\",\"dayName\":\"Wednesday\",\"date\":\"Jul 31, 2013\"},\"extendedOutlookLink\":\"http://uk.weather.com/weather/today-BEXX0005?cm_ven=conduit_uk&cm_cat=application&cm_ite=link&cm_pla=cityName\",\"todayLink\":\"http://uk.weather.com/weather/10day-BEXX0005?cm_ven=conduit_uk&cm_cat=application&cm_ite=link&cm_pla=10day\",\"zone\":2,\"severeAlertsCount\":0}"); user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true"); user_pref("CT2865317.cb_experience_000.enc", "Ng=="); user_pref("CT2865317.cb_firstuse0100.enc", "MQ=="); user_pref("CT2865317.cb_user_id_000.enc", "Q0IzNTQzOTQwNTQwN18xMzczNzY5MjkzOTg4X0ZpcmVmb3g="); user_pref("CT2865317.cbfirsttime.enc", "U3VuIEp1bCAxNCAyMDEzIDA0OjM0OjUyIEdNVCswMjAwIChSb21hbmNlIChzdGFuZGFhcmR0aWpkKSk="); user_pref("CT2865317.countryCode", "BE"); user_pref("CT2865317.defaultSearch", "false"); user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":true,\"jsInjection\":true,\"sslGranted\":true},\"onBeforeLoadData\":\"{\\\"view\\\":{\\\"html\\\":\\\"<table id=\\\\\\\"main\\\\\\\" class=\\\\\\\"mainwrapper\\\\\\\" cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n <tbody><tr>\\\\n <!-- don't remove the width=\\\\\\\"100%\\\\\\\" bug in chrome the width become in px-->\\\\n <td id=\\\\\\\"textboxWrapper\\\\\\\" style=\\\\\\\"width: 100%; background: none repeat scroll 0% 0% rgb(255, 255, 255);\\\\\\\" width=\\\\\\\"100%\\\\\\\">\\\\n <!-- take focuse in IE -->\\\\n <!--[if ie]>\\\\n <form onsubmit =\\\\\\\"return false;\\\\\\\" action=\\\\\\\"#\\\\\\\">\\\\n <![endif]-->\\\\n <input style=\\\\\\\"color: rgb(0, 0, 0); background: none repeat scroll 0% 0% rgb(255, 255, 255); min-width: 137px; max-width: 462px; width: 100%;\\\\\\\" id=\\\\\\\"textbox\\\\\\\" type=\\\\\\\"text\\\\\\\">\\\\n <!--[if ie]>\\\\n </form>\\\\n <![endif]-->\\\\n </td>\\\\n <td style=\\\\\\\"display: table-cell; background: none repeat scroll 0% 0% rgb(255, 255, 255);\\\\\\\" id=\\\\\\\"infoPopupButtonWrapper\\\\\\\">\\\\n <div style=\\\\\\\"display: block;\\\\\\\" id=\\\\\\\"infoPopupButton\\\\\\\" class=\\\\\\\"dropdownButtonTextbox no-select\\\\\\\"></div>\\\\n </td>\\\\n <td id=\\\\\\\"engineWrapperContainer\\\\\\\">\\\\n <table cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n <tbody><tr>\\\\n <td id=\\\\\\\"imageTextWrapperContainer\\\\\\\">\\\\n <table cellpadding=\\\\\\\"0\\\\\\\" cellspacing=\\\\\\\"0\\\\\\\">\\\\n <tbody><tr>\\\\n <td style=\\\\\\\"display: table-cell;\\\\\\\" id=\\\\\\\"engineWrapper\\\\\\\"><img style=\\\\\\\"display: block\\\\\\\" id=\\\\\\\"engineImage\\\\\\\" alt=\\\\\\\"\\\\\\\" src=\\\\\\\"http://storage.conduit.com/17/286/CT2865317/Images/SearchActivationButton-go_but01.gif-General-634220918830656250.gif\\\\\\\" onerror=\\\\\\\"javascript: this.src='http://storage.conduit.com/images/searchengines/go_btn_new.gif'\\\\\\\"></td>\\\\n <td style=\\\\\\\"display: table-cell;\\\\\\\" id=\\\\\\\"engineTextWrapper\\\\\\\">\\\\n <div title=\\\\\\\"Zoeken\\\\\\\" style=\\\\\\\"color: rgb(0, 0, 0); font-family: Tahoma; font-weight: normal; font-style: normal; font-size: 11px;\\\\\\\" id=\\\\\\\"engineText\\\\\\\">Zoeken</div>\\\\n </td>\\\\n </tr>\\\\n </tbody></table>\\\\n </td>\\\\n <td id=\\\\\\\"enginesPopupButtonWrapper\\\\\\\">\\\\n <div id=\\\\\\\"enginesPopupButton\\\\\\\" class=\\\\\\\"dropdownButton no-select\\\\\\\"></div>\\\\n </td>\\\\n </tr>\\\\n </tbody></table>\\\\n </td>\\\\n </tr>\\\\n</tbody></table>\\\"},\\\"locale\\\":{\\\"alignMode\\\":\\\"LTR\\\",\\\"locale\\\":\\\"nl\\\",\\\"languageAlignMode\\\":\\\"LTR\\\"}}\"},{\"appId\":\"129416029873125873\",\"apiPermissions\":{\"crossDomainAjax\":false,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"instantAlert\":true,\"jsInjection\":false,\"sslGranted\":false},\"originalHeight\":26},{\"appId\":\"130055909048847312\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":false,\"instantAlert\":true,\"jsInjection\":true,\"sslGranted\":true},\"originalHeight\":26}]"); user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2865317.enableFix404ByUser", "FALSE"); user_pref("CT2865317.enableSearchFromAddressBar", "false"); user_pref("CT2865317.FF19Solved", "true"); user_pref("CT2865317.FirstTime", "true"); user_pref("CT2865317.firstTimeDialogOpened", "true"); user_pref("CT2865317.FirstTimeFF3", "true"); user_pref("CT2865317.fixPageNotFoundErrorByUser", "TRUE"); user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true"); user_pref("CT2865317.fixUrls", true); user_pref("CT2865317.fullUserID", "UN35854658722291112.UP.20130719034657"); user_pref("CT2865317.installDate", "4/7/2013 21:04:41"); user_pref("CT2865317.installerVersion", "1.4.2.3"); user_pref("CT2865317.installSessionId", "-1"); user_pref("CT2865317.installSp", "FALSE"); user_pref("CT2865317.installType", "xpe"); user_pref("CT2865317.installUsage", "2013-07-14T05:34:34.3496506+03:00"); user_pref("CT2865317.installUsageEarly", "2013-07-14T05:34:30.9957366+03:00"); user_pref("CT2865317.isCheckedStartAsHidden", true); user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2865317.isFirstTimeToolbarLoading", "false"); user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2865317.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?ctid=CT2865317&octid=CT2865317&SearchSource=15&CUI=UN35854658722291112&SSPV=&Lay=1&UM=1\"}"); user_pref("CT2865317.lastVersion", "10.16.70.505"); user_pref("CT2865317.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9wcmljZWdvbmcuY29uZHVpdGFwcHMuY29tL01BTS92MS9odG1sX2NvbXAuaHRtbCIsInNjcmlwdFVybCI6bnVsbCwib3B0aW9uc0RpYWxvZyI6eyJkaXNwbGF5TmFtZSI6IlByaWNlR29uZyIsImFwcERlc2MiOiJ5b3VyIG9ubGluZSBzaG9wcGluZyBhc3Npc3RhbnQuIFVzZSBQcmljZUdvbmcgdG8gZmluZCB0aGUgYmVzdCBvbmxpbmUgZGVhbHMgYW5kIGdldCBvbmxpbmUgY291cG9ucyBqdXN0IHdoZW4geW91IG5lZWQgaXQuIiwicHJpdmFjeVBvbGljeVVybCI6Imh0dHA6Ly93d3cucHJpY2Vnb25nLmNvbS9Qcml2YWN5UG9saWN5LmFzcHgiLCJ0ZXJtc09mVXNlVXJsIjoiaHR0cDovL3d3dy5wcmljZWdvbmcuY29tL1Rlcm1zb2ZVc2UuYXNweCJ9LCJjb21wYXRpYmlsaXR5IjpbeyJwbGF0Zm9ybSI6IklFX1RCIiwibWF4VmVyc2lvbiI6IjAuMC4wLjAifV0sIkhpZGRlbkFwcCI6ZmFsc2UsIkVuYWJsZWRJbkh0dHBzIjpmYWxzZX0seyJpZCI6IkNvdXBvbkJ1ZGR5IiwidXJsIjoiaHR0cDovL3d3dy5zb2NpYWxncm93dGh0ZWNobm9sb2dpZXMuY29tL2NvdXBvbmJ1ZGR5X3YwMDMvaW5kZXgucGhwP2N0aWQ9RUJUT09MQkFSSUQiLCJzY3JpcHRVcmwiOm51bGwsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5hbWUiOiJDb3Vwb25CdWRkeSIsImFwcERlc2MiOiJDb3Vwb24gQnVkZHkgc2F2ZXMgeW91IG1vbmV5IGJ5IHNlcnZpbmcgeW91IHRoZSBiZXN0IGNvdXBvbnMgYW5kIGRlYWxzIGF0IHRob3VzYW5kcyBvZiB0aGUgbGFyZ2VzdCBvbmxpbmUgbWVyY2hhbnRzLiBDb3Vwb24gQnVkZHkgcmVjb2duaXplcyB3aGVyZSB5b3UgYXJlIGJyb3dzaW5nIGFuZCBhbGVydHMgeW91IG9mIHRoZSBiZXN0IGRlYWxzIHJpZ2h0IG9uIHRoZSBzaXRlIHlvdSBhcmUgdmlzaXRpbmcuIiwicHJpdmFjeVBvbGljeVVybCI6Imh0dHA6Ly9jYmFwcC5jb20vcHJpdmFjeXBvbGljeS8iLCJ0ZXJtc09mVXNlVXJsIjoiaHR0cDovL2NiYXBwLmNvbS9wcml2YWN5cG9saWN5LyJ9LCJIaWRkZW5BcHAiOmZhbHNlLCJFbmFibGVkSW5IdHRwcyI6ZmFsc2V9LHsiaWQiOiJXaW5kb3dTaG9wcGVyIiwidXJsIjoiaHR0cDovL3d3dy5zdXBlcmZpc2guY29tL3dzL3NmX2NvbmR1aXRfbG9hZGVyLmh0bWwiLCJzY3JpcHRVcmwiOm51bGwsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5hbWUiOiJEZWFsIEZpbmRlciIsImFwcERlc2MiOiJJbnN0YW50bHkgY29tcGFyZSBwcmljZXMgb24gYW55IHByb2R1Y3Qgb24gNzUsMDAwIG9ubGluZSBzdG9yZXMgaW4gVVMsIEV1cm9wZSwgQ2FuYWRhLCBCcmF6aWwgb3IgQXVzdHJhbGlhLiBPdXIgaW5kZXggY292ZXJzIG92ZXIgNTAwIG1pbGxpb24gcHJvZHVjdHMgaW4gZXZlcnkgcHJvZHVjdCBjYXRlZ29yeS4gV2l0aCB0aGUgRGVhbCBGaW5kZXIsIHRoZXJlJ3Mgbm8gbW9yZSBqdW1waW5nIGFyb3VuZCBmcm9tIHNpdGUgdG8gc2l0ZSB0byBjb21wYXJlIHByaWNlcyBvciB0byBmaW5kIHdoYXQgeW91IHdhbnQuXG5Vc2luZyB0aGlzIG9mZmVyLCB5b3Ugd2lsbCBzZWUgYSBcIlNlZSBTaW1pbGFyXCIgaWNvbiBhcHBlYXIgbmV4dCB0byBwcm9kdWN0IGltYWdlcy4gSnVzdCBjbGljayBvbiB0aGUgaWNvbiBhbmQgYSB3aW5kb3cgd2lsbCBhcHBlYXIsIHByZXNlbnRpbmcgZGVhbHMgYW5kIHZpc3VhbGx5IHNpbWlsYXIgcHJvZHVjdHMgZnJvbSBodW5kcmVkcyBvZiBvbmxpbmUgc3RvcmVzLiIsInByaXZhY3lQb2xpY3lVcmwiOiJodHRwOi8vd3d3LnNpbWlsYXJwcm9kdWN0cy5uZXQvcHJpdmFjeS1wb2xpY3kiLCJ0ZXJtc09mVXNlVXJsIjoiaHR0cDovL3d3dy5zaW1pbGFycHJvZHVjdHMubmV0L3Rlcm1zLW9mLXVzZS8ifSwiSGlkZGVuQXBwIjpmYWxzZSwiRW5hYmxlZEluSHR0cHMiOmZhbHNlfSx7ImlkIjoiRWFzeXRvYm9va190YXJnZXRlZCIsInVybCI6Imh0dHA6Ly9jb25kMDEuZXRieG1sLmNvbS9jb25kL2V4YW1wbGVfYXBwMi5odG1sIiwic2NyaXB0VXJsIjpudWxsLCJvcHRpb25zRGlhbG9nIjp7ImRpc3BsYXlOYW1lIjoiRWFzeXRvYm9vayAtIExhc3QgTWludXRlIEhlbHBlciIsImFwcERlc2MiOiJTbWFydCBwcmljaW5nIGhvdGVsIG9mZmVyIHRoYXQgd2lsbCBvbmx5IGdpdmUgeW91IGNoZWFwZXIgb2ZmZXJzIGJhc2VkIG9uIHlvdXIgaG90ZWwgc2VhcmNoLiIsInByaXZhY3lQb2xpY3lVcmwiOiJodHRwOi8vd3d3LmVhc3l0b2Jvb2suY29tL3ByaXZhY3kvP2FtdT0yODA4MjY4NjkiLCJ0ZXJtc09mVXNlVXJsIjoiaHR0cDovL3d3dy5lYXN5dG9ib29rLmNvbS9kaXNjbGFpbWVyLz9hbXU9MjgwODI2ODY5In0sIkhpZGRlbkFwcCI6ZmFsc2UsIkVuYWJsZWRJbkh0dHBzIjpmYWxzZX0seyJpZCI6IkVhc3l0b2Jvb2siLCJ1cmwiOiJodHRwOi8vY29uZDAxLmV0YnhtbC5jb20vdy93ZWIvd2lkZ2V0Lmh0bWwiLCJzY3JpcHRVcmwiOm51bGwsIm9wdGlvbnNEaWFsb2ciOnsiZGlzcGxheU5hbWUiOiJFYXN5dG9ib29rIiwiYXBwRGVzYyI6IlNtYXJ0IHByaWNpbmcgaG90ZWwgYXBwIHdpbGwgZ2l2ZSB5b3UgdGhlIGJlc3QgcHJpY2VzIGJhc2VkIG9uIHlvdXIgaG90ZWwgc2VhcmNoLiBUaGUgYXBwIHdpbGwgY2FsY3VsYXRlIHRoZSBudW1iZXIgb2YgbmlnaHRzIHlvdSBwaWNrZWQgYW5kIGdpdmUgeW91IHRoZSBiZXN0IHJhdGVzIHdlIGNvdWxkIGZpbmQhIiwicHJpdmFjeVBvbGljeVVybCI6Imh0dHA6Ly93d3cuZWFzeXRvYm9vay5jb20vcHJpdmFjeS8/YW11PTI4MDgyNjg2OSIsInRlcm1zT2ZVc2VVcmwiOiJodHRwOi8vd3d3LmVhc3l0b2Jvb2suY29tL2Rpc2NsYWltZXIvP2FtdT0yODA4MjY4NjkifSwiSGlkZGVuQXBwIjpmYWxzZSwiRW5hYmxlZEluSHR0cHMiOmZhbHNlfV0sIlN0YXR1cyI6InN1Y2NlZWRlZCIsImxhc3RVcGRhdGVUaW1lIjoxMzc2NzgwMzg1MTAxfQ=="); user_pref("CT2865317.mam_gk_appsDefaultEnabled.enc", "bnVsbA=="); user_pref("CT2865317.mam_gk_appState_CouponBuddy.enc", "b24="); user_pref("CT2865317.mam_gk_appState_Easytobook.enc", "b24="); user_pref("CT2865317.mam_gk_appState_Easytobook_targeted.enc", "b24="); user_pref("CT2865317.mam_gk_appState_PriceGong.enc", "b24="); user_pref("CT2865317.mam_gk_appState_WindowShopper.enc", "b24="); user_pref("CT2865317.mam_gk_appStateReportTime.enc", "MTM3Njc4MDM4NTE0NQ=="); user_pref("CT2865317.mam_gk_calledSetupService.enc", "MQ=="); user_pref("CT2865317.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IkVhc3l0b2Jvb2tfdGFyZ2V0ZWQiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIzODZjYjQyOC0zYzg1LTQ5OTktODBlMC04YmZiMTQyOTRjNTMiLCJkb21haW5zIjpbImFnb2RhLiIsImJvb2tpbmcuIiwiZXhwZWRpYS4iLCJob3RlbHMuIiwiaG90d2lyZS5jb20iLCJrYXlhay4iLCJtYWtlbXl0cmlwLiIsIm1hcnJpb3R0LmNvbSIsIm9yYml0ei4iLCJwcmljZWxpbmUuIiwicm9vbWtleS4iLCJzb3V0aHdlc3QuIiwidHJpcGFkdmlzb3IuIiwidW5pdGVkLmNvbSIsInZlbmVyZS4iXSwiZG9tYWluc0V4Y2VwdGlvbiI6WyIiXX1dfSx7ImlkIjoiRWFzeXRvYm9vayIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6ImUwYWM4MTg1LWEzYmItNDcyZS05YjI0LTUwYWVkYjY0NDlhZCIsImRvbWFpbnMiOlsiYWdvZGEuIiwiYm9va2luZy4iLCJleHBlZGlhLiIsImhvdGVscy4iLCJob3R3aXJlLmNvbSIsImtheWFrLiIsIm1ha2VteXRyaXAuIiwibWFycmlvdHQuY29tIiwib3JiaXR6LiIsInByaWNlbGluZS4iLCJyb29ta2V5LiIsInNvdXRod2VzdC4iLCJ0cmlwYWR2aXNvci4iLCJ1bml0ZWQuY29tIiwidmVuZXJlLiJdLCJkb21haW5zRXhjZXB0aW9uIjpbIiJdfV19LHsiaWQiOiJQcmljZUdvbmciLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiI0OTI1NGFhMS1lODNlLTQwMGYtOGYyMy05NTk0MjEyMDU4NzkiLCJkb21haW5zIjpbIioiXSwiZG9tYWluc0V4Y2VwdGlvbiI6WyJhZ29kYS4iLCJib29raW5nLiIsImVhc3l0b2Jvb2siLCJleHBlZGlhLiIsImhvdGVscy4iLCJob3R3aXJlLmNvbSIsImliaWQyc2F2ZS5jb20iLCJrYXlhay4iLCJtYWtlbXl0cmlwLiIsIm1hcnJpb3R0LmNvbSIsIm9yYml0ei4iLCJwcmljZWxpbmUuIiwicm9vbWtleS4iLCJzb3V0aHdlc3QuIiwidHJpcGFkdmlzb3IuIiwidW5pdGVkLmNvbSIsInZlbmVyZS4iXX1dfSx7ImlkIjoiQ291cG9uQnVkZHkiLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiIyNzhhODViNS0wNmZhLTQ4NWEtOTcxMC1kMjI4NjQzNDhiOGYiLCJkb21haW5zIjpbIioiXSwiZG9tYWluc0V4Y2VwdGlvbiI6WyJhZ29kYS4iLCJib29raW5nLiIsImVhc3l0b2Jvb2siLCJleHBlZGlhLiIsImhvdGVscy4iLCJob3R3aXJlLmNvbSIsImliaWQyc2F2ZS5jb20iLCJrYXlhay4iLCJtYWtlbXl0cmlwLiIsIm1hcnJpb3R0LmNvbSIsIm9yYml0ei4iLCJwcmljZWxpbmUuIiwicm9vbWtleS4iLCJzb3V0aHdlc3QuIiwidHJpcGFkdmlzb3IuIiwidW5pdGVkLmNvbSIsInZlbmVyZS4iXX1dfSx7ImlkIjoiV2luZG93U2hvcHBlciIsImNyaXRlcmlhcyI6W3siY3JpdGVyaWFJZCI6IjYzNDZmNmE4LTdiNzgtNDRkOS1hNTQ3LWJmYTk5NTc1NjExYiIsImRvbWFpbnMiOlsiKiJdLCJkb21haW5zRXhjZXB0aW9uIjpbImFnb2RhLiIsImJvb2tpbmcuIiwiZWFzeXRvYm9vayIsImV4cGVkaWEuIiwiaG90ZWxzLiIsImhvdHdpcmUuY29tIiwiaWJpZDJzYXZlLmNvbSIsImtheWFrLiIsIm1ha2VteXRyaXAuIiwibWFycmlvdHQuY29tIiwib3JiaXR6LiIsInByaWNlbGluZS4iLCJyb29ta2V5LiIsInNvdXRod2VzdC4iLCJ0cmlwYWR2aXNvci4iLCJ1bml0ZWQuY29tIiwidmVuZXJlLiJdfV19XSwiU3RhdHVzIjoic3VjY2VlZGVkIiwibGFzdFVwZGF0ZVRpbWUiOjEzNzY3ODAzODUwMjl9"); user_pref("CT2865317.mam_gk_currentVersion.enc", "MS4xMC4yLjU="); user_pref("CT2865317.mam_gk_eventsCache.enc", "eyIzZDU4ZWYwNi02NThiLTRlYTYtYjUwZS1mNDZkMjYxZWYwOGYiOnsidG9waWMiOiJzZW5kVXNhZ2UiLCJkYXRhIjp7ImNhdGVnb3J5IjoiV2VsY29tZSIsImFjdGlvbiI6IlZpZXcifSwidW5pcXVlSWQiOiIzZDU4ZWYwNi02NThiLTRlYTYtYjUwZS1mNDZkMjYxZWYwOGYiLCJldmVudFRyaWdnZXJUaW1lIjoxMzczNzY5MjkwMjcyfX0="); user_pref("CT2865317.mam_gk_existingUsersRecoveryDone.enc", "MQ=="); user_pref("CT2865317.mam_gk_first_time.enc", "MQ=="); user_pref("CT2865317.mam_gk_gadgetOpen.enc", "d2VsY29tZQ=="); user_pref("CT2865317.mam_gk_lastLoginTime.enc", "MTM3Njc4MDM4NTU4NQ=="); user_pref("CT2865317.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJCZWxlaWQgYmV0cmVmZmVuZGUgaW5ob3VkIn0sIm5ld2FwcGxlYXJubW9yZSI6eyJUZXh0IjoiTWVlciBpbmZvcm1hdGllIn0sIm5ld2FwcHRleHQiOnsiVGV4dCI6IltBcHAgbmFtZV0gd2VyZCB0b2VnZXZvZWdkIGFhbiBWYWx1ZSBBcHBzIHNlcnZpY2UifSwic2V0dGluZ3NFbmFibGVkIjp7IlRleHQiOiJJbmdlc2NoYWtlbGQifSwic2V0dGluZ3NQcml2YWN5UG9saWN5Ijp7IlRleHQiOiJQcml2YWN5YmVsZWlkIn0sInNldHRpbmdzVGVybXNPZlVzZSI6eyJUZXh0IjoiR2VicnVpa3N2b29yd2FhcmRlbiJ9LCJsYXN0VXBkYXRlVGltZSI6MTM3Njc4MDM4NTA4NX0="); user_pref("CT2865317.mam_gk_mamEnabled.enc", "ZmFsc2U="); user_pref("CT2865317.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ=="); user_pref("CT2865317.mam_gk_settings1.10.2.5.