Ga naar inhoud

ie.dll ' werkt niet meer ' en ieframe.dll werkt niet meer ... wie weet raad ?

vicky_i

Door vicky_i
in Archief Internet & Netwerk

 Delen

Aanbevolen berichten

vicky_i Leerling

vicky_i

Geplaatst:
Geplaatst:

Beste leden en beheerders ,

Ik heb al een tijdje problemen met mijn internet explorer .

Het begon met het traag laden van pagina's , nadien sloten de pagina's vanzelf en kreeg ik de melding dat het programma niet meer werkte , meldingen zoals : ' dit tabblad is gesloten en opnieuw geopend vanwege een probleem met deze pagina ' .

In het begin dacht ik dat het aan facebook lag , daar die pagina wel geregeld fout liep destijds , maar ondertussen werd het alleen maar erger ,

het begon vooral met multimedia-site's , zoals youtube en indien ik foto's wou bewerken online , wou de foto niet uploaden .

Als ik dan na herhaaldelijke pogingen de foto online kreeg , kreeg ik een pagina in het grijs met een uitroepteken , alsof het adobe flash player was .

Ik kreeg in het begin dan de melding dat ie.dll niet meer werkte en nu sinds vandaag kreeg ik de melding dat ieframe.dll niet meer werkt .

Ik weet niet goed waar het probleem aan kan liggen , ik gebruik verder ook als antivirus AVG en heb die regelmatig laten scannen , maar die vind helemaal niets .

Hiernaast gebruik ik ook Ccleaner om de overbodige en tijdelijke bestanden te verwijderen .

Ik hoop dat iemand me raad weet want dit is verre van fijn natuurlijk .

Alvast dank bij voorbaat

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Download 51a5f5d096dae-icon_RSIT.pngRSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

Dubbelklik op RSIT.exe om de tool te starten.

  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  • Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  • Plaats de inhoud hiervan in het volgende bericht.

Link naar reactie
Delen op andere sites
vicky_i Leerling

vicky_i

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Hey ,

Bedankt voor je reactie , had al rondgekeken maar vond niet zo meteen een oplossing .

Hier is de log ( wel lang he ? )

Logfile of random's system information tool 1.09 (written by random/random)

Run by Vicky at 2013-08-29 05:16:34

Microsoft Windows 7 Home Premium Service Pack 1

System drive C: has 144 GB (31%) free of 463 GB

Total RAM: 5813 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 5:16:39, on 29-8-2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16660)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe

C:\Program Files (x86)\AVG\AVG2013\avgui.exe

C:\Program Files (x86)\AVG Secure Search\vprot.exe

C:\Program Files (x86)\Launch Manager\LMworker.exe

C:\Windows\SysWOW64\rundll32.exe

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

C:\Program Files (x86)\Skype\Phone\Skype.exe

C:\Program Files\trend micro\Vicky.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: (no name) - {50fafaf0-70a9-419d-a109-fa4b4ffd4e37} - (no file)

R3 - URLSearchHook: (no name) - {3bbd3c14-4c16-4989-8366-95bc9179779d} - (no file)

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O2 - BHO: DVDVideoSoft.WebPageAdjuster - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--

End of file - 11146 bytes

======Listing Processes======

\SystemRoot\System32\smss.exe

C:\PROGRA~2\AVG\AVG2013\avgrsa.exe /boot

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=24ac0011-9e3a-4f61-8fc4-3d2c232a0e2a /coreSdkOptions=4382 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\f4b8481b-e785-445a-b001-7a303c2ab07a-1d4-oopp.tmp" /loggerName=AVG.RS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

wininit.exe

%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

C:\Windows\system32\services.exe

C:\Windows\system32\lsass.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

winlogon.exe

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe"

"C:\Program Files (x86)\Launch Manager\dsiwmis.exe"

"C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe"

"C:\Program Files (x86)\Launch Manager\LMutilps32.exe" --system-level-mutex="Local\{B904A927-FE6B-48fd-8C83-6B807BED1F9C}" --enable-wmi-window

"C:\Program Files (x86)\Acer\Registration\GREGsvc.exe"

"C:\Program Files\Acer\Acer Updater\UpdaterService.exe"

"C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe" -start

"C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"

C:\Windows\system32\svchost.exe -k imgsvc

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgnsa.exe"

"C:\Program Files (x86)\AVG\AVG2013\avgemca.exe"

"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"

"C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe" 72648 "C:\ProgramData\AVG Secure Search\Logger\logger.properties"

\??\C:\Windows\system32\conhost.exe "145653779-1046690077-93042660013855400471511417261622959385-1391086703-1938059911

"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

"taskhost.exe"

"C:\Windows\system32\Dwm.exe"

C:\Windows\Explorer.EXE

"C:\Windows\System32\igfxtray.exe"

"C:\Windows\System32\hkcmd.exe"

"C:\Windows\System32\igfxpers.exe"

"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"

"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s

C:\Windows\system32\igfxsrvc.exe -Embedding

"C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

"C:\Program Files (x86)\Launch Manager\LManager.exe"

"C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe" start

"C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

C:\Windows\system32\igfxext.exe -Embedding

"C:\Program Files (x86)\AVG Secure Search\vprot.exe"

"C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe"

C:\Windows\system32\wbem\unsecapp.exe -Embedding

C:\Windows\system32\wbem\wmiprvse.exe

"C:\Program Files (x86)\Launch Manager\LMworker.exe"

"C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe"

C:\Program Files (x86)\AVG\AVG2013\avgcsrva.exe /pipeName=72725b19-56a4-446f-8aa3-d94d10012351 /coreSdkOptions=4114 /logConfFile="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\24a0d72f-09b0-417d-850c-ee0a362ebc51-974-oopp.tmp" /loggerName=AVG.NS.Core /binaryPath="C:\Program Files (x86)\AVG\AVG2013\" /registryPath="SYSTEM\CurrentControlSet\Services\Avg\Avg2013" /tempPath="C:\Windows\system32\config\systemprofile\AppData\Local\Avg2013\temp\"

"C:\Program Files\Synaptics\SynTP\SynTPHelper.exe"

C:\Windows\system32\SearchIndexer.exe /Embedding

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\System32\svchost.exe -k LocalServicePeerNet

"C:\Program Files\Windows Media Player\wmpnetwk.exe"

"C:\Program Files\Internet Explorer\iexplore.exe"

"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"

WLIDSvcM.exe 5200

C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}

C:\Windows\system32\Macromed\Flash\FlashUtil64_11_8_800_94_ActiveX.exe -Embedding

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe"

"C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe"

C:\Windows\system32\svchost.exe -k SDRSVC

taskeng.exe {EAF7E937-5DCD-49B1-9C11-DE89631ABD33}

"C:\Program Files\EgisTec IPS\PMMUpdate.exe"

"C:\Program Files\EgisTec IPS\EgisUpdate.exe"

"C:\Windows\SysWOW64\rundll32.exe" "C:\Users\Vicky\AppData\Roaming\BabSolution\Shared\enhancedNT.dll",Run

"C:\Windows\system32\schtasks.exe" /create /tn "BrowserDefendert" /ru "SYSTEM" /sc minute /mo 1 /tr "C:\Windows\system32\sc.exe start BrowserDefendert" /st 00:00:00

\??\C:\Windows\system32\conhost.exe "-1529313953131027354-564523101406650943-991915618-1914365789-1625768932397484133

"C:\Windows\system32\notepad.exe"

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Vicky\Documents\I should have known from the start and embrace when im angry.txt

C:\Windows\system32\DllHost.exe /Processid:{76D0CB12-7604-4048-B83C-1005C7DDC503}

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1752 CREDAT:1250760 /prefetch:2

"C:\Windows\System32\MsSpellCheckingFacility.exe" -Embedding

"C:\Windows\system32\notepad.exe"

"C:\Program Files (x86)\Skype\Phone\Skype.exe"

"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe150_ Global\UsGthrCtrlFltPipeMssGthrPipe150 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"

"C:\Windows\system32\SearchFilterHost.exe" 0 508 512 520 65536 516

"C:\Users\Vicky\Downloads\RSITx64.exe"

C:\Windows\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default

prefs.js - "browser.startup.homepage" -

"{336D0C35-8A85-403a-B9D2-65C292C39087}"=C:\Program Files\Web Assistant\Firefox

"{8E9E3331-D360-4f87-8803-52DE43566502}"=C:\Program Files\Web Assistant\Firefox

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.3.300.262 Plugin

"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin]

"Description"=

"Path"=C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\15.5.0\\npsitesafety.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308]

"Description"=WLPG Install MIME type

"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.3.300.262 Plugin

"Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_262.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll

C:\Program Files (x86)\Mozilla Firefox\extensions\

ffxtlbr@babylon.com

staged

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files (x86)\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files (x86)\Mozilla Firefox\searchplugins\

babylon.xml

bing.xml

bolcom-nl.xml

google.xml

marktplaats-nl.xml

Search_Results.xml

wikipedia-nl.xml

C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\

ffxtlbr@babylon.com

{f34c9277-6577-4dff-b2d7-7d58092f272f}

C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\

askcom.xml

babylon.xml

delta.xml

Search_Results.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 529280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns64.dll [2013-06-28 339456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-29 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]

Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2012-01-17 3855520]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

DVDVideoSoft WebPageAdjuster Class - C:\Program Files (x86)\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll [2013-06-28 279552]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]

{95B7759C-8C7F-4BF1-B163-73684A933233} - AVG Security Toolbar - C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll [2013-08-26 3122864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"=C:\Windows\system32\igfxtray.exe [2011-08-15 167704]

"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2011-08-15 392472]

"Persistence"=C:\Windows\system32\igfxpers.exe [2011-08-15 416024]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2011-03-28 2723624]

"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2011-06-09 11860072]

"Power Management"=C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [2011-08-02 1831016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nero MediaHome 4]

C:\Program Files (x86)\Nero\Nero MediaHome 4\NeroMediaHome.exe /AUTORUN []

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"=C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [2011-09-20 341360]

"Adobe ARM"=C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-04-04 958576]

"BackupManagerTray"=C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [2011-04-24 297280]

"LManager"=C:\Program Files (x86)\Launch Manager\LManager.exe [2011-07-01 1103440]

"MCCNL Sepang ModemListener"=C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe [2011-06-20 102400]

"AVG_UI"=C:\Program Files (x86)\AVG\AVG2013\avgui.exe [2013-07-01 4411440]

"vProt"=C:\Program Files (x86)\AVG Secure Search\vprot.exe [2013-08-26 2314416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\Windows\system32\igfxdev.dll [2011-08-09 390144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoActiveDesktop"=1

"NoActiveDesktopChanges"=1

"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"aux"=wdmaud.drv

======File associations======

.js - edit -

.js - open -

.txt - open -

======List of files/folders created in the last 1 month======

2013-08-29 05:16:34 ----D---- C:\rsit

2013-08-29 05:16:34 ----D---- C:\Program Files\trend micro

2013-08-27 21:27:27 ----D---- C:\PASS BREAKER

2013-08-27 21:02:10 ----D---- C:\ProgramData\BrowserDefender

2013-08-27 21:02:01 ----D---- C:\Users\Vicky\AppData\Roaming\BabSolution

2013-08-25 05:40:23 ----D---- C:\Program Files (x86)\Gmail Account Password Hacker

2013-08-25 04:51:04 ----A---- C:\Windows\system32\drivers\avgtpx64.sys

2013-08-25 04:51:00 ----D---- C:\ProgramData\AVG Secure Search

2013-08-25 04:50:59 ----D---- C:\Program Files (x86)\AVG Secure Search

2013-08-20 09:27:26 ----A---- C:\Windows\SYSWOW64\ieui.dll

2013-08-20 09:27:26 ----A---- C:\Windows\system32\ieui.dll

2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\RegisterIEPKEYs.exe

2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesysprep.dll

2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iesetup.dll

2013-08-20 09:27:25 ----A---- C:\Windows\SYSWOW64\iernonce.dll

2013-08-20 09:27:25 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesysprep.dll