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQkUiLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsdCI6dHJ1ZSwiSGFkUEciOmZhbHNlLCJuZXdBcHBzRXhwZXJpZW5jZSI6dHJ1ZSwidHJhY2tpbmciOnsiZ2EiOnRydWUsImRiIjp0cnVlfSwic2VydmljZXMiOlt7Im5hbWUiOiJjb25maWd1cmF0aW9uIiwidXJsIjoiaHR0cDovL2NsaWVudHNlcnZpY2UubWFtLmNvbmR1aXQtc2VydmljZXMuY29tL2NvbmZpZ3VyYXRpb24/Y3RpZD1DVDI4NjUzMTcmc3RhbXA9ODRfMCZjb3VudHJ5PUJFJmJyb3dzZXI9RUJCUk9XU0VSJmJyb3dzZXJ2ZXJzaW9uPUVCQlJPV1NFUlZFUlNJT04iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJhcHBzRGF0YSIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9hcHBzZGF0YT9jdGlkPUNUMjg2NTMxNyZzdGFtcD04NF8wJmNvdW50cnk9QkUmYnJvd3Nlcj1FQkJST1dTRVImYnJvd3NlcnZlcnNpb249RUJCUk9XU0VSVkVSU0lPTiYmbG9jYWw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJsb2NhbGl6YXRpb24iLCJ1cmwiOiJodHRwOi8vbG9jYWxpemF0aW9uc2VydmljZS5tYW0uY29uZHVpdC5jb20vZ2V0cHJvZHVjdHRyYW5zbGF0aW9uP3A9bWFtJmw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MTQ0MH0seyJuYW1lIjoibG9naW4iLCJ1cmwiOiJodHRwOi8vbWFtLWFsaXZlLW1zZy5jb25kdWl0LWRhdGEuY29tIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoidXNhZ2UiLCJ1cmwiOiJodHRwOi8vbWFtLXVzYWdlLmNvbmR1aXQtZGF0YS5jb20vIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoic2V0dXBBcGkiLCJ1cmwiOiJodHRwOi8vYy5zZXR1cGFwaS50b29sYmFyLmNvbmR1aXQtc2VydmljZXMuY29tL1Byb3BlcnRpZXMvanNvbi9DVDI4NjUzMTcvQ0MvQkUiLCJpbnRlcnZhbCI6MjQwfV19LCJsYXN0VXBkYXRlVGltZSI6MTM3Njc4MDM4NDgwOH0="); user_pref("CT2865317.mam_gk_settings1.8.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQkUiLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsdCI6dHJ1ZSwiSGFkUEciOmZhbHNlLCJuZXdBcHBzRXhwZXJpZW5jZSI6dHJ1ZSwidHJhY2tpbmciOnsiZ2EiOnRydWUsImRiIjp0cnVlfSwic2VydmljZXMiOlt7Im5hbWUiOiJjb25maWd1cmF0aW9uIiwidXJsIjoiaHR0cDovL2NsaWVudHNlcnZpY2UubWFtLmNvbmR1aXQtc2VydmljZXMuY29tL2NvbmZpZ3VyYXRpb24/Y3RpZD1DVDI4NjUzMTcmc3RhbXA9ODRfMCZjb3VudHJ5PUJFJmJyb3dzZXI9RUJCUk9XU0VSJmJyb3dzZXJ2ZXJzaW9uPUVCQlJPV1NFUlZFUlNJT04iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJhcHBzRGF0YSIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9hcHBzZGF0YT9jdGlkPUNUMjg2NTMxNyZzdGFtcD04NF8wJmNvdW50cnk9QkUmYnJvd3Nlcj1FQkJST1dTRVImYnJvd3NlcnZlcnNpb249RUJCUk9XU0VSVkVSU0lPTiYmbG9jYWw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJsb2NhbGl6YXRpb24iLCJ1cmwiOiJodHRwOi8vbG9jYWxpemF0aW9uc2VydmljZS5tYW0uY29uZHVpdC5jb20vZ2V0cHJvZHVjdHRyYW5zbGF0aW9uP3A9bWFtJmw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MTQ0MH0seyJuYW1lIjoibG9naW4iLCJ1cmwiOiJodHRwOi8vbWFtLWFsaXZlLW1zZy5jb25kdWl0LWRhdGEuY29tIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoidXNhZ2UiLCJ1cmwiOiJodHRwOi8vbWFtLXVzYWdlLmNvbmR1aXQtZGF0YS5jb20vIiwiaW50ZXJ2YWwiOjI0MH1dfSwibGFzdFVwZGF0ZVRpbWUiOjEzNzM3NjkyNzk1MjJ9"); user_pref("CT2865317.mam_gk_settings1.9.0.4.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiODRfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiQkUiLCJpc1dlbGNvbWVFeHBlcmllbmNlRW5hYmxlZEJ5RGVmYXVsdCI6dHJ1ZSwiSGFkUEciOmZhbHNlLCJuZXdBcHBzRXhwZXJpZW5jZSI6dHJ1ZSwidHJhY2tpbmciOnsiZ2EiOnRydWUsImRiIjp0cnVlfSwic2VydmljZXMiOlt7Im5hbWUiOiJjb25maWd1cmF0aW9uIiwidXJsIjoiaHR0cDovL2NsaWVudHNlcnZpY2UubWFtLmNvbmR1aXQtc2VydmljZXMuY29tL2NvbmZpZ3VyYXRpb24/Y3RpZD1DVDI4NjUzMTcmc3RhbXA9ODRfMCZjb3VudHJ5PUJFJmJyb3dzZXI9RUJCUk9XU0VSJmJyb3dzZXJ2ZXJzaW9uPUVCQlJPV1NFUlZFUlNJT04iLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJhcHBzRGF0YSIsInVybCI6Imh0dHA6Ly9jbGllbnRzZXJ2aWNlLm1hbS5jb25kdWl0LXNlcnZpY2VzLmNvbS9hcHBzZGF0YT9jdGlkPUNUMjg2NTMxNyZzdGFtcD04NF8wJmNvdW50cnk9QkUmYnJvd3Nlcj1FQkJST1dTRVImYnJvd3NlcnZlcnNpb249RUJCUk9XU0VSVkVSU0lPTiYmbG9jYWw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MjQwfSx7Im5hbWUiOiJsb2NhbGl6YXRpb24iLCJ1cmwiOiJodHRwOi8vbG9jYWxpemF0aW9uc2VydmljZS5tYW0uY29uZHVpdC5jb20vZ2V0cHJvZHVjdHRyYW5zbGF0aW9uP3A9bWFtJmw9RUJMT0NBTEUiLCJpbnRlcnZhbCI6MTQ0MH0seyJuYW1lIjoibG9naW4iLCJ1cmwiOiJodHRwOi8vbWFtLWFsaXZlLW1zZy5jb25kdWl0LWRhdGEuY29tIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoidXNhZ2UiLCJ1cmwiOiJodHRwOi8vbWFtLXVzYWdlLmNvbmR1aXQtZGF0YS5jb20vIiwiaW50ZXJ2YWwiOjI0MH0seyJuYW1lIjoic2V0dXBBcGkiLCJ1cmwiOiJodHRwOi8vYy5zZXR1cGFwaS50b29sYmFyLmNvbmR1aXQtc2VydmljZXMuY29tL1Byb3BlcnRpZXMvanNvbi9DVDI4NjUzMTcvQ0MvQkUiLCJpbnRlcnZhbCI6MjQwfV19LCJsYXN0VXBkYXRlVGltZSI6MTM3NTg5NTc0MTk1N30="); user_pref("CT2865317.mam_gk_showCloseButton.enc", "dHJ1ZQ=="); user_pref("CT2865317.mam_gk_showWelcomeGadget.enc", "ZmFsc2U="); user_pref("CT2865317.mam_gk_user_approval_interacted.enc", "MQ=="); user_pref("CT2865317.mam_gk_userId.enc", "MThkZjNhZmYtMzc2Ny00Y2MxLWExMmQtZWYxODM5MzU1ZWM5"); user_pref("CT2865317.mam_gk_welcomeDialogMode.enc", "MQ=="); user_pref("CT2865317.migrateAppsAndComponents", true); user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"EB_MAIN_FRAME_TITLE\":\"\",\"EB_TOOLBAR_SUB_DOMAIN\":\"http://uTorrentBarNL.OurToolbar.com/\",\"EB_TOOLBAR_ID\":\"CT2865317\",\"EB_TOOLBAR_VERSION\":\"10.16.70.505\",\"EB_ORIGINAL_CTID\":\"CT2865317\",\"EB_DOWNLOAD_PAGE\":\"http://uTorrentBarNL.OurToolbar.com/\",\"EB_TOOLBAR_NAME\":\"uTorrentBar_NL\"}"); user_pref("CT2865317.newSettings", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2865317.openThankYouPage", "true"); user_pref("CT2865317.openUninstallPage", "false"); user_pref("CT2865317.originalSearchEngineName", "Search Here"); user_pref("CT2865317.PairingKey.enc", ""); user_pref("CT2865317.PG_ENABLE", "dHJ1ZQ=="); user_pref("CT2865317.price-gong.isManagedApp", "true"); user_pref("CT2865317.revertSettingsEnabled", "FALSE"); user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv"); user_pref("CT2865317.search.searchAppId", "129363015615338104"); user_pref("CT2865317.search.searchCount", "0"); user_pref("CT2865317.searchInNewTabEnabledByUser", "false"); user_pref("CT2865317.searchInNewTabEnabledInHidden", "true"); user_pref("CT2865317.searchRevert", "FALSE"); user_pref("CT2865317.searchSuggestEnabledByUser", "false"); user_pref("CT2865317.searchUserMode", "1"); user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}"); user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT2865317\"}"); user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"http://uTorrentBarNL.OurToolbar.com//xpi\"}"); user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"uTorrentBar_NL\"}"); user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}"); user_pref("CT2865317.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}"); user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1376780498128"); user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1376658480297"); user_pref("CT2865317.serviceLayer_services_Configuration_lastUpdate", "1376780497527"); user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1376658480059"); user_pref("CT2865317.serviceLayer_services_installUsage_ToolbarInstall_lastUpdate", "1373769275750"); user_pref("CT2865317.serviceLayer_services_installUsage_ToolbarInstallEarly_lastUpdate", "1373769272358"); user_pref("CT2865317.serviceLayer_services_location_lastUpdate", "1373769272527"); user_pref("CT2865317.serviceLayer_services_login_10.16.2.9_lastUpdate", "1373817687256"); user_pref("CT2865317.serviceLayer_services_login_10.16.4.519_lastUpdate", "1374763855313"); user_pref("CT2865317.serviceLayer_services_login_10.16.70.505_lastUpdate", "1376780498004"); user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1376658480012"); user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1376780497610"); user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1376780497364"); user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1376658479790"); user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1376787698267"); user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1376780498116"); user_pref("CT2865317.settingsINI", true); user_pref("CT2865317.SF_JUST_INSTALLED.enc", "RkFMU0U="); user_pref("CT2865317.SF_STATUS.enc", "RU5BQkxFRA=="); user_pref("CT2865317.SF_USER_ID.enc", "Y2lkXzE0NzIwMTM0MzQ0ODE3NjcyNjk="); user_pref("CT2865317.shouldFirstTimeDialog", "false"); user_pref("CT2865317.showToolbarPermission", "false"); user_pref("CT2865317.smartbar.CTID", "CT2865317"); user_pref("CT2865317.smartbar.homepage", true); user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL "); user_pref("CT2865317.smartbar.Uninstall", "0"); user_pref("CT2865317.startPage", "false"); user_pref("CT2865317.toolbarBornServerTime", "14-7-2013"); user_pref("CT2865317.toolbarCurrentServerTime", "18-8-2013"); user_pref("CT2865317.toolbarLoginClientTime", "Sun Jul 14 2013 04:34:35 GMT+0200 (Romance (standaardtijd))"); user_pref("CT2865317.url_history0001.enc", "aHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL21vc2xpbWFrZS5kZWVuL3Bvc3RzLzQ5NDg0ODE3NzI3MDg1OD9jb21tZW50X2lkPTMyMjM0NDAmb2Zmc2V0PTAmdG90YWxfY29tbWVudHM9MSZub3RpZl90PWZlZWRfY29tbWVudCM6OjpjbGlja2hhbmRsZXI6OjoxMzc0NzY0MzIxNTM3LCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tL21vc2xpbWFrZS5kZWVuL3Bvc3RzLzQ5NDg0ODE3NzI3MDg1OD9jb21tZW50X2lkPTMyMjM0NDAmb2Zmc2V0PTAmdG90YWxfY29tbWVudHM9MSZub3RpZl90PWZlZWRfY29tbWVudCM6OjpjbGlja2hhbmRsZXI6OjoxMzc0NzY0MzIxNTQwLCwsaHR0cHM6Ly93d3cuZmFjZWJvb2suY29tLz9yZWY9dG5fdG5tbjo6OmNsaWNraGFuZGxlcjo6OjEzNzQ3NjQzMjk0MjYsLCxodHRwczovL3d3dy5mYWNlYm9vay5jb20vP3JlZj10bl90bm1uOjo6Y2xpY2toYW5kbGVyOjo6MTM3NDc2NDMyOTQyOCwsLGh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS8jOjo6Y2xpY2toYW5kbGVyOjo6MTM3NDc2NDM5MDk2NywsLGh0dHBzOi8vd3d3LmZhY2Vib29rLmNvbS8jOjo6Y2xpY2toYW5kbGVyOjo6MTM3NDc2NDM5MDk3MA=="); user_pref("CT2865317.UserID", "UN35854658722291112"); user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6MzAwMTcsInRvcnJlbnRzIjpbXSwibGFiZWwiOltdLCJ0b3JyZW50YyI6IjQ1OTc5Nzk3MSIsInJzc2ZlZWRzIjpbXSwicnNzZmlsdGVycyI6W119"); user_pref("CT2865317.versionFromInstaller", "10.16.2.9"); user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1376780367636,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]"); user_pref("smartbar.conduitHomepageList", "http://search.conduit.com/?ctid=CT2865317&SearchSource=13"); user_pref("smartbar.defaultSearchOwnerCTID", "CT2865317"); user_pref("smartbar.homePageOwnerCTID", "CT2865317"); ---- Lines CT2865317 modified from prefs.js ---- ---- Lines CT2865317 removed from user.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines conduit removed from user.js ---- ---- Lines qvo6 removed from prefs.js ---- user_pref("browser.search.defaultenginename", "qvo6"); ---- Lines qvo6 modified from prefs.js ---- ---- Lines qvo6 removed from user.js ---- ---- Lines Search removed from prefs.js ---- user_pref("browser.search.selectedEngine", "Search Here"); ---- Lines Search modified from prefs.js ---- ---- Lines Search removed from user.js ---- ---- Lines search.com removed from prefs.js ---- ---- Lines search.com modified from prefs.js ---- ---- Lines search.com removed from user.js ---- ---- Lines defaulttab removed from prefs.js ---- user_pref("extensions.defaulttab.installdate", 1345130785); ---- Lines defaulttab modified from prefs.js ---- user_pref("extensions.enabledAddons", "pricepeep%40getpricepeep.com:2.2.0.2,plugin%40getwebcake.com:1.00.01,addon%40defaulttab.com:2.1,%7B87775fdb-6972-41f9-ae51-8326e38cb206%7D:10.16.70.505,%7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:22.0"); ---- Lines defaulttab removed from user.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 modified from prefs.js ---- ---- Lines 87775fdb-6972-41f9-ae51-8326e38cb206 removed from user.js ---- ---- Lines smartbar removed from prefs.js ---- user_pref("smartbar.machineId", "UJLLHHFRDUIWWONCRTGCUARM+HBLW8OPW7THVRRZZOW4AQ2OFTO9CNSANU+39M+HMJN+VG8ZHU4UXPN2VGLQSG"); ---- Lines smartbar modified from prefs.js ---- ---- Lines smartbar removed from user.js ---- ---- FireFox user.js and prefs.js backups ---- user_20-08-2013_2324_.backup user_25-03-2013_0047_.backup prefs_20-08-2013_2324_.backup prefs_25-03-2013_0047_.backup ==== Deleting Files \ Folders ====================== "C:\Users\user\Desktop\Schoon uw register gratis op.lnk" not found "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\delta.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\tuvaro.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\addon@defaulttab.com.xpi" deleted "C:\Program Files (x86)\trzC300.tmp" deleted "C:\Users\user\Downloads\iLividSetup.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_for_cyberlink-youcam.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_line.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_msn-messenger-8-5 (1).exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_msn-messenger-8-5.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_tango.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_utorrent.exe" deleted "C:\Users\user\Downloads\SoftonicDownloader_voor_windows-live-messenger-2012.exe" deleted "C:\Users\user\AppData\Roaming\Microsoft\Windows\SendTo\Desk 365.lnk" deleted "C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bprotector web data" deleted "C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences" deleted "C:\Windows\tasks\Torntv 2-codedownloader.job" deleted "C:\Windows\tasks\Torntv 2-enabler.job" deleted "C:\Windows\tasks\Torntv 2-updater.job" deleted "C:\windows\SysNative\tasks\Torntv 2-codedownloader" deleted "C:\windows\SysNative\tasks\Torntv 2-enabler" deleted "C:\windows\SysNative\tasks\Torntv 2-updater" deleted "C:\windows\SysNative\tasks\Desk 365 RunAsStdUser" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\babylon.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\search-here.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\Invalidprefs.js" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\bProtector_extensions.sqlite" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\bprotector_prefs.js" deleted "C:\Users\user\Desktop\rcpsetup_softonic_sd_global.exe" deleted "C:\Users\user\Desktop\Softonic.lnk" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\addon@defaulttab.com.xpi" deleted "C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe" deleted "C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe" deleted "C:\Program Files (x86)\Torntv 2" deleted "C:\Program Files (x86)\phpnuke" deleted "C:\Program Files (x86)\PC Speed Maximizer" deleted "C:\Users\user\AppData\Roaming\Betcat" deleted "C:\Users\user\AppData\LocalLow\phpnuke" deleted "C:\Windows\SysWow64\searchplugins" deleted "C:\Windows\SysWow64\Extensions" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\jetpack" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\CT2865317" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\CT2865317" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\smartbar" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{87775fdb-6972-41f9-ae51-8326e38cb206}" deleted ==== System Specs ====================== Windows: Windows 7 Home Premium Edition (64-bit) Service Pack 1 (Build 7601) Memory (RAM): 2811 MB CPU Info: AMD Athlon II P320 Dual-Core Processor CPU Speed: 2095,1 MHz Sound Card: Luidsprekers (High Definition A | Display Adapters: ATI Mobility Radeon HD 4200 | ATI Mobility Radeon HD 4200 | RDPDD Chained DD | RDP Encoder Mirror Driver | RDP Reflector Display Driver Monitors: 1x; Algemeen PnP-beeldscherm | Screen Resolution: 1366 X 768 - 32 bit Network: Network Present Network Adapters: Microsoft Virtual WiFi Miniport Adapter | Broadcom 802.11n Network Adapter | Realtek PCIe FE Family Controller CD / DVD Drives: 1x (D: | ) D: hp CDDVDW TS-L633N Ports: COM Ports NOT Present. LPT Port NOT Present. Mouse: 2 Button Mouse Present Hard Disks: C: 297,9GB Hard Disks - Free: C: 232,5GB Manufacturer *: Hewlett-Packard BIOS Info: AT/AT COMPATIBLE | 07/16/10 | HPQOEM - 3 Time Zone: Romance (standaardtijd) Motherboard *: Hewlett-Packard 143B Internet Explorer Version: 10.0.9200.16660 Sun Java version: No Java Installed? Country: Nederland Language: NLD ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\user\AppData\Local\Temp ==== 2013-08-11 18:41:23 D9A745E021F55AF4192E69EBE9B93F5C 319173 ----a-w- C:\Users\user\AppData\Local\Temp\Quarantine.exe ====== C:\Windows\SysWOW64 ===== 2013-08-15 17:41:34 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-08-15 17:41:34 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-08-15 17:41:31 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll 2013-08-15 17:41:31 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll 2013-08-15 17:41:30 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe 2013-08-15 17:41:30 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll 2013-08-15 17:41:29 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-08-15 17:41:26 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-08-15 17:41:25 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-08-15 17:41:22 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-08-15 17:41:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-08-15 17:41:18 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-08-15 17:41:17 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-08-15 17:41:15 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll 2013-08-15 17:41:07 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-08-15 13:49:42 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll 2013-08-15 13:49:41 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll 2013-08-15 13:49:41 7B851A8018B1EA00A69707A390004884 103936 ----a-w- C:\Windows\SysWOW64\cryptnet.dll 2013-08-15 13:49:41 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll 2013-08-15 13:49:09 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll 2013-08-15 13:49:03 9FA7BF625122CCAC90FCD307174D8CF3 3913664 ----a-w- C:\Windows\SysWOW64\ntoskrnl.exe 2013-08-15 13:48:59 DD5F17D44E9966E7EA447AE8C4D12D6C 3968960 ----a-w- C:\Windows\SysWOW64\ntkrnlpa.exe 2013-08-15 13:48:54 528D298F9914C558EA7A9809BE598E65 1292192 ----a-w- C:\Windows\SysWOW64\ntdll.dll 2013-08-15 13:48:53 77F5D2CB80697EB96C45E79A869A6FAC 14336 ----a-w- C:\Windows\SysWOW64\ntvdm64.dll 2013-08-15 13:48:46 4E77948A7BD16BA5724EC79C60176B03 5120 ----a-w- C:\Windows\SysWOW64\wow32.dll 2013-08-15 13:48:45 D313AE69128A75367AA36E15522931F6 7680 ----a-w- C:\Windows\SysWOW64\instnm.exe 2013-08-15 13:48:45 CFEEF3185342ADEAE1E77A017052565B 2048 ----a-w- C:\Windows\SysWOW64\user.exe 2013-08-15 13:48:45 3EED15C223E139C3A28B458800E52BF3 25600 ----a-w- C:\Windows\SysWOW64\setup16.exe 2013-08-15 13:48:41 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll 2013-08-15 13:48:29 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-08-15 17:41:34 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-08-15 17:41:33 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-08-15 17:41:31 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll 2013-08-15 17:41:31 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll 2013-08-15 17:41:30 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe 2013-08-15 17:41:30 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe 2013-08-15 17:41:29 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll 2013-08-15 17:41:28 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-08-15 17:41:25 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-08-15 17:41:25 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-08-15 17:41:24 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-08-15 17:41:20 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-08-15 17:41:18 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-08-15 17:41:17 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-08-15 17:41:12 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll 2013-08-15 17:41:11 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-08-15 13:49:42 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll 2013-08-15 13:49:41 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll 2013-08-15 13:49:41 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll 2013-08-15 13:49:41 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll 2013-08-15 13:49:09 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll 2013-08-15 13:48:57 C19DCA1024135D5485E25AB1047F77BC 5550528 ----a-w- C:\Windows\Sysnative\ntoskrnl.exe 2013-08-15 13:48:55 8E45DD84F8F786B2DB94AD95225B9246 1732032 ----a-w- C:\Windows\Sysnative\ntdll.dll 2013-08-15 13:48:54 D6180FBBADA79BC28E5FD8187EBE7F64 243712 ----a-w- C:\Windows\Sysnative\wow64.dll 2013-08-15 13:48:41 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll 2013-08-15 13:48:29 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL 2013-08-14 01:57:40 9AC9C0EEBA4C821D3C42441219B615E9 780 ----a-w- C:\Windows\Sysnative\.crusader ====== C:\Windows\Sysnative\drivers ===== 2013-08-15 13:48:28 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys 2013-08-15 13:48:26 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys 2013-07-25 14:54:59 E86C64478D9A90D62255FE9EB0150C6E 175 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys.sum 2013-07-25 14:54:59 A5F29AC2F0ADE8B995B49D7350CE3AC0 175 ----a-w- C:\Windows\Sysnative\drivers\aswSP.sys.sum 2013-07-25 14:54:59 2E83D2621E87C493AB45DC6655BA77D4 175 ----a-w- C:\Windows\Sysnative\drivers\aswSnx.sys.sum 2013-07-25 14:54:49 22F521108881DC59837F6FC614E0568F 189936 ----a-w- C:\Windows\Sysnative\drivers\aswVmm.sys 2013-07-25 14:54:48 5573AA70993A2BB81525B1C704B88763 65336 ----a-w- C:\Windows\Sysnative\drivers\aswRvrt.sys ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-08-14 01:34:40 -------- d-----w- C:\Program Files\HitmanPro ======= C:\Program Files (x86) ===== 2013-08-06 22:57:02 -------- d-----w- C:\Program Files (x86)\Trend Micro 2013-07-30 18:17:31 3005 ----a-w- C:\Program Files (x86)\WebCakeLayers.crx ======= C: ===== ====== C:\Users\user\AppData\Roaming ====== 2013-08-17 22:57:35 -------- d-----w- C:\users\user\AppData\Locallow\Google ====== C:\Users\user ====== 2013-08-18 12:31:13 F265E08A4A53E0FAFF655BF04C490F0C 666633 ----a-w- C:\Users\user\Downloads\adwcleaner (1).exe 2013-08-17 22:57:26 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth 2013-08-17 22:55:31 EFA066251FA0201D9AFE488A1F2F837F 784840 ----a-w- C:\Users\user\Downloads\GoogleEarthSetup.exe 2013-08-14 01:34:41 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro 2013-08-14 01:33:57 -------- d-----w- C:\ProgramData\HitmanPro 2013-08-14 01:30:21 248547E58ACFD1D474C1D692B82F6F77 9853928 ----a-w- C:\Users\user\Downloads\HitmanPro_x64.exe 2013-08-14 01:30:16 A5A273E596D685664192E4B04DC1350E 9167352 ----a-w- C:\Users\user\Downloads\HitmanPro.exe ====== C: exe-files == 2013-08-17 22:56:48 B21EBE35B22BE09004D4E5C3EA4BC9F2 25415728 ----a-w- C:\Program Files (x86)\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\7.1.1.1888\GoogleEarth-Win-Bundle-7.1.1.1888.exe 2013-08-15 17:41:26 7BA1862B8A5698DC5FCFDFF3BC359DE9 770648 ----a-w- C:\Program Files (x86)\Internet Explorer\iexplore.exe 2013-08-15 17:41:26 133CEF30905806A35606652D409EEEBA 775256 ----a-w- C:\Program Files\Internet Explorer\iexplore.exe 2013-08-14 01:34:41 47752D574C2D29BC807C0CF73093FB8A 109352 ----a-w- C:\Program Files\HitmanPro\hmpsched.exe 2013-08-14 01:34:40 248547E58ACFD1D474C1D692B82F6F77 9853928 ----a-w- C:\Program Files\HitmanPro\HitmanPro.exe 2013-08-14 01:07:47 86006D61F55EF1AA638458815E09CD34 4951040 ----a-w- C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVFWUPXF\component_libcef_1.1364.1123[1].exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Softonic for Windows"="C:\Users\user\AppData\Local\Softonic\Softonic.exe -minimize" "uTorrent"="C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" "Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" "BlueStacks Agent"="C:\Program Files (x86)\BlueStacks\HD-Agent.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" "Softonic for Windows"="C:\Users\user\AppData\Local\Softonic\Softonic.exe -minimize" "uTorrent"="C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED" "RESTART_STICKY_NOTES"="C:\Windows\System32\StikyNot.exe" ==== Startup Folders ====================== 2013-01-22 23:27:10 2046 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [20-08-2013 23:29] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000Core.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 22:40] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000UA.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 22:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 17:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 17:10] ==== Firefox Extensions ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default - WebCake - %ProfilePath%\extensions\plugin@getwebcake.com - PricePeep - %ProfilePath%\extensions\pricepeep@getpricepeep.com.xpi - Torntv 3 - %ProfilePath%\extensions\trtv3@trtv.com.xpi ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Deleting Files \ Folders ====================== "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\pricepeep@getpricepeep.com.xpi" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\trtv3@trtv.com.xpi" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\plugin@getwebcake.com" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions bicnnkjibmphdeigoodpjlcklcnaobdj - C:\Program Files (x86)\TornTV.com\torntv10.crx[] cngompmodgafkkffefbfbghhciijojjh - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\phpnuke.crx[] omgjkafaoidbgamjoklhaiiciahohkbh - C:\Program Files (x86)\tuvaro\tuvaro\1.8.17.1\tuvaro.crx[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\user\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[31-01-2013 03:22] Google Docs - Gast - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - Gast - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo PhpNuke Chrome Toolbar - Gast - Default\Extensions\cngompmodgafkkffefbfbghhciijojjh Google Search - Gast - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - Gast - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Tuvaro Chrome Toolbar - Gast - Default\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh Gmail - Gast - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia DvdVideoSoft Free Youtube Download - user - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp ==== Chrome Fix ====================== C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-audio-converter.nl.softonic.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_free-audio-converter.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.nl.softonic.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_utorrent.nl.softonic.com_0.localstorage-journal deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage deleted successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www1.delta-search.com_0.localstorage-journal deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\cngompmodgafkkffefbfbghhciijojjh deleted successfully C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh deleted successfully ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" "Default_Page_URL"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://www.google.com" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://tuvaro.com/ws/?source=99ec39d5&tbp=homepage&toolbarid=base&u=82cdbe08000000000000c446195b76cf" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://tuvaro.com/ws/?source=99ec39d5&tbp=homepage&toolbarid=base&u=82cdbe08000000000000c446195b76cf" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://www.google.com" [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main] "Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" "Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SR" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {CB42C524-40E8-41B9-B630-EE89F44BA6C7} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=020613&q={searchTerms}&src=IE-SearchBox" ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\bicnnkjibmphdeigoodpjlcklcnaobdj deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\cngompmodgafkkffefbfbghhciijojjh deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\omgjkafaoidbgamjoklhaiiciahohkbh deleted successfully ==== HijackThis Entries ====================== F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\user\AppData\Local\Softonic\Softonic.exe" -minimize O4 - HKCU\..