2013-08-20 09:27:25 ----A---- C:\Windows\system32\iesetup.dll

2013-08-20 09:27:25 ----A---- C:\Windows\system32\iernonce.dll

2013-08-20 09:27:25 ----A---- C:\Windows\system32\ie4uinit.exe

2013-08-20 09:27:24 ----A---- C:\Windows\SYSWOW64\iertutil.dll

2013-08-20 09:27:24 ----A---- C:\Windows\system32\iertutil.dll

2013-08-20 09:27:23 ----A---- C:\Windows\SYSWOW64\msfeeds.dll

2013-08-20 09:27:23 ----A---- C:\Windows\system32\msfeeds.dll

2013-08-20 09:27:22 ----A---- C:\Windows\SYSWOW64\jscript.dll

2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript9.dll

2013-08-20 09:27:22 ----A---- C:\Windows\system32\jscript.dll

2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\urlmon.dll

2013-08-20 09:27:21 ----A---- C:\Windows\SYSWOW64\jscript9.dll

2013-08-20 09:27:20 ----A---- C:\Windows\system32\urlmon.dll

2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\wininet.dll

2013-08-20 09:27:19 ----A---- C:\Windows\SYSWOW64\jsproxy.dll

2013-08-20 09:27:19 ----A---- C:\Windows\system32\wininet.dll

2013-08-20 09:27:19 ----A---- C:\Windows\system32\jsproxy.dll

2013-08-20 09:27:18 ----A---- C:\Windows\SYSWOW64\ieframe.dll

2013-08-20 09:27:16 ----A---- C:\Windows\system32\ieframe.dll

2013-08-20 09:27:15 ----A---- C:\Windows\system32\mshtml.dll

2013-08-20 09:27:13 ----A---- C:\Windows\SYSWOW64\mshtml.dll

2013-08-19 13:45:22 ----A---- C:\Windows\system32\crypt32.dll

2013-08-19 13:45:21 ----A---- C:\Windows\SYSWOW64\crypt32.dll

2013-08-19 13:45:21 ----A---- C:\Windows\system32\wintrust.dll

2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\wintrust.dll

2013-08-19 13:45:20 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll

2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptsvc.dll

2013-08-19 13:45:20 ----A---- C:\Windows\system32\cryptnet.dll

2013-08-19 13:45:04 ----A---- C:\Windows\SYSWOW64\tzres.dll

2013-08-19 13:45:04 ----A---- C:\Windows\system32\tzres.dll

2013-08-19 13:45:02 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll

2013-08-19 13:45:02 ----A---- C:\Windows\system32\rpcrt4.dll

2013-08-19 13:43:36 ----A---- C:\Windows\SYSWOW64\WMVDECOD.DLL

2013-08-19 13:43:36 ----A---- C:\Windows\system32\WMVDECOD.DLL

2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tssecsrv.sys

2013-08-19 13:43:34 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-08-15 03:01:43 ----D---- C:\Windows\system32\MRT

2013-08-13 21:51:19 ----A---- C:\Windows\SYSWOW64\cryptnet.dll

======List of files/folders modified in the last 1 month======

2013-08-29 05:16:39 ----D---- C:\Windows\Prefetch

2013-08-29 05:16:36 ----D---- C:\Windows\Temp

2013-08-29 05:16:34 ----RD---- C:\Program Files

2013-08-29 05:07:00 ----D---- C:\ProgramData\MFAData

2013-08-29 04:32:13 ----D---- C:\Users\Vicky\AppData\Roaming\Skype

2013-08-29 01:20:43 ----D---- C:\Windows\tracing

2013-08-28 14:26:34 ----D---- C:\Windows\system32\config

2013-08-27 21:50:57 ----RD---- C:\Program Files (x86)

2013-08-27 21:50:45 ----D---- C:\Windows\system32\Tasks

2013-08-27 21:33:35 ----D---- C:\Program Files\Web Assistant

2013-08-27 21:02:10 ----HD---- C:\ProgramData

2013-08-27 16:08:23 ----A---- C:\Windows\SYSWOW64\log.txt

2013-08-27 16:06:42 ----D---- C:\Windows\system32\drivers

2013-08-27 16:06:42 ----D---- C:\Windows\inf

2013-08-27 16:06:39 ----D---- C:\Windows\system32\DriverStore

2013-08-25 04:51:21 ----SHD---- C:\Windows\Installer

2013-08-25 04:51:08 ----D---- C:\Windows\SYSWOW64\drivers

2013-08-25 04:51:00 ----D---- C:\Program Files (x86)\Common Files

2013-08-25 04:50:17 ----D---- C:\ProgramData\AVG2013

2013-08-25 04:49:03 ----SHD---- C:\System Volume Information

2013-08-25 04:18:25 ----D---- C:\Windows

2013-08-25 04:12:53 ----D---- C:\Windows\system32\catroot2

2013-08-24 01:59:54 ----D---- C:\Windows\Panther

2013-08-24 01:59:54 ----D---- C:\Windows\debug

2013-08-21 22:47:55 ----D---- C:\Windows\System32

2013-08-21 22:47:55 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-08-21 21:35:19 ----D---- C:\Windows\rescache

2013-08-21 15:23:26 ----D---- C:\Windows\SysWOW64

2013-08-21 15:23:23 ----A---- C:\Windows\SYSWOW64\FlashPlayerApp.exe

2013-08-21 02:37:49 ----D---- C:\Windows\Microsoft.NET

2013-08-21 02:37:28 ----RSD---- C:\Windows\assembly

2013-08-20 21:39:20 ----D---- C:\Windows\winsxs

2013-08-20 21:37:05 ----D---- C:\Windows\SYSWOW64\nl-NL

2013-08-20 21:37:05 ----D---- C:\Windows\system32\nl-NL

2013-08-20 21:37:04 ----D---- C:\Program Files\Internet Explorer

2013-08-20 21:37:04 ----D---- C:\Program Files (x86)\Internet Explorer

2013-08-20 09:27:45 ----D---- C:\Windows\system32\catroot

2013-08-20 09:21:17 ----A---- C:\Windows\system32\MRT.exe

2013-08-19 23:25:47 ----D---- C:\Windows\Tasks

2013-08-19 23:25:47 ----D---- C:\Windows\SYSWOW64\wbem

2013-08-19 23:25:47 ----D---- C:\Windows\system32\wfp

2013-08-19 23:25:47 ----D---- C:\Windows\AppPatch

2013-08-19 23:25:45 ----D---- C:\Windows\system32\wbem

2013-08-19 23:25:45 ----D---- C:\Windows\system32\CodeIntegrity

2013-08-19 23:25:36 ----D---- C:\Windows\AppCompat

2013-08-19 23:25:30 ----D---- C:\Program Files\Common Files\Microsoft Shared

2013-08-19 23:25:03 ----D---- C:\Windows\registration

2013-08-19 23:13:22 ----D---- C:\Windows\system32\NDF

2013-08-10 11:49:34 ----D---- C:\Users\Vicky\AppData\Roaming\SoftGrid Client

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 AVGIDSHA;AVGIDSHA; C:\Windows\system32\DRIVERS\avgidsha.sys [2013-07-20 71480]

R0 Avgloga;AVG Logging Driver; C:\Windows\system32\DRIVERS\avgloga.sys [2013-07-20 311608]

R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield; C:\Windows\system32\DRIVERS\avgmfx64.sys [2013-07-01 116536]

R0 Avgrkx64;AVG Anti-Rootkit Driver; C:\Windows\system32\DRIVERS\avgrkx64.sys [2013-07-10 45880]

R0 iaStor;Intel AHCI Controller; C:\Windows\system32\drivers\iaStor.sys [2010-11-05 438808]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-21 213888]

R1 AVGIDSDriver;AVGIDSDriver; C:\Windows\system32\DRIVERS\avgidsdrivera.sys [2013-07-20 246072]

R1 Avgldx64;AVG AVI Loader Driver; C:\Windows\system32\DRIVERS\avgldx64.sys [2013-07-20 206648]

R1 Avgtdia;AVG TDI Driver; C:\Windows\system32\DRIVERS\avgtdia.sys [2013-03-21 240952]

R1 avgtp;avgtp; \??\C:\Windows\system32\drivers\avgtpx64.sys [2013-08-26 45856]

R1 mwlPSDFilter;mwlPSDFilter; C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [2011-10-27 22648]

R1 mwlPSDNServ;mwlPSDNServ; C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [2011-10-27 20520]

R1 mwlPSDVDisk;mwlPSDVDisk; C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [2011-10-27 62776]

R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]

R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athrx.sys [2011-06-02 2750464]

R3 HECIx64;Intel® Management Engine Interface; C:\Windows\system32\drivers\HECIx64.sys [2009-09-17 56344]

R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2011-08-09 12289472]

R3 Impcd;Impcd; C:\Windows\system32\DRIVERS\Impcd.sys [2010-02-26 158976]

R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys [2011-06-14 2899176]

R3 IntcDAud;Intel® Display Audio; C:\Windows\system32\DRIVERS\IntcDAud.sys [2010-10-14 317440]

R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2011-03-23 77936]

R3 NTIDrvr;NTIDrvr; \??\C:\Windows\system32\drivers\NTIDrvr.sys [2011-09-20 18432]

R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\Windows\System32\Drivers\RtsUStor.sys [2010-12-01 250984]

R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2011-10-01 764264]

R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2011-10-01 268648]

R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2011-10-01 25960]

R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2011-10-01 22376]

R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2011-03-28 1417776]

R3 UBHelper;UBHelper; \??\C:\Windows\system32\drivers\UBHelper.sys [2011-09-20 17408]

S3 ASNDIS4;ASNDIS4 Protocol Driver; \??\C:\Windows\syswow64\ASNDIS4.SYS []

S3 jrdusbser;Modem Interface Device for Legacy Serial Communication; C:\Windows\system32\DRIVERS\jrdusbser.sys [2011-06-20 120832]

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-21 59392]

S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-21 31232]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-10 65640]

R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe [2013-07-04 4939312]

R2 avgwd;AVG WatchDog; C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe [2013-07-23 283136]

R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2012-01-04 822624]

R2 DsiWMIService;Dritek WMI Service; C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2011-07-01 353360]

R2 ePowerSvc;ePower Service; C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2011-08-02 872552]

R2 GREGService;GREGService; C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2011-05-30 36456]

R2 Live Updater Service;Live Updater Service; C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2012-04-05 255376]

R2 LMS;Intel® Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe [2010-09-16 325656]

R2 MCCNL Sepang Modem Device Helper;MCCNL Sepang Modem Device Helper; C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe [2011-06-20 49752]

R2 NTI IScheduleSvc;NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [2011-04-24 256832]

R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-01 508776]

R2 UNS;Intel® Management & Security Application User Notification Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-09-16 2538520]

R2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe [2013-08-26 1643184]

R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-01 219496]

R3 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2011-03-29 2292096]

S2 avgfws;AVG Firewall; C:\Program Files (x86)\AVG\AVG2013\avgfws.exe [2013-07-25 1432080]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]

S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-06-03 162408]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-08-21 257416]

S3 EgisTec Ticket Service;EgisTec Ticket Service; C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe [2011-06-21 173424]

S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2011-12-12 655624]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-04-21 129976]

S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-04-24 1255736]

-----------------EOF-----------------

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst: (aangepast)

Download 51a612a8b27e2-Zoek.pngZoek.zip naar het bureaublad.

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  • Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  • Dubbelklik vervolgens op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem. 

chromelook; 
firefoxlook; 
{50fafaf0-70a9-419d-a109-fa4b4ffd4e37};c
{3bbd3c14-4c16-4989-8366-95bc9179779d};c
{95B7759C-8C7F-4BF1-B163-73684A933233};c
C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll;f
{EE932B49-D5C0-4D19-A3DA-CE0849258DE6};c
C:\Program Files (x86)\Common Files\DVDVideoSoft;fs
{F274614C-63F8-47D5-A4D1-FBDDE494F8D1};c
C:\Program Files\Web Assistant;fs
{336D0C35-8A85-403a-B9D2-65C292C39087};c
{8E9E3331-D360-4f87-8803-52DE43566502};c
C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com;ff
C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml;f
C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml;f
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com;ff
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml;f
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml;f
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml;f
C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml;f
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}];r
[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}];r
C:\ProgramData\BrowserDefender;fs
C:\Users\Vicky\AppData\Roaming\BabSolution;fs
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • HijackThis Log
  • Firefox Defaults
  • Reset Chrome
  • IE Defaults
  • Auto Clean
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  • Post nu de inhoud van het geopende logje in het volgende bericht.

aangepast door kape
Link naar reactie
Delen op andere sites
vicky_i Leerling

vicky_i

Geplaatst:
  • Auteur
Geplaatst: (aangepast)

Hier is de log , ik heb hem wel 2x moeten starten dus hoop dat het juist is :

Zoek.exe Version 4.0.0.4 Updated 26-08-2013

Tool run by Vicky on do 29-08-2013 at 14:16:36,68.

Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Vicky\Desktop\zoek\zoek.exe [script inserted] [Checkboxes used]

==== System Restore Info ======================

29-8-2013 14:19:42 Zoek.exe System Restore Point Created Succesfully.

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\SearchScopes\{BEF35424-9F1B-494E-A2CA-542DB53B8DDD} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Extensions\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{50fafaf0-70a9-419d-a109-fa4b4ffd4e37} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully

HKEY_USERS\S-1-5-21-2931560498-325932720-3938257990-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\{3bbd3c14-4c16-4989-8366-95bc9179779d} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{95B7759C-8C7F-4BF1-B163-73684A933233} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{336D0C35-8A85-403a-B9D2-65C292C39087} deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{8E9E3331-D360-4f87-8803-52DE43566502} deleted successfully

==== Deleting Services ======================

==== FireFox Fix ======================

Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js:

user_pref("browser.startup.homepage", );

user_pref("browser.search.defaultengine", "Ask.com");

Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

Deleted from C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.search.defaultenginename", "AVG Secure Search");

user_pref("browser.search.selectedEngine", "AVG Secure Search");

Added to C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js:

user_pref("browser.startup.homepage", "Google");

user_pref("browser.search.defaulturl", "Google=");

user_pref("browser.newtab.url", "Google");

user_pref("browser.search.defaultengine", "Google");

user_pref("browser.search.defaultenginename", "Google");

user_pref("browser.search.selectedEngine", "Google");

user_pref("browser.search.order.1", "Google");

user_pref("keyword.URL", "Google=");

user_pref("browser.search.suggest.enabled", true);

user_pref("browser.search.useDBForOrder", true);

ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default

---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ----

---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ----

---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from user.js ----

---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ----

---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ----

---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from user.js ----

---- Lines BabylonToolbar removed from prefs.js ----

user_pref("extensions.BabylonToolbar.admin", false);

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar.babExt", "");

user_pref("extensions.BabylonToolbar.babTrack", "affID=110819&tt=3012_5");

user_pref("extensions.BabylonToolbar.cntry", "BE");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.dfltSrch", false);

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.hdrMd5", "188518D2EBF48689AD422320B3155343");

user_pref("extensions.BabylonToolbar.hmpg", false);

user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9");

user_pref("extensions.BabylonToolbar.instlDay", "15549");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.29.116:56:25");

user_pref("extensions.BabylonToolbar.newTab", true);

user_pref("extensions.BabylonToolbar.newTabUrl", "Babylon Search");

user_pref("extensions.BabylonToolbar.noFFXTlbr", false);

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.sg", "czb");

user_pref("extensions.BabylonToolbar.smplGrp", "czb");

user_pref("extensions.BabylonToolbar.srcExt", "ss");

user_pref("extensions.BabylonToolbar.tlbrId", "tb9");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google=");

user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");

user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");

user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.29.116:56:25");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5");

user_pref("extensions.BabylonToolbar_i.newTab", true);

user_pref("extensions.BabylonToolbar_i.newTabUrl", "Babylon Search");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25");

---- Lines BabylonToolbar modified from prefs.js ----

---- Lines BabylonToolbar removed from user.js ----

user_pref("extensions.BabylonToolbar_i.babTrack", "affID=110819&tt=3012_5");

user_pref("extensions.BabylonToolbar_i.babExt", "");

user_pref("extensions.BabylonToolbar_i.srcExt", "ss");

user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "Google=");

user_pref("extensions.BabylonToolbar.id", "4e0e63bd00000000000074de2bf6f5c9");

user_pref("extensions.BabylonToolbar.instlDay", "15549");

user_pref("extensions.BabylonToolbar.vrsn", "1.5.29.1");

user_pref("extensions.BabylonToolbar.vrsni", "1.5.29.1");

user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.29.116:56:25");

user_pref("extensions.BabylonToolbar.prtnrId", "babylon");

user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar");

user_pref("extensions.BabylonToolbar.aflt", "babsst");

user_pref("extensions.BabylonToolbar_i.smplGrp", "none");

user_pref("extensions.BabylonToolbar.tlbrId", "tb9");

user_pref("extensions.BabylonToolbar.instlRef", "sst");

user_pref("extensions.BabylonToolbar.dfltLng", "en");

user_pref("extensions.BabylonToolbar.excTlbr", false);

user_pref("extensions.BabylonToolbar.admin", false);

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines delta removed from user.js ----

user_pref("extensions.delta.tlbrSrchUrl", "");

user_pref("extensions.delta.id", "4e0e63bd00000000000074de2bf6f5c9");

user_pref("extensions.delta.appId", "{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}");

user_pref("extensions.delta.instlDay", "15944");

user_pref("extensions.delta.vrsn", "1.8.24.6");

user_pref("extensions.delta.vrsni", "1.8.24.6");

user_pref("extensions.delta.vrsnTs", "1.8.24.621:38:28");

user_pref("extensions.delta.prtnrId", "delta");

user_pref("extensions.delta.prdct", "delta");

user_pref("extensions.delta.aflt", "babsst");

user_pref("extensions.delta.smplGrp", "none");

user_pref("extensions.delta.tlbrId", "base");

user_pref("extensions.delta.instlRef", "sst");

user_pref("extensions.delta.dfltLng", "nl");

user_pref("extensions.delta.excTlbr", false);

user_pref("extensions.delta.ffxUnstlRst", true);

user_pref("extensions.delta.admin", false);

user_pref("extensions.delta_i.babTrack", "affID=123605&tsp=4987");

user_pref("extensions.delta_i.babExt", "");

user_pref("extensions.delta_i.srcExt", "ss");

user_pref("extensions.delta.autoRvrt", "false");

user_pref("extensions.delta.rvrt", "false");

user_pref("extensions.delta.newTab", false);

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----

---- Lines ilivid removed from prefs.js ----

---- Lines ilivid modified from prefs.js ----

---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----

---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ----

user_pref("extensions.installCache", "[{\"name\":\"winreg-app-global\",\"addons\":{\"{336D0C35-8A85-403a-B9D2-65C292C39087}\":{\"descriptor\":\"C:\\\\Program Files\\\\Web Assistant\\\\Firefox\",\"mtime\":1337300953568},\"avg@toolbar\":{\"descriptor\":\"C:\\\\ProgramData\\\\AVG Secure Search\\\\FireFoxExt\\\\13.2.0.5\",\"mtime\":1353280183314}}},{\"name\":\"app-global\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487385296},\"{972ce4c6-7e08-4474-a285-3208198ce6fd}\":{\"descriptor\":\"C:\\\\Program Files (x86)\\\\Mozilla Firefox\\\\extensions\\\\{972ce4c6-7e08-4474-a285-3208198ce6fd}\",\"mtime\":1337459654001}}},{\"name\":\"app-profile\",\"addons\":{\"ffxtlbr@babylon.com\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\ffxtlbr@babylon.com\",\"mtime\":1343487392236},\"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\":{\"descriptor\":\"C:\\\\Users\\\\Vicky\\\\AppData\\\\Roaming\\\\Mozilla\\\\Firefox\\\\Profiles\\\\4x8775zd.default\\\\extensions\\\\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}\",\"mtime\":1352915642216}}}]");

---- FireFox user.js and prefs.js backups ----

user_29-08-2013_1424_.backup

prefs_29-08-2013_1424_.backup

ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\extensions

user.js not found

---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com removed from prefs.js ----

---- Lines C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com modified from prefs.js ----

---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com removed from prefs.js ----

---- Lines C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com modified from prefs.js ----

---- Lines BabylonToolbar removed from prefs.js ----

---- Lines BabylonToolbar modified from prefs.js ----

---- Lines delta removed from prefs.js ----

---- Lines delta modified from prefs.js ----

---- Lines ask.com removed from prefs.js ----

---- Lines ask.com modified from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 removed from prefs.js ----

---- Lines 1FD91A9C-410C-4090-BBCC-55D3450EF433 modified from prefs.js ----

---- Lines ilivid removed from prefs.js ----

---- Lines ilivid modified from prefs.js ----

---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} removed from prefs.js ----