\Run: [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FA1E0D4A-AE05-470F-A76E-EE2C327E56B3}: NameServer = 212.217.0.1 212.217.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Temp\acrord32_sbx\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVFWUPXF will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eu7oqqak.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\iysuyrxl.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\uaonk95b.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\x2r8zr9s.default\Cache emptied successfully C:\users\user\AppData\Local\Mozilla\Firefox\Profiles\7onkgtuy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\XVFWUPXF" not found ==== EOF on di 20-08-2013 at 23:47:30,45 ====================== -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Hoi, ik heb deel 2 herhaald, maar nu ging wel mijn laptop uit, behalve dat ik geen logje kreeg na herstarten, in c-map vind ik het logje ook niet.... dankje... -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Heb het mapje gevonden met deze gegevens... # AdwCleaner v2.115 - Verslag gemaakt op 24/03/2013 om 20:36:12 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium (64 bits) # Gebruiker : user - USER-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\user\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\END File Verwijdert : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml File Verwijdert : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\DealPly Map Verwijdert : C:\Program Files (x86)\DVDVideoSoftTB Map Verwijdert : C:\Program Files (x86)\Smart Driver Updater Map Verwijdert : C:\ProgramData\APN Map Verwijdert : C:\ProgramData\askpartnernetwork Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\Browser Manager Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater Map Verwijdert : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Verwijdert bij het opstarten : C:\Program Files (x86)\askpartnernetwork Verwijdert bij het opstarten : C:\Program Files (x86)\search results toolbar ***** [Register] ***** Data Verwijdert : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll Data Verwijdert : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll Sleutel Verwijdert : HKCU\Software\APN DTX Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\DealPly Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijdert : HKCU\Software\PIP Sleutel Verwijdert : HKCU\Software\Smart Driver Updater Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard Sleutel Verwijdert : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\DealPly Sleutel Verwijdert : HKLM\Software\DVDVideoSoftTB Sleutel Verwijdert : HKLM\Software\iLividSRTB Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27F9950D-07A2-488E-99B5-EA6851057EDE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8C05BDB-168A-4821-ABC0-709863A9D9F2} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Sleutel Verwijdert : HKLM\SOFTWARE\DataMngr Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smart Driver Updater] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v19.0 (nl) -\\ Google Chrome v25.0.1364.172 ************************* AdwCleaner[s1].txt - [9164 octets] - [24/03/2013 20:36:12] ########## EOF - C:\AdwCleaner[s1].txt - [9224 octets] ########## -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Van deel 3: HitmanPro 3.7.7.203 www.hitmanpro.com Computer name . . . . : USER-PC Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : user-PC\user UAC . . . . . . . . . : Enabled License . . . . . . . : Trial (30 days left) Scan date . . . . . . : 2013-08-14 03:34:42 Scan mode . . . . . . : Normal Scan duration . . . . : 17m 46s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : Yes Threats . . . . . . . : 137 Traces . . . . . . . : 6431 Objects scanned . . . : 2.014.732 Files scanned . . . . : 181.286 Remnants scanned . . : 884.705 files / 948.741 keys Malware _____________________________________________________________________ C:\Users\user\AppData\Local\Temp\is1275519350\LollipopInstaller.exe -> Deleted Size . . . . . . . : 379.904 bytes Age . . . . . . . : 31.0 days (2013-07-14 04:33:47) Entropy . . . . . : 6.6 SHA-256 . . . . . : A99EE4024E495B35CFA6F7A4F8E7CBA7F02A6C4EE04FBF25335441C037FC521F Product . . . . . : lo--p-lil--p-o Publisher . . . . : lo--p-lil--p-o Version . . . . . : 1.0.5.5 Copyright > G Data . . . . . . : Application.Generic.568045 > Ikarus . . . . . . : Trojan.Win32.Wintrim!IK Fuzzy . . . . . . : 100.0 Malware remnants ____________________________________________________________ HKLM\SOFTWARE\Classes\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho.1\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\PricePeep.PricePeepBho\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{38A066B0-DD5F-4226-AC4F-6A27C1BFB892}\ (Adware.ClickPotato) -> PendingDelete HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1B97A696-5576-43AC-A73B-E1D2C78F21E8}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{75BF416E-4326-45B5-8A2D-AE32D05B930B}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{3BF3DED5-0FC8-4207-AC09-AA7B5AF4E408}\ (Adware.ClickPotato) -> PendingDelete HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{FD6D90C0-E6EE-4BC6-B9F7-9ED319698007}\ (Adware.ClickPotato) -> Deleted HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\PricePeep\ (Adware.ClickPotato) -> Deleted Potential Unwanted Programs _________________________________________________ C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gaiilaahiahdejapggenmdmafpmbipje_0.localstorage (Delta Search) C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gaiilaahiahdejapggenmdmafpmbipje_0.localstorage-journal (Delta Search) C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bprotector web data (Claro) C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences (Claro) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\bProtector_extensions.sqlite (Claro) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\bprotector_prefs.js (Claro) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\chrome.manifest (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\components\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\components\FFDisp.dll (Delta Search) Size . . . . . . . : 28.160 bytes Age . . . . . . . : 31.0 days (2013-07-14 04:34:33) Entropy . . . . . : 6.0 SHA-256 . . . . . : A143E0A4944A9F957DEA8F6A1D323D1790DA338CD1CA2D8F5A868C9E4E22216C Product . . . . . : TODO: <Product name> Publisher . . . . : TODO: <Company name> Description . . . : TODO: <File description> Version . . . . . : 1.0.0.1 Copyright . . . . : TODO: (c) <Company name>. All rights reserved. Fuzzy . . . . . . : 3.0 C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\delta.css (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\delta.xul (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\dpk.htm (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\hlprs.js (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\arwDwn.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\closeo.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ae.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\bg.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ch.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cn.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cz.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\de.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\eg.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\en.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\es.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\fr.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\gr.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\he.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\il.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\it.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ja.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\jp.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\nl.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\no.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pl.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pt.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ro.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ru.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sa.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\se.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sv.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\tr.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ua.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\us.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\help_16.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\home.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\icon_seperator.png (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\logo.PNG (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\privecy_16_hot.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\sign.jpg (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\specialoffer.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\tellafriend.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\imgs\uninstall.gif (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\loader.xul (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\mtstart.js (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\serp.js (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\content\tmplt.js (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\install.rdf (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\META-INF\ (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\META-INF\manifest.mf (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\META-INF\zigbert.rsa (Delta Search) C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\ffxtlbr@delta.com\META-INF\zigbert.sf (Delta Search) HKLM\SOFTWARE\Classes\AppID\escort.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\escortApp.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\escortEng.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\esrv.EXE\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\{39CB8175-E224-4446-8746-00566302DF8D}\ (Delta Search) HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}\ (Funmoods) HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search) HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\ (Funmoods) HKLM\SOFTWARE\Classes\delta.deltaappCore.1\ (Delta Search) HKLM\SOFTWARE\Classes\delta.deltaappCore\ (Delta Search) HKLM\SOFTWARE\Classes\delta.deltadskBnd.1\ (Delta Search) HKLM\SOFTWARE\Classes\delta.deltadskBnd\ (Delta Search) HKLM\SOFTWARE\Classes\delta.deltaHlpr.1\ (Delta Search) HKLM\SOFTWARE\Classes\delta.deltaHlpr\ (Delta Search) HKLM\SOFTWARE\Classes\escort.escortIEPane.1\ (Funmoods) HKLM\SOFTWARE\Classes\escort.escortIEPane\ (Funmoods) HKLM\SOFTWARE\Classes\esrv.deltaESrvc.1\ (Delta Search) HKLM\SOFTWARE\Classes\esrv.deltaESrvc\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{1231839B-064E-4788-B865-465A1B5266FD}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{57C91446-8D81-4156-A70E-624551442DE9}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}\ (Delta Search) HKLM\SOFTWARE\Classes\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}\ (Delta Search) HKLM\SOFTWARE\Classes\Prod.cap\ (Claro) HKLM\SOFTWARE\Classes\s\ (Softonic) HKLM\SOFTWARE\Classes\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\ (Delta Search) HKLM\SOFTWARE\Classes\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\ (Delta Search) HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\ (Funmoods) HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\escort.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\escortApp.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\escortEng.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\escorTlbr.DLL\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\esrv.EXE\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{39CB8175-E224-4446-8746-00566302DF8D}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{261DD098-8A3E-43D4-87AA-63324FA897D8}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{4FCB4630-2A1C-4AA1-B422-345E8DC8A6DE}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{82E1477C-B154-48D3-9891-33D83C26BCD3}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{86838207-681D-469D-9511-D0DCC6F19F9B}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{E97A663B-81A6-49C5-A6D3-BCB05BA1DE26}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{1231839B-064E-4788-B865-465A1B5266FD}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{2DAC2231-CC35-482B-97C5-CED1D4185080}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3F1CD84C-04A3-4EA0-9EA1-7D134FD66C82}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3F83A9CA-B5F0-44EC-9357-35BB3E84B07F}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{47E520EA-CAD2-4F51-8F30-613B3A1C33EB}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{57C91446-8D81-4156-A70E-624551442DE9}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{70AFB7B2-9FB5-4A70-905B-0E9576142E1D}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{7AD65FD1-79E0-406D-B03C-DD7C14726D69}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{97DD820D-2E20-40AD-B01E-6730B2FCE630}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{B177446D-54A4-4869-BABC-8566110B4BE0}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{D9D1DFC5-502D-43E4-B1BB-4D0B7841489A}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{E0B07188-A528-4F9E-B2F7-C7FDE8680AE4}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{F05B12E1-ADE8-4485-B45B-898748B53C37}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{39CB8175-E224-4446-8746-00566302DF8D}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{4599D05A-D545-4069-BB42-5895B4EAE05B}\ (Delta Search) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}\ (Funmoods) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}\ (Funmoods) HKLM\SOFTWARE\Tarma Installer\Components\{8D8654CD-7FBC-4C7E-84E9-371BFA8DB04E}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{9307081B-7444-494C-8CF6-2FA7C0E92BFB}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{9D9785E5-3424-40B6-A287-BA143AD53109}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{A8F0AD53-1AEE-447E-89CD-71C325796F84}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{B6783DFA-B8C8-4CB6-AB9F-EF1A1F7F7AE8}\ (Yontoo) HKLM\SOFTWARE\Tarma Installer\Components\{F5F971A9-DBF8-4EEC-81E3-5F1660573E6C}\ (Yontoo) HKLM\SOFTWARE\Wow6432Node\DataMngr\ (SearchQU) HKLM\SOFTWARE\Wow6432Node\Delta\delta\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eooncjejnppfjjklapaamhcdmjbilmde\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{348C2DF3-1191-4C3E-92A6-B3A89A9D9C85}\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{82E1477C-B154-48D3-9891-33D83C26BCD3} (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\Browser Helper Objects\{C1AF5FA5-852C-4C90-812E-A7F75E011D87}\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\delta\ (Delta Search) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}\ (Claro) HKU\.DEFAULT\Software\DealPly\ (Delta Search) HKU\S-1-5-18\Software\DealPly\ (Delta Search) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\AppDataLow\Software\SmartBar\ (Conduit) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Conduit\ (Conduit) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\DataMngr\ (SearchQU) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\DataMngr_Toolbar\ (SearchQU) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Delta\delta\ (Delta Search) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\Main\bProtector Start Page (Claro) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\bProtectorDefaultScope (Claro) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}\ (Babylon) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings\ (Claro) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{82E1477C-B154-48D3-9891-33D83C26BCD3}\ (Delta Search) HKU\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Softonic\ (Softonic) Cookies _____________________________________________________________________ C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:2o7.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.about.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:autoscout24.112.2o7.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:content.yieldmanager.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:fl01.ct2.comclick.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:interclick.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:network.realmedia.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com C:\Users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default\cookies.sqlite:doubleclick.net C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default\cookies.sqlite:serving-sys.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:ad.yieldmanager.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:ads.trafficjunky.net C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:be.sitestat.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:doubleclick.net C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:engine.phn.doublepimp.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:****hub.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\cookies.sqlite:www.****hub.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:ad.360yield.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:atdmt.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:be.sitestat.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:doubleclick.net C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:h.atdmt.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:serving-sys.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:statse.webtrendslive.com C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\cookies.sqlite:www.googleadservices.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adc-serv.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.adserver01.de C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.e-kolay.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.prismamediadigital.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.propellerads.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.yieldmanager.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adbrite.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adinterax.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adhese.be C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.glispa.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.horyzon-media.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.justpremium.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.marokkomedia.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pointroll.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.textopus.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.undertone.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.7searchdisplayads.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserving.unibet.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:adverteerdirect.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertstream.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:apmebf.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:be.sitestat.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:bs.serving-sys.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:c.atdmt.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:clubmedbelgique.solution.weborama.fr C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:fl01.ct2.comclick.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:h.atdmt.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:idfact.adservinginternational.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:invitemedia.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:microsoftwindows.112.2o7.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:mm.chitika.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:msnbc.112.2o7.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:nl.sitestat.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:overture.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:paypal.112.2o7.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:pointroll.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:pool-eu-ie.creative-serving.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ptvgoalv15.122.2o7.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.dealtime.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:stat.onestat.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.zalando.be C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:tradedoubler.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:view.atdmt.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:watagame.adservinginternational.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:weborama.fr C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:ww251.smartadserver.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.belstat.nl C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.etracker.de C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:www4.smartadserver.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:xiti.com C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:zeddigitalbe.solution.weborama.fr C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:zeddigitalnl.solution.weborama.fr C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Cookies:zedo.com C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\1888BCT9.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\195532K9.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\3D5IFMKA.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\7PJ9BLYR.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\7WAUOFB4.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\8AM8Y0DX.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\DCPYOB8V.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\DT5FW1PH.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\DXUPG40U.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\GCURPYF0.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\HVTV8SAT.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\JD0GZY3M.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\U4C98DKR.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\WQ20G7W7.txt C:\Users\user\AppData\Roaming\Microsoft\Windows\Cookies\YVWXGEZ4.txt C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ad.360yield.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ad.mlnadvertising.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ad.yieldmanager.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ad.zanox.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:adbrite.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.creative-serving.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.mail3x.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.marokkomedia.nl C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.p161.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.pointroll.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ads.pubmatic.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:adtech.de C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:adtechus.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:adultfriendfinder.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:advertising.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:apmebf.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:at.atwola.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:atdmt.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:be.sitestat.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:bs.serving-sys.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:burstnet.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:c.atdmt.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:casalemedia.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:clubmedbelgique.solution.weborama.fr C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:collective-media.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:crazyhomesex.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:doubleclick.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:eas.apm.emediate.eu C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:emjcd.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ero-advertising.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:exoclick.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ext.myshopres.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:fastclick.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:fl01.ct2.comclick.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:h.atdmt.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:invitemedia.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:media6degrees.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:mediaplex.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:pointroll.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:revsci.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:ru4.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:serving-sys.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:specificclick.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:stat.onestat.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:statcounter.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:stats.sexpillguru.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:statse.webtrendslive.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:streamate.doublepimp.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:tacoda.at.atwola.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:track.adform.net C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:tradedoubler.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:tribalfusion.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:weborama.fr C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:www.googleadservices.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:xiti.com C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\cookies.sqlite:zedo.com - - - Updated - - - Van deel 2 heb ik geen logje ontvangen, laptop is ook niet herstart... Dank jeuh... -
reclame die niet wil versdwijnen
evelie reageerde op evelie's topic in Archief Bestrijding malware & virussen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 1:05:33, on 7-8-2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16635) Boot mode: Normal Running processes: C:\Program Files (x86)\Tango\Tango.exe C:\Program Files (x86)\Desk 365\desk365.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Users\user\AppData\Local\Softonic\Softonic.exe C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\user\AppData\Roaming\Web Cake\WebCakeDesktop.exe C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\BlueStacks\HD-Agent.exe C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Users\user\AppData\Local\Lollipop\Lollipop.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Delta Search R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: CrossriderApp0035578 - {11111111-1111-1111-1111-110311551178} - C:\Program Files (x86)\Torntv 2\Torntv 2-bho.dll O2 - BHO: WebCake Layers - {2A5A2A90-3B30-4E6E-A955-2F232C6EF517} - C:\Program Files (x86)\WebCake\WebCakeIEClient.dll O2 - BHO: tuvaro Helper Object - {5CB02877-EFBC-4317-B608-9E24B11BAB40} - C:\Program Files (x86)\tuvaro\tuvaro\1.8.17.1\bh\tuvaro.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files (x86)\Delta\delta\1.8.21.5\bh\delta.dll O2 - BHO: PricePeep - {FD6D90C0-E6EE-4BC6-B9F7-9ED319698007} - C:\Program Files (x86)\PricePeep\pricepeep.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Tuvaro Toolbar - {6F001652-AF51-45C6-B029-86E0265A1851} - C:\Program Files (x86)\tuvaro\tuvaro\1.8.17.1\tuvaroTlbr.dll O3 - Toolbar: AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\15.4.0.5\AVG SafeGuard toolbar_toolbar.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files (x86)\Delta\delta\1.8.21.5\deltaTlbr.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [blueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe" O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKCU\..\Run: [softonic for Windows] "C:\Users\user\AppData\Local\Softonic\Softonic.exe" -minimize O4 - HKCU\..\Run: [uTorrent] "C:\Users\user\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [WebCake Desktop] C:\Users\user\AppData\Roaming\Web Cake\WebCakeDesktop.exe O4 - HKCU\..\Run: [Desk 365] "C:\Program Files (x86)\Desk 365\desk365.exe" /autorun O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - Startup: lollipop.lnk = user\AppData\Local\Lollipop\Lollipop.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{FA1E0D4A-AE05-470F-A76E-EE2C327E56B3}: NameServer = 212.217.0.1 212.217.1.1 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll O20 - AppInit_DLLs: c:\progra~3\browse~1\261519~1.190\{c16c1~1\browse~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: BrowserDefendert - Unknown owner - C:\ProgramData\BrowserDefender\2.6.1519.190\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\user\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files (x86)\Desk 365\deskSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) O23 - Service: Wsys Service (WsysSvc) - Wsys Co., Ltd. - C:\ProgramData\eSafe\eGdpSvc.exe -- End of file - 13996 bytes Dit is het hoop ik.... -
reclame die niet wil versdwijnen
evelie plaatste een topic in Archief Bestrijding malware & virussen
Beste Ik zit met een probleem... Mijn laptop geeft niks anders dan reclame en zodra ik op kruisje druk, sluit het alles wat ik geopend heb. En mijn volgende probleem is, dat ik mijn webcame neit aankrijg, sinds ik die ben gaan late maken (heeft mijn laptop geformateerd). Alvast heel fel bedankt... -
Beste Ik heb veel zaken op mijn laptop die absoluut weg mogen. Zoals Paltalk, ik snap nog steeds niet wat die hier doet (misschien broertje gedownload) maar hoe krijg ik die trg weg. En er zijn nog zoveel zaken die weg mogen. Alvast bedankt...
-
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Probleem is nog niet helemaal opgelost want ik zit namelijk nog met die gast-account die ik er maar niet weg krijg. En nog steeds springt mijn muis ergens anders tijdens typen. Maar het opstarten is wel verbeterd.. -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Oh super!!! Klopt nu werkt het geheugenkaartje wel, haha zolang niet kunnen gebruiken door zo iets stoms..... Bedankt!!! -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Heb het vorige gedaan... kreeg als melding: "Er zijn geen schendingen van de integriteit gevonden", -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Ok ik ga nu direct dit doen... Maar nu nog even snel iets anders. Ik probeer al weken muziek op een geheugenkaartje te plaatsen maar deze neemt niets op en krijg telkens dit: De schijf is tegen schrijven beveiligd. Verwijder de schrijfbeveilinging op deze schijf of gebruik een ander schijf Opnieuw proberen Annuleren -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
geen verdere hulp mogelijk? -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Wel eigenlijk staat gastaccount er nog. En leest altijd mijn mp3's en geheugenkaarten ook nog niet. Hapert ook nog steeds en soms na slaapstand krijg ik die niet trg aan (heb gwn een zwart scherm zonder muis). En bij het opstarten doet laptop nog moeilijk, krijg het niet opgestart dan moet ik nog steeds via knop weer afsluiten om laptop weer te proberen op te starten. -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Zoek.exe Version 4.0.0.2 Updated 23-03-2013 Tool run by user on ma 25-03-2013 at 15:00:30,85. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected ==== Deleting Files \ Folders ====================== "C:\users\Gast\AppData\Locallow\PriceGong" deleted "C:\users\Gast\AppData\Locallow\Conduit" deleted "C:\users\Gast\AppData\Local\AskPartnerNetwork" deleted "C:\users\Gast\AppData\Locallow\DataMngr" deleted "C:\users\Gast\AppData\Locallow\DVDVideoSoftTB" deleted "C:\users\Gast\AppData\Locallow\searchresultstb" deleted "C:\users\Gast\AppData\Locallow\ilividtoolbargaw" deleted ==== Firefox Extensions ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default - Undetermined - C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default 47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cngompmodgafkkffefbfbghhciijojjh - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\phpnuke.crx[08-01-2013 11:35] icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30-10-2012 23:48] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\user\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[31-01-2013 02:22] Google Docs - Gast - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf PhpNuke Chrome Toolbar - Gast - Default\Extensions\cngompmodgafkkffefbfbghhciijojjh DealPly - Gast - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje avast WebRep - Gast - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Ask Toolbar - user - Default\Extensions\aaaamimnpkdpdjjghfpgplccimklgpce Google Drive - user - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - user - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo PhpNuke Chrome Toolbar - user - Default\Extensions\cngompmodgafkkffefbfbghhciijojjh Google Search - user - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - user - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda DvdVideoSoft Free Youtube Download - user - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Gmail - user - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Hey, Ja ik heb het gast-account uitgeschakeld, wanneer ik naar gebruiksaccounts zie ik hem niet ingeschakeld maar wanneer ik mijn laptop opstart zie ik hem nog steeds staan en kan ik nog steeds in werken. Service pack 1 ga ik nu downloaden. Bedankt. Neen geen speciale reden. Reden is enkel pc-analfabeet, is dus nog leren wat laptop vooral nodig heeft en wat vooral niet aanwezig moet zijn. Euhm of ik regelmatig windows updates doe? Wel ik wist niet eens wat updates zijn, ben het even gaan zoeken. Euhm ik kom niet veel aan mijn laptop op dat gebied betreft dus ik denk het niet, maar miss doet mijn laptop het automatisch zonder dat ik er iets van merk. Echt bedankt, apprecieer ik enorm, deze link is top!!! -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Oh super!!! Hoop dat dit nu ook goed is... (anti-virusje enz had ik wel niet afgesloten want vond het pictogrammetje niet hehe) Zoek.exe Version 4.0.0.2 Updated 23-03-2013 Tool run by user on ma 25-03-2013 at 0:39:57,81. Microsoft Windows 7 Home Premium 6.1.7600 x64 Running in: Normal Mode Internet Access Detected ==== Deleting CLSID Registry Keys ====================== HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{4C4BE1A4-E313-4A36-BD05-EED6ABC92720} deleted successfully HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Internet Explorer\SearchScopes\{CF90FD80-7C18-44E5-89E1-DAEA39DFEF70} deleted successfully ==== Deleting CLSID Registry Values ====================== ==== FireFox Fix ====================== Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default\prefs.js: Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\prefs.js: Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\prefs.js: Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\x2r8zr9s.default\prefs.js: Added to C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\x2r8zr9s.default\prefs.js: user_pref("browser.startup.homepage", "http://www.google.com"); user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.newtab.url", "http://www.google.com/"); user_pref("browser.search.defaultengine", "Google"); user_pref("browser.search.defaultenginename", "Google"); user_pref("browser.search.selectedEngine", "Google"); user_pref("browser.search.order.1", "Google"); user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q="); user_pref("browser.search.suggest.enabled", true); user_pref("browser.search.useDBForOrder", true); Deleted from C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\prefs.js: user_pref("browser.startup.homepage", "http://www.searchnu.com/406"); user_pref("browser.search.defaultenginename", "Search Results"); user_pref("browser.search.selectedEngine", "DVDVideoSoftTB Customized Web Search"); user_pref("browser.search.order.1", "Search Results"); user_pref("keyword.URL", "http://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=3910224318844434&o=APN10645&q="); user_pref("browser.search.useDBForOrder", true); Added to C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\prefs.js: ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\eu7oqqak.default user.js not found ---- Lines phpnuke removed from prefs.js ---- ---- Lines phpnuke modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines searchnu.com removed from prefs.js ---- ---- Lines searchnu.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\iysuyrxl.default user.js not found ---- Lines phpnuke removed from prefs.js ---- ---- Lines phpnuke modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines searchnu.com removed from prefs.js ---- ---- Lines searchnu.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\uaonk95b.default user.js not found ---- Lines phpnuke removed from prefs.js ---- ---- Lines phpnuke modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines searchnu.com removed from prefs.js ---- ---- Lines searchnu.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"wrc@avast.com\":{\"descriptor\":\"C:\\\\Program Files\\\\AVAST Software\\\\Avast\\\\WebRep\\\\FF\",\"mtime\":1356794592613}}},{\"name\":\"app-global\",\"addons\":{\"{1FD91A9C-410C-4090-BBCC-55D3450EF433}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Search Results Toolbar\\\\Datamngr\\\\FirefoxExtension\",\"mtime\":1361474036270},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1361381556160}}}]"); ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\x2r8zr9s.default user.js not found ---- Lines phpnuke removed from prefs.js ---- ---- Lines phpnuke modified from prefs.js ---- ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines searchnu.com removed from prefs.js ---- ---- Lines searchnu.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_25-03-2013_0047_.backup ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default ---- Lines phpnuke removed from prefs.js ---- ---- Lines phpnuke modified from prefs.js ---- ---- Lines phpnuke removed from user.js ---- user_pref("extensions.phpnuke.hpOld0", "http://search.conduit.com/?ctid=CT2269050&SearchSource=13&CUI=UN76778269614212159"); user_pref("extensions.phpnuke.tlbrSrchUrl", "http://search.phpnuke.org/?lang={dfltLng}&cid=c2a242b1&q="); user_pref("extensions.phpnuke.id", "82cdbe08000000000000c446195b76cf"); user_pref("extensions.phpnuke.appId", "{87E4259D-46BF-45EC-A1E5-88D3560EB001}"); user_pref("extensions.phpnuke.instlDay", "15736"); user_pref("extensions.phpnuke.vrsn", "1.8.8.12"); user_pref("extensions.phpnuke.vrsni", "1.8.8.12"); user_pref("extensions.phpnuke.vrsnTs", "1.8.8.122:24:00"); user_pref("extensions.phpnuke.prtnrId", "Phpnuke"); user_pref("extensions.phpnuke.prdct", "phpnuke"); user_pref("extensions.phpnuke.aflt", "orgnl"); user_pref("extensions.phpnuke.smplGrp", "none"); user_pref("extensions.phpnuke.tlbrId", "base"); user_pref("extensions.phpnuke.instlRef", ""); user_pref("extensions.phpnuke.dfltLng", "nl"); user_pref("extensions.phpnuke.excTlbr", false); user_pref("extensions.phpnuke.admin", false); user_pref("extensions.phpnuke.autoRvrt", "false"); user_pref("extensions.phpnuke.rvrt", "true"); user_pref("extensions.phpnuke.hmpg", true); user_pref("extensions.phpnuke.hmpgUrl", "http://search.phpnuke.org/?lang=nl&cid=c2a242b1"); user_pref("extensions.phpnuke.dfltSrch", true); user_pref("extensions.phpnuke.srchPrvdr", "Search The Web (phpnuke)"); user_pref("extensions.phpnuke.kw_url", "http://search.phpnuke.org/?lang=nl&cid=c2a242b1&q="); user_pref("extensions.phpnuke.dnsErr", true); user_pref("extensions.phpnuke.newTab", true); user_pref("extensions.phpnuke.newTabUrl", "http://search.phpnuke.org/?lang=nl&cid=c2a242b1"); ---- Lines CT2269050 removed from prefs.js ---- ---- Lines CT2269050 modified from prefs.js ---- ---- Lines conduit removed from prefs.js ---- ---- Lines conduit modified from prefs.js ---- ---- Lines searchnu.com removed from prefs.js ---- ---- Lines searchnu.com modified from prefs.js ---- ---- Lines Web Search removed from prefs.js ---- ---- Lines Web Search modified from prefs.js ---- ---- Lines Customized removed from prefs.js ---- ---- Lines Customized modified from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ---- ---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ---- ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- Lines smartbar removed from prefs.js ---- ---- Lines smartbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- user_25-03-2013_0047_.backup prefs_25-03-2013_0047_.backup ==== Deleting Files \ Folders ====================== "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\phpnuke.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\dvdvideosofttb-customized-web-search.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Users\user\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted "C:\Users\user\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\ask-search.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\dvdvideosofttb-customized-web-search.xml" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\searchplugins\Search_Results.xml" deleted "C:\Program Files (x86)\Search Results Toolbar" deleted "C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted "C:\Users\user\AppData\Roaming\DealPly" deleted "C:\Users\user\AppData\Roaming\OpenCandy" deleted "C:\ProgramData\Wincert" deleted "C:\Users\user\AppData\Local\iLivid" deleted "C:\Users\user\AppData\Local\Conduit" deleted "C:\Users\user\AppData\LocalLow\ilividtoolbargaw" deleted "C:\Users\user\AppData\LocalLow\DataMngr" deleted "C:\Users\user\AppData\LocalLow\PriceGong" deleted "C:\Users\user\AppData\LocalLow\Conduit" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\staged" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\CT2269050" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\CT2269050" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\ilividtoolbargaw" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\smartbar" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== 2013-03-24 19:36:26 2DE4BA8D9B1E2FCE26F5D13A7C4CEE59 169 ----a-w- C:\Windows\DeleteOnReboot.bat 2013-02-23 14:14:16 7F9DB2DE2E3228F6B498FD6B2C4C54C8 300997726 ----a-w- C:\Windows\MEMORY.DMP ====== C:\Users\user\AppData\Local\Temp ==== ====== C:\Windows\SysWOW64 ===== 2013-03-14 02:01:07 E7E671A2A0159ED8D86CA98DF134BB70 73216 ----a-w- C:\Windows\SysWOW64\mshtmled.dll 2013-03-14 02:01:07 60D6B33E77A297AA1B14BF0452C20471 2382848 ----a-w- C:\Windows\SysWOW64\mshtml.tlb 2013-03-14 02:01:06 C9A2D460FD5E409C9320B4CE68A81549 420864 ----a-w- C:\Windows\SysWOW64\vbscript.dll 2013-03-14 02:01:05 15CF0E37F2B406BDE06CBA4F507B25DE 176640 ----a-w- C:\Windows\SysWOW64\ieui.dll 2013-03-14 02:01:03 D0F2CB059B2A89AD5B24FD9EB8D784BE 231936 ----a-w- C:\Windows\SysWOW64\url.dll 2013-03-14 02:01:03 C43AFA13B552BCC4352106193F008229 142848 ----a-w- C:\Windows\SysWOW64\ieUnatt.exe 2013-03-14 02:01:01 2A324C44A1B2352EF5F2E1C8984935C0 1427968 ----a-w- C:\Windows\SysWOW64\inetcpl.cpl 2013-03-14 02:01:01 180D098704551DE37C6299AA888D6821 1103872 ----a-w- C:\Windows\SysWOW64\urlmon.dll 2013-03-14 02:00:59 C798EB903A4FA90D2961E164518090C5 607744 ----a-w- C:\Windows\SysWOW64\msfeeds.dll 2013-03-14 02:00:58 03728C624D05C2F157BBD46F6B7F6EA0 1129472 ----a-w- C:\Windows\SysWOW64\wininet.dll 2013-03-14 02:00:56 69F42E40A0C4344939437D86A8893DA6 1800704 ----a-w- C:\Windows\SysWOW64\jscript9.dll 2013-03-14 02:00:56 1895402C57C32BF8281E8F6C65522253 717824 ----a-w- C:\Windows\SysWOW64\jscript.dll 2013-03-14 02:00:54 73BDB1C0801D44BEA5F6749FD340CC0F 1796096 ----a-w- C:\Windows\SysWOW64\iertutil.dll 2013-03-14 02:00:53 6428A1B56B4F426F35A029231FF0BB1E 65024 ----a-w- C:\Windows\SysWOW64\jsproxy.dll 2013-03-14 02:00:50 263963D93A3CA8F685EFA5966F1E6581 12321792 ----a-w- C:\Windows\SysWOW64\mshtml.dll 2013-03-14 02:00:44 D3EAB9BCB2B92EFCA615781C215644C0 9738240 ----a-w- C:\Windows\SysWOW64\ieframe.dll ====== C:\Windows\SysWOW64\drivers ===== ====== C:\Windows\Sysnative ===== 2013-03-14 02:01:08 315BD7958BD33C71442A7383BBAD2237 2382848 ----a-w- C:\Windows\Sysnative\mshtml.tlb 2013-03-14 02:01:07 E532E71207987BE22BEEE1F1F7E5B371 96768 ----a-w- C:\Windows\Sysnative\mshtmled.dll 2013-03-14 02:01:05 ACFA7C9F9DBAE8143598F23C3DE8934A 248320 ----a-w- C:\Windows\Sysnative\ieui.dll 2013-03-14 02:01:05 6BE16F52FAFFCD4BC628C6AE95C0B887 173056 ----a-w- C:\Windows\Sysnative\ieUnatt.exe 2013-03-14 02:01:02 F5F7A06D538619CB3B8081DF766F1D39 237056 ----a-w- C:\Windows\Sysnative\url.dll 2013-03-14 02:01:01 FF1AAEDD4A1A0FC3C5ED66B4EE0B254A 1346048 ----a-w- C:\Windows\Sysnative\urlmon.dll 2013-03-14 02:01:00 406533EADD808A7A9B5A022F298C6841 1494528 ----a-w- C:\Windows\Sysnative\inetcpl.cpl 2013-03-14 02:01:00 0A1BB8FF664EA24C2679B70F731A6F7A 2312704 ----a-w- C:\Windows\Sysnative\jscript9.dll 2013-03-14 02:00:59 D845B455663AE3B4AEB153D9B2E6A4C3 729088 ----a-w- C:\Windows\Sysnative\msfeeds.dll 2013-03-14 02:00:57 FA274190682AA41A46B285208ED46A74 1392128 ----a-w- C:\Windows\Sysnative\wininet.dll 2013-03-14 02:00:56 7784649104ED574EC129C3282F54E846 85504 ----a-w- C:\Windows\Sysnative\jsproxy.dll 2013-03-14 02:00:55 B9996038ABB1664E49DE171AD14DE275 816640 ----a-w- C:\Windows\Sysnative\jscript.dll 2013-03-14 02:00:55 0E92BD6EBE215FA80288AFA7996A622B 599040 ----a-w- C:\Windows\Sysnative\vbscript.dll 2013-03-14 02:00:54 A54A16DAE7497CDCB8C5A021C0F6FEB8 2147840 ----a-w- C:\Windows\Sysnative\iertutil.dll 2013-03-14 02:00:46 460723A080D6F22E56D45BC8C1F15B2A 17815040 ----a-w- C:\Windows\Sysnative\mshtml.dll 2013-03-14 02:00:44 E829C45F0D77852C43BE99C4B1BD215D 10925568 ----a-w- C:\Windows\Sysnative\ieframe.dll ====== C:\Windows\Sysnative\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-03-24 09:42:04 -------- d-----w- C:\Program Files\Speccy ======= C:\Program Files (x86) ===== ======= C: ===== 2013-03-24 19:36:12 10880FE1B46FFE2D70CEE660F8C20F70 9277 ----a-w- C:\AdwCleaner[s1].txt ====== C:\Users\user\AppData\Roaming ====== 2013-03-03 04:04:28 -------- d-----w- C:\users\Gast\AppData\Local\Diagnostics 2013-02-26 22:21:10 -------- d-----w- C:\users\Gast\AppData\Local\Facebook 2013-02-26 22:11:53 -------- d-----w- C:\users\Gast\AppData\Roaming\CyberLink 2013-02-26 22:11:19 A3A0DF951C5ED2DDF6EB5089A3D5D1C7 109296 ----a-w- C:\users\Gast\AppData\Local\GDIPFONTCACHEV1.DAT 2013-02-23 04:18:49 -------- d-----w- C:\users\Gast\AppData\Locallow\PriceGong 2013-02-23 04:18:40 -------- d-----w- C:\users\Gast\AppData\Roaming\Google 2013-02-23 04:18:36 -------- d-----w- C:\users\Gast\AppData\Locallow\Conduit 2013-02-23 04:18:35 -------- d-----w- C:\users\Gast\AppData\Local\AskPartnerNetwork 2013-02-23 04:18:34 -------- d-----w- C:\users\Gast\AppData\Locallow\DataMngr 2013-02-23 04:18:29 -------- d-----w- C:\users\Gast\AppData\Locallow\DVDVideoSoftTB 2013-02-23 04:18:28 -------- d-----w- C:\users\Gast\AppData\Locallow\searchresultstb 2013-02-23 04:18:28 -------- d-----w- C:\users\Gast\AppData\Locallow\ilividtoolbargaw 2013-02-23 00:44:32 -------- d-----w- C:\users\Gast\AppData\Roaming\TuneUp Software 2013-02-23 00:40:36 -------- d-s---w- C:\users\Gast\AppData\Locallow\Microsoft 2013-02-23 00:39:51 -------- d-----w- C:\users\Gast\AppData\Roaming\Mozilla 2013-02-23 00:39:51 -------- d-----w- C:\users\Gast\AppData\Local\Mozilla ====== C:\Users\user ====== ====== C: exe-files == 2013-03-24 23:31:49 C2C544E7D7C32DF09EB9A7B72BC8E12F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$IJPHP1F.exe 2013-03-24 23:22:17 929E9A8C7A9F7B03465B351C4CF2953A 1264814 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$RJPHP1F.exe 2013-03-24 19:30:07 EC4961D7E0F6ACEF4E8446E062048D88 609993 ----a-w- C:\Users\user\Downloads\adwcleaner.exe 2013-03-24 09:39:27 C05B05479461EE3AD2A309C3BE9A4937 4812216 ----a-w- C:\Users\user\Downloads\spsetup120 (1).exe 2013-03-24 09:37:22 C05B05479461EE3AD2A309C3BE9A4937 4812216 ----a-w- C:\Users\user\Downloads\spsetup120.exe 2013-03-19 22:51:26 704CD4CAC010E8E6D8DE9B778ED17773 301568 ----a-w- C:\Windows\System32\SPReview\spreview.exe === C: other files == 2013-03-24 23:31:49 EFBE3CA7F965DBA0B37B451F74374DD0 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$I06BVTC.zip 2013-03-24 23:31:49 C2A807DE5CD61DD3C48FABD41CF16859 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$IQE36TF.zip 2013-03-24 23:22:47 A7A253B24C46E6646829A9D9EFA87304 1260366 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$R06BVTC.zip 2013-03-24 23:22:04 A7A253B24C46E6646829A9D9EFA87304 1260366 ----a-w- C:\$Recycle.Bin\S-1-5-21-2871622637-3147571663-1438806652-1000\$RQE36TF.zip 2013-03-24 19:36:26 2DE4BA8D9B1E2FCE26F5D13A7C4CEE59 169 ----a-w- C:\Windows\DeleteOnReboot.bat ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun" [HKEY_USERS\S-1-5-21-2871622637-3147571663-1438806652-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "MsnMsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe /background" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce] "mctadmin"="C:\Windows\System32\mctadmin.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "avast"="C:\Program Files\AVAST Software\Avast\avastUI.exe /nogui" "GrooveMonitor"="C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" "YouCam Service"="C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe /s" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Tango"="C:\Program Files (x86)\Tango\Tango.exe -r" "Facebook Update"="C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "MsnMsgr"="C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe /background" "PC Speed Maximizer"="C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe" "GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --no-startup-window" "Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun" "swg"="C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ==== Startup Folders ====================== 2012-12-31 19:03:27 2027 ----a-w- C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\PalTalk.lnk 2013-01-22 23:27:10 2046 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [13-03-2013 21:29] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000Core.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 21:40] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2871622637-3147571663-1438806652-1000UA.job --a------ C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe [22-01-2013 21:40] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 16:10] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [29-12-2012 16:10] ==== Firefox Extensions ====================== ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default - Undetermined - C:\Program Files (x86)\Search Results Toolbar\Datamngr\FirefoxExtension - Search-Results Toolbar - %ProfilePath%\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} - DVDVideoSoftTB - %ProfilePath%\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} - DealPly - %ProfilePath%\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF} AppDir: C:\Program Files (x86)\Mozilla Firefox - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} ==== Firefox Plugins ====================== Profilepath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default 47299371607DC2FB234444EEACB1639E - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_6_602_180.dll - Shockwave Flash 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\user\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin ==== Deleting Files \ Folders ====================== "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{EB9394A3-4AD6-4918-9537-31A1FD8E8EDF}" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}" deleted "C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\7onkgtuy.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions cngompmodgafkkffefbfbghhciijojjh - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\phpnuke.crx[08-01-2013 11:35] icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[30-10-2012 23:48] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Users\user\AppData\Roaming\DVDVideoSoft\dvsYoutubeDownload.crx[31-01-2013 02:22] Google Docs - Gast - Default\Extensions\aohghmighlieiainnegkcijnfilokake Google Drive - Gast - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf PhpNuke Chrome Toolbar - Gast - Default\Extensions\cngompmodgafkkffefbfbghhciijojjh DealPly - Gast - Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje avast WebRep - Gast - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda Ask Toolbar - user - Default\Extensions\aaaamimnpkdpdjjghfpgplccimklgpce Google Drive - user - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf YouTube - user - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo PhpNuke Chrome Toolbar - user - Default\Extensions\cngompmodgafkkffefbfbghhciijojjh Google Search - user - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf avast WebRep - user - Default\Extensions\icmlaeflemplmjndnaapfdbbnpncnbda DvdVideoSoft Free Youtube Download - user - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp Gmail - user - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.phpnuke.org/?lang=nl&cid=c2a242b1" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="http://search.phpnuke.org/?lang=nl&cid=c2a242b1" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.msn.com/" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs] "Tabs"="res://ieframe.dll/tabswelcome.htm" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" {CB42C524-40E8-41B9-B630-EE89F44BA6C7} Bing Url="http://www.bing.com/search?FORM=UP22DF&PC=UP22&dt=020613&q={searchTerms}&src=IE-SearchBox" ==== Reset Google Chrome ====================== C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Gast\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91CYRYBZ will be deleted at reboot C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\eu7oqqak.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\iysuyrxl.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\uaonk95b.default\Cache emptied successfully C:\users\Gast\AppData\Local\Mozilla\Firefox\Profiles\x2r8zr9s.default\Cache emptied successfully C:\users\user\AppData\Local\Mozilla\Firefox\Profiles\7onkgtuy.default\Cache emptied successfully ==== Empty Chrome Cache ====================== C:\users\Gast\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully C:\users\user\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== No Java Cache Found After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\user\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" deleted "C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\91CYRYBZ" not found - - - Updated - - - Ohja... Sinds ik account Gast heb toegevoegd aan deze laptop is alles verergert, toen begon het niet opstarten enz. Maar nu krijg ik die account ook niet weg, heb het meerdere keren geprobeerd maar lukt niet. -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