---- Lines {336D0C35-8A85-403a-B9D2-65C292C39087} modified from prefs.js ----

---- FireFox user.js and prefs.js backups ----

prefs_29-08-2013_1424_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EE932B49-D5C0-4D19-A3DA-CE0849258DE6}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}]

==== Deleting Files \ Folders ======================

"C:\Program Files (x86)\AVG Secure Search\15.5.0.2\AVG Secure Search_toolbar.dll" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted

"C:\user.js" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\delta.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}" deleted

"C:\Program Files (x86)\Mozilla Firefox\user.js" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml" deleted

"C:\Program Files (x86)\Mozilla Firefox\searchplugins\Search_Results.xml" deleted

"C:\Windows\wininit.ini" deleted

"C:\user.js" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\babylon.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\askcom.xml" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\searchplugins\Search_Results.xml" deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft" deleted

"C:\Program Files\Web Assistant" deleted

"C:\ProgramData\BrowserDefender" not deleted

"C:\Users\Vicky\AppData\Roaming\BabSolution" deleted

"C:\Program Files (x86)\Mozilla Firefox\extensions\ffxtlbr@babylon.com" deleted

"C:\Program Files (x86)\Search Results Toolbar" deleted

"C:\Program Files (x86)\Common Files\DVDVideoSoft\bin" deleted

"C:\Program Files (x86)\1ClickDownload" deleted

"C:\Program Files (x86)\Yontoo" deleted

"C:\Program Files (x86)\WiseConvert" deleted

"C:\Program Files (x86)\Conduit" deleted

"C:\Program Files\Web Assistant" deleted

"C:\Users\Vicky\AppData\Roaming\DVDVideoSoftIEHelpers" deleted

"C:\Users\Vicky\AppData\Roaming\BabSolution" deleted

"C:\Users\Vicky\AppData\Roaming\Babylon" deleted

"C:\Users\Vicky\AppData\Roaming\OpenCandy" deleted

"C:\ProgramData\BrowserDefender" not deleted

"C:\ProgramData\boost_interprocess" deleted

"C:\ProgramData\Wincert" deleted

"C:\ProgramData\Tarma Installer" deleted

"C:\ProgramData\Babylon" deleted

"C:\Users\Vicky\AppData\Local\iLivid" deleted

"C:\Users\Vicky\AppData\Local\Conduit" deleted

"C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted

"C:\Users\Vicky\AppData\LocalLow\ilividtoolbarguid" deleted

"C:\Users\Vicky\AppData\LocalLow\Incredibar.com" deleted

"C:\Users\Vicky\AppData\LocalLow\PriceGong" deleted

"C:\Users\Vicky\AppData\LocalLow\Conduit" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\ilividtoolbarguid" deleted

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\ffxtlbr@babylon.com" deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}" not deleted

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Vicky\AppData\Local\Temp ====

2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe

2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe

2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe

2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe

2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe

2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe

2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE

====== C:\Windows\SysWOW64 =====

2013-08-20 07:27:27 A484F9DB744849C0B32DD1CE73A94F62 2706432 ----a-w- C:\Windows\SysWOW64\mshtml.tlb

2013-08-20 07:27:26 C9BFFA62DFBF0317AECE707B39C4BF25 391168 ----a-w- C:\Windows\SysWOW64\ieui.dll

2013-08-20 07:27:25 BC90EED56A5C77168A8D6F0C4221D7CB 71680 ----a-w- C:\Windows\SysWOW64\RegisterIEPKEYs.exe

2013-08-20 07:27:25 AF6A6C16ACAD816B48714AE7A4082D89 61440 ----a-w- C:\Windows\SysWOW64\iesetup.dll

2013-08-20 07:27:25 8A5BD908D421BEE82941EF8ABD8B4F09 33280 ----a-w- C:\Windows\SysWOW64\iernonce.dll

2013-08-20 07:27:25 37730C04B543536D971B3F157415EFF5 109056 ----a-w- C:\Windows\SysWOW64\iesysprep.dll

2013-08-20 07:27:24 D0E0086BA353C379DCFE8624E8B8F17A 2048512 ----a-w- C:\Windows\SysWOW64\iertutil.dll

2013-08-20 07:27:23 45C118A1E03182365CB568F99B81A473 493056 ----a-w- C:\Windows\SysWOW64\msfeeds.dll

2013-08-20 07:27:22 1C83426A51AD83B5E788B6CF143B48D8 690688 ----a-w- C:\Windows\SysWOW64\jscript.dll

2013-08-20 07:27:21 AC8C3591D536D1CCB62EDCBEA88140B3 2877440 ----a-w- C:\Windows\SysWOW64\jscript9.dll

2013-08-20 07:27:21 059FC59F97A6220C46A612A9470A00B3 1141248 ----a-w- C:\Windows\SysWOW64\urlmon.dll

2013-08-20 07:27:19 DAA3903F06116AE9EE7AC1D1B93684A4 1767936 ----a-w- C:\Windows\SysWOW64\wininet.dll

2013-08-20 07:27:19 49EB7DE3A1CCCE9D0873DE9114810113 39936 ----a-w- C:\Windows\SysWOW64\jsproxy.dll

2013-08-20 07:27:18 E9BCB6728DD04412BF87F03DB00DE1CF 13761024 ----a-w- C:\Windows\SysWOW64\ieframe.dll

2013-08-20 07:27:13 E631B408882F8320739F6E0CAF444397 14329344 ----a-w- C:\Windows\SysWOW64\mshtml.dll

2013-08-19 11:45:21 AE8EB083B050E17A7D6EB5E28AECDDD6 1166848 ----a-w- C:\Windows\SysWOW64\crypt32.dll

2013-08-19 11:45:20 7CA1BECEA5DE2643ADDAD32670E7A4C9 140288 ----a-w- C:\Windows\SysWOW64\cryptsvc.dll

2013-08-19 11:45:20 68EAAEDF0365168B804E8728368FA946 175104 ----a-w- C:\Windows\SysWOW64\wintrust.dll

2013-08-19 11:45:04 D5E18BA95F9E7D787D25EF07AC68603E 2048 ----a-w- C:\Windows\SysWOW64\tzres.dll

2013-08-19 11:45:02 4DC999CED9429939D75682EBD7D48901 663552 ----a-w- C:\Windows\SysWOW64\rpcrt4.dll

2013-08-19 11:43:36 0805487A6036A9F9C4E7AF7FEF835529 1620992 ----a-w- C:\Windows\SysWOW64\WMVDECOD.DLL

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2013-08-20 07:27:27 3A2FD42F11CD325A4ACAFE7FB0EEA83A 2706432 ----a-w- C:\Windows\Sysnative\mshtml.tlb

2013-08-20 07:27:26 69F5E016A98CE1908DB08382F2ACF882 526336 ----a-w- C:\Windows\Sysnative\ieui.dll

2013-08-20 07:27:25 D8CC9A20C517A54678363C4C77B930A4 136704 ----a-w- C:\Windows\Sysnative\iesysprep.dll

2013-08-20 07:27:25 963B29E0EFB20D66436214DB7C43D7F7 67072 ----a-w- C:\Windows\Sysnative\iesetup.dll

2013-08-20 07:27:25 6C8BDC9F16943D626DFE8A987BCCFD20 51712 ----a-w- C:\Windows\Sysnative\ie4uinit.exe

2013-08-20 07:27:25 622C7C8D39609FCEACE3508715D48C7F 39936 ----a-w- C:\Windows\Sysnative\iernonce.dll

2013-08-20 07:27:25 28C2F8C7DBE11AA3DA041D35F4E59481 89600 ----a-w- C:\Windows\Sysnative\RegisterIEPKEYs.exe

2013-08-20 07:27:24 65546D87F7A78AB31841A536456CB94D 2647040 ----a-w- C:\Windows\Sysnative\iertutil.dll

2013-08-20 07:27:23 8C12653BEA781902AA60E4A855A55D5C 603136 ----a-w- C:\Windows\Sysnative\msfeeds.dll

2013-08-20 07:27:22 5A7FA01EEC393A3E0D0F3EBAA1FD959E 3958784 ----a-w- C:\Windows\Sysnative\jscript9.dll

2013-08-20 07:27:22 16FE878530FDFC9AB08B7FFC32335958 855552 ----a-w- C:\Windows\Sysnative\jscript.dll

2013-08-20 07:27:20 289C5E0A386E7B6CA9539D66D15E22CC 1365504 ----a-w- C:\Windows\Sysnative\urlmon.dll

2013-08-20 07:27:19 AC155DD9BD1E6D3B740826A4D1C68AAE 2241024 ----a-w- C:\Windows\Sysnative\wininet.dll

2013-08-20 07:27:19 04DE09B1E287F6DC5C7FD655B6E84AB9 53760 ----a-w- C:\Windows\Sysnative\jsproxy.dll

2013-08-20 07:27:16 677A1C1B0F254EC918D84A7FE29274CA 15405056 ----a-w- C:\Windows\Sysnative\ieframe.dll

2013-08-20 07:27:15 396889142BD839DB8A055A0BE0AD2F79 19239424 ----a-w- C:\Windows\Sysnative\mshtml.dll

2013-08-19 11:45:22 287998A9BA0140ABB59792CDEB2F8483 1472512 ----a-w- C:\Windows\Sysnative\crypt32.dll

2013-08-19 11:45:21 959041D7014C97133D859B45BCA0FC58 224256 ----a-w- C:\Windows\Sysnative\wintrust.dll

2013-08-19 11:45:20 A6B726DCA228F7878E38368A1BDC68BE 139776 ----a-w- C:\Windows\Sysnative\cryptnet.dll

2013-08-19 11:45:20 6B400F211BEE880A37A1ED0368776BF4 184320 ----a-w- C:\Windows\Sysnative\cryptsvc.dll

2013-08-19 11:45:04 B3CA3253009D26666F5BCB16E77D2618 2048 ----a-w- C:\Windows\Sysnative\tzres.dll

2013-08-19 11:45:02 26036E228D2467DE6975AD819C22C043 1217024 ----a-w- C:\Windows\Sysnative\rpcrt4.dll

2013-08-19 11:43:36 D29200AB0B37B7293C6942EAF755295E 1888768 ----a-w- C:\Windows\Sysnative\WMVDECOD.DLL

====== C:\Windows\Sysnative\drivers =====

2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Sysnative\drivers\avgtpx64.sys

2013-08-19 11:43:34 DB74544B75566C974815E79A62433F29 1910208 ----a-w- C:\Windows\Sysnative\drivers\tcpip.sys

2013-08-19 11:43:34 4CE278FC9671BA81A138D70823FCAA09 39936 ----a-w- C:\Windows\Sysnative\drivers\tssecsrv.sys

====== C:\Windows\Tasks ======

2013-08-27 19:29:15 600AD6B878A025883CFFAB47DEE45F87 3200 ----a-w- C:\Windows\Sysnative\Tasks\{08BF7A00-7AB1-41D1-BEA9-254C0B1D06E4}

2013-08-27 19:24:02 6A55AF0AD097D676CDD29CC2E7BEDD6B 3196 ----a-w- C:\Windows\Sysnative\Tasks\{6AFE08A9-EE6B-4653-8E72-D80F31E091F6}

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-08-29 03:16:34 -------- d-----w- C:\Program Files\trend micro

======= C:\Program Files (x86) =====

2013-08-25 03:40:23 -------- d-----w- C:\Program Files (x86)\Gmail Account Password Hacker

2013-08-25 02:51:00 -------- d-----w- C:\Program Files (x86)\Common Files\AVG Secure Search

2013-08-25 02:50:59 -------- d-----w- C:\Program Files (x86)\AVG Secure Search

======= C: =====

====== C:\Users\Vicky\AppData\Roaming ======

2013-08-25 02:51:17 -------- d-----w- C:\users\Vicky\AppData\Local\AVG Secure Search

2013-08-25 02:51:06 -------- d-----w- C:\users\Vicky\AppData\Locallow\AVG Secure Search

====== C:\Users\Vicky ======

2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe

2013-08-27 19:02:10 -------- d-----w- C:\ProgramData\BrowserDefender

2013-08-25 02:51:00 -------- d-----w- C:\ProgramData\AVG Secure Search

2013-08-25 02:49:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe

====== C: exe-files ==

2013-08-29 03:16:34 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Vicky.exe

2013-08-29 03:16:17 662C39FC1E27131551D557862CEC47F0 935175 ----a-w- C:\Users\Vicky\Downloads\RSITx64.exe

2013-08-28 23:32:43 1B1D86A574E842946E5D5317892B45C5 31954536 ----a-w- C:\Users\Vicky\AppData\Local\Temp\SkypeSetup.exe

2013-08-27 20:02:38 77FDA6678AEACFA196E5DDDC4FC2742C 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I0PCBOG.exe

2013-08-27 19:53:06 EF0341C438A93DB02D793445B8F746E3 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I45QSXT.exe

2013-08-27 19:53:06 A175834A36CE08722A83C7D58C929547 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I4LZ4G9.exe

2013-08-27 19:38:24 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\BbF607.exe

2013-08-27 19:31:58 DB521C3DC7B679226322033B09719ECA 339440 ----a-w- C:\Users\Vicky\AppData\Local\Temp\uninst1.exe