# AdwCleaner v2.115 - Verslag gemaakt op 24/03/2013 om 20:36:12 # Geactualiseerd op 17/03/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium (64 bits) # Gebruiker : user - USER-PC # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\user\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** File Verwijdert : C:\END File Verwijdert : C:\Program Files (x86)\Mozilla FireFox\searchplugins\Search_Results.xml File Verwijdert : C:\Users\Public\Desktop\Get The Best Facebook Chat Messenger.lnk Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\DealPly Map Verwijdert : C:\Program Files (x86)\DVDVideoSoftTB Map Verwijdert : C:\Program Files (x86)\Smart Driver Updater Map Verwijdert : C:\ProgramData\APN Map Verwijdert : C:\ProgramData\askpartnernetwork Map Verwijdert : C:\ProgramData\boost_interprocess Map Verwijdert : C:\ProgramData\Browser Manager Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Driver Updater Map Verwijdert : C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaiilaahiahdejapggenmdmafpmbipje Verwijdert bij het opstarten : C:\Program Files (x86)\askpartnernetwork Verwijdert bij het opstarten : C:\Program Files (x86)\search results toolbar ***** [Register] ***** Data Verwijdert : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\datamngr.dll Data Verwijdert : [x64] HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\x64\IEBHO.dll Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll Data Verwijdert : HKLM\..\Windows [AppInit_DLLs] = C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll Sleutel Verwijdert : HKCU\Software\APN DTX Sleutel Verwijdert : HKCU\Software\APN PIP Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\DVDVideoSoftTB Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\Toolbar Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\DataMngr Sleutel Verwijdert : HKCU\Software\DataMngr_Toolbar Sleutel Verwijdert : HKCU\Software\DealPly Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKCU\Software\ilivid Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{872B5B88-9DB5-4310-BDD0-AC189557E5F5} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijdert : HKCU\Software\PIP Sleutel Verwijdert : HKCU\Software\Smart Driver Updater Sleutel Verwijdert : HKCU\Software\Softonic Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escort.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\esrv.EXE Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Sleutel Verwijdert : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane Sleutel Verwijdert : HKLM\SOFTWARE\Classes\escort.escortIEPane.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard Sleutel Verwijdert : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\DataMngr Sleutel Verwijdert : HKLM\Software\DealPly Sleutel Verwijdert : HKLM\Software\DVDVideoSoftTB Sleutel Verwijdert : HKLM\Software\iLividSRTB Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\datamngrUI_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividMediaBar_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\iLividSetup_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Verwijdert : HKLM\Software\PIP Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{D3F69D07-0AEE-47AF-87D0-1A67D4F70C68} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27F9950D-07A2-488E-99B5-EA6851057EDE} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8C05BDB-168A-4821-ABC0-709863A9D9F2} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DealPly Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\DVDVideoSoftTB Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Smart Driver Updater_is1 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Sleutel Verwijdert : HKLM\SOFTWARE\DataMngr Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C1ED9DA0-AFD0-4B90-AC6A-D3874F591014} Waarde Verwijdert : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [smart Driver Updater] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{872B5B88-9DB5-4310-BDD0-AC189557E5F5}] Waarde Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10] Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16470 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v19.0 (nl) -\\ Google Chrome v25.0.1364.172 ************************* AdwCleaner[s1].txt - [9164 octets] - [24/03/2013 20:36:12] ########## EOF - C:\AdwCleaner[s1].txt - [9224 octets] ########## - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 20:42:49, on 24-3-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Tango\Tango.exe C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\PC Speed Maximizer\SPMSmartScan.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Program Files (x86)\Paltalk Messenger\paltalk.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9827 bytes - - - Updated - - - Hopelijk heb ik het goed gedaan (is echt allen nieuw voor me sorry).... -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:57:27, on 24-3-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Tango\Tango.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Paltalk Messenger\paltalk.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=APN10461&gct=hp&apn_ptnrs=^AKL&apn_dtid=^zzz004^YY^BE&p2=^AKL^zzz004^YY^BE&tpid=PLT2&apn_dbr=cr_23.0.1271.97 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing) R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll O2 - BHO: Ask Toolbar BHO - {504C5432-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2\Passport.dll" (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: phpnuke Helper Object - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\bh\phpnuke.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Ask Toolbar - {504C5432-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2\Passport.dll" (file missing) O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O3 - Toolbar: phpnuke Toolbar - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\phpnukeTlbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12968 bytes (sorry dit is de juiste want had niet zoals het roodgekleurde gedaan) Hartelijk dank nogmaals!!! -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:41:59, on 24-3-2013 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v9.00 (9.00.8112.16470) Boot mode: Normal Running processes: C:\Program Files (x86)\Tango\Tango.exe C:\Program Files (x86)\PC Speed Maximizer\SPMReminder.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe C:\Program Files (x86)\Paltalk Messenger\paltalk.exe C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\user\Downloads\HijackThis.exe C:\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://eu.ask.com/?l=dis&o=APN10461&gct=hp&apn_ptnrs=^AKL&apn_dtid=^zzz004^YY^BE&p2=^AKL^zzz004^YY^BE&tpid=PLT2&apn_dbr=cr_23.0.1271.97 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll" (file missing) R3 - URLSearchHook: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll O2 - BHO: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll O2 - BHO: Ask Toolbar BHO - {504C5432-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2\Passport.dll" (file missing) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll O2 - BHO: DVDVideoSoftTB - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O2 - BHO: phpnuke Helper Object - {890CA547-B66C-48BF-9663-DBE0BFDC7D0C} - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\bh\phpnuke.dll O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: DealPly - {A6174F27-1FFF-E1D6-A93F-BA48AD5DD448} - C:\Program Files (x86)\DealPly\DealPlyIE.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O2 - BHO: DataMngr - {C1ED9DA0-AFD0-4b90-AC6A-D3874F591014} - C:\PROGRA~2\SEARCH~1\Datamngr\BROWSE~1.DLL O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O3 - Toolbar: Ask Toolbar - {504C5432-0076-A76A-76A7-7A786E7484D7} - "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\PLT2\Passport.dll" (file missing) O3 - Toolbar: DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\prxtbDVDV.dll O3 - Toolbar: phpnuke Toolbar - {7B206A1E-933F-4A50-9E60-5167598BDB03} - C:\Program Files (x86)\phpnuke\phpnuke\1.8.8.12\phpnukeTlbr.dll O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll O3 - Toolbar: Search-Results Toolbar - {377e5d4d-77e5-476a-8716-7e70a9272da0} - C:\PROGRA~2\SEARCH~1\Datamngr\SRTOOL~1\searchresultsDx.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [ApnTBMon] "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~2\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [YouCam Service] "C:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe" /s O4 - HKCU\..\Run: [Tango] C:\Program Files (x86)\Tango\Tango.exe -r O4 - HKCU\..\Run: [Facebook Update] "C:\Users\user\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files (x86)\Windows Live\Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [PC Speed Maximizer] C:\Program Files (x86)\PC Speed Maximizer\SPMLauncher.exe O4 - HKCU\..\Run: [smart Driver Updater] C:\Program Files (x86)\Smart Driver Updater\SDULauncher.exe O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_4E874A737D5662A34EBBEADB3A9C4A09] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKCU\..\Run: [swg] "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user') O4 - Startup: PalTalk.lnk = C:\Program Files (x86)\Paltalk Messenger\paltalk.exe O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files (x86)\McAfee Security Scan\3.0.318\SSScheduler.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Users\user\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetomp3converter.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: PalTalk - {4EAFEF58-EEFA-4116-983D-03B49BCBFFFE} - C:\Program Files (x86)\Paltalk Messenger\Paltalk.exe O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\PROGRA~3\Wincert\WIN32C~1.DLL C:\PROGRA~2\SEARCH~1\Datamngr\datamngr.dll C:\PROGRA~2\SEARCH~1\Datamngr\IEBHO.dll O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: Ask-updateservice (APNMCP) - APN LLC. - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files (x86)\McAfee Security Scan\3.0.318\McCHSvc.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: TuneUp Utilities Service (TuneUp.UtilitiesSvc) - TuneUp Software - C:\Program Files (x86)\TuneUp Utilities 2013\TuneUpUtilitiesService64.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12669 bytes - - - Updated - - - is dat goed zo? -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
http://speccy.piriform.com/results/qYeFxISY1cVHLMipmvPbhgk Ow hoe kan ik voorgaande berichtje hier bewerken? Miss moet je dan dit hebben? X15_53758 Ik weet niet of hij ook de nodige drivers heeft gedownload. Duizend maal dank!!! - - - Updated - - - of dit... HP 584037-001 -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie reageerde op evelie's topic in Archief Windows Algemeen
Windows7 Home Prem OA, Hp, Product-Key: , 584037-001. Is het dit wat je bedoelt? (sorry ken er echt niks van maar zal mijn best doen....) PC Helpforum moderator bericht: Windows sleutel verwijderd om misbruik te voorkomen -
een pc-analfabeet hier, haha das allemaal chinees voor mij
evelie plaatste een topic in Archief Windows Algemeen
Beste Het is wel grappig dat ik als pc- analfabeet persoon zelf opzoek wou gaan naar het probleem van mijn laptop (mijn omgeving kan mij niet helpen) en hopen om zelf de oplossing te vinden. Ik hoop dat iemand me hier kan helpen Het zit zo, mijn laptop deed eeen poosje geleden raar, veel virusseen en werkte dus heel traag. Ik ben dus naar een persoon gegaan die mijn laptop zogezegd ging maken. Maar helaas heeft deze het gwn erger gemaakt. Mijn vorige probleem was dus dat het traag was enz, hij heeft deze geformateerd en alles nieuw erop gezet met een anti- virusje. Maar het probleem is nu dat k ergere probleem heb gekregen daardoor. Alles hapert, muis verandert uit het niets van plaats tijdens typen, het kan geen mp3 of geheugenkaart meer lezen, start soms niet en moet het daardoor uizetten via de knop,... Help me... Weet iemand waar het probleem zou kunnen liggen en wat de oplossing ervoor is? Ik zal jullie eeuwig dankbaar zijn. Groetjes