2013-08-27 19:27:27 F01447D544EC5C472D8C5456E73C78D1 2245128 ----a-w- C:\PASS BREAKER\PASS BREAKER.exe

2013-08-27 19:02:14 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe

2013-08-27 19:02:13 DAF56EC5E652F629D6D2B3930FF199F6 2838480 ----a-w- C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe

2013-08-27 19:01:59 503D279F5243F03EE9F39E5185B59325 4096 ----a-w- C:\Users\Vicky\AppData\Local\Temp\Bb9DD9.exe

2013-08-27 19:01:45 33E263F843D59E57365CE6D3B948F28D 786928 ----a-w- C:\Users\Vicky\AppData\Local\Temp\DeltaTBs.exe

2013-08-26 04:09:06 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.5.0\DriverInstaller.exe

2013-08-26 04:08:54 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.5.0\ScriptHelper.exe

2013-08-26 04:08:52 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

2013-08-26 04:08:50 EB94A2C1F99E9E1634683B916F4EB1A2 1643184 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ToolbarUpdater.exe

2013-08-26 04:08:50 E962D9F3AF9C09DE15D3944D1B1278CC 2301616 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\ScriptHelper.exe

2013-08-26 04:08:50 E25D3E9D7822C42EF7518EFEB2F3E275 147120 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller_64.exe

2013-08-26 04:08:50 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\lip.exe

2013-08-26 04:08:50 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\Uninstall.exe

2013-08-26 04:08:50 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\vprot.exe

2013-08-26 04:08:50 45A9FAC90CA8F263F6DB2EBDC4A9F002 641200 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\DriverInstaller.exe

2013-08-26 04:08:50 2C1B0965CB65797001053D8956F9CD54 2226864 ----a-w- C:\Windows\Temp\avg_a06404\avg-secure-search-installer.exe

2013-08-26 04:08:50 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\PostInstall.exe

2013-08-26 04:08:50 01A17E294876ECB573AD32530961F29B 573616 ----a-w- C:\Windows\Temp\avg_a06404\ConfigFiles\MachineIdCreator.exe

2013-08-26 04:08:46 A8893D3F119C8143B2FC53F5CF21EE01 4547608 ----a-w- C:\Windows\Temp\{E2F131AF-3C99-41C9-817E-C34B87253705}.exe

2013-08-25 03:40:28 8B4614F20714CB9C5EB3C900E6188E48 83187 ----a-w- C:\Program Files (x86)\Gmail Account Password Hacker\Uninstal.exe

2013-08-25 03:38:36 69B8F0BA1A143F5BC0BD8635FCC93038 361833 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R4LZ4G9.exe

2013-08-25 02:51:04 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\DriverInstaller\15.4.0\DriverInstaller.exe

2013-08-25 02:51:02 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\ScriptHelperInstaller\15.4.0\ScriptHelper.exe

2013-08-25 02:51:00 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

2013-08-25 02:50:59 B6FFA8C9B553336D4CE86514A54C408A 926384 ----a-w- C:\Program Files (x86)\AVG Secure Search\lip.exe

2013-08-25 02:50:59 752A2976E3096D2055F8A97C7B97DF80 1851568 ----a-w- C:\Program Files (x86)\AVG Secure Search\Uninstall.exe

2013-08-25 02:50:59 491C1E48B638907B8FD8EF8B09AC084E 2314416 ----a-w- C:\Program Files (x86)\AVG Secure Search\vprot.exe

2013-08-25 02:50:59 178C1607D35988153A0E7CBB90C669FC 642224 ----a-w- C:\Program Files (x86)\AVG Secure Search\PostInstall.exe

2013-08-25 02:50:57 FFA7EED8BF96144DFC69638DF3A1CA8A 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller_64.exe

2013-08-25 02:50:57 B387C48CDDB2CC5A9D0D9BBCCBFC50D8 640176 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\DriverInstaller.exe

2013-08-25 02:50:57 94BA6BFC9227C59FD0969C54C102D14C 641200 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\PostInstall.exe

2013-08-25 02:50:57 948909A99D9F9F5063128994B3B3D8B0 2267824 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ScriptHelper.exe

2013-08-25 02:50:57 8869725DD27C46270A8EC56101C1FDF8 920240 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\lip.exe

2013-08-25 02:50:57 8754BA5FCC85325C229ADCB72087706E 1616048 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\ToolbarUpdater.exe

2013-08-25 02:50:57 6F8DAE4F43AF2F070292198CEAE16995 2285232 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\vprot.exe

2013-08-25 02:50:57 4F11E85CAE13A8881746B8FBB189EAA6 2196656 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\avg-secure-search-installer.exe

2013-08-25 02:50:57 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\Uninstall.exe

2013-08-25 02:50:57 0CA44A7F835FCD0B45B5360119A56566 572592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ConfigFiles\MachineIdCreator.exe

2013-08-25 02:50:55 4ECFD79139593972A5C849E1138C3CE3 4543000 ----a-w- C:\Users\Vicky\AppData\Local\Temp\oi_{6133ABA3-88BF-4126-A2E1-223A94E45A87}.exe

2013-08-25 02:50:33 FCAD3F53F501D80F444B92AC72A5A164 466608 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller.exe

2013-08-25 02:50:33 DF54FD732F04503A7C72285EA46E9037 1228976 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\avg-secure-search-installer.exe

2013-08-25 02:50:33 CCAC95DD3E5763AF41F074F1E3DBB0FF 147120 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\DriverInstaller_64.exe

2013-08-25 02:50:33 BF3479A3BE727D029321BD7601E8EAE1 1008816 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ToolbarUpdater.exe

2013-08-25 02:50:33 B48EE9A609A699B9FC8476444B988D0D 662192 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\lip.exe

2013-08-25 02:50:33 81A4A3692AA20B590CC643CB7E4D786A 1223344 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\vprot.exe

2013-08-25 02:50:33 5EC8F26F556E29B534607FDEBA7CD767 1380016 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\ScriptHelper.exe

2013-08-25 02:50:33 5AD26C4F28D6D0F005E86D3F9A1CCA0C 1053872 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\Uninstall.exe

2013-08-25 02:50:33 57E3A9692DFDF4770ACB62F546B7F7EC 511664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgFiles\AVG Secure Search\PostInstall.exe

2013-08-25 02:50:33 3984CFC8A3E3A1F09CC2657A4DF99C32 501424 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ConfigFiles\MachineIdCreator.exe

2013-08-25 02:49:13 55018D7287E4519AB084A3DAD68E97FE 341040 ----a-w- C:\Program Files (x86)\AVG\AVG2013\avgndisa.exe

2013-08-25 02:44:48 72A2F9728BCB9743553E2A188CEFF303 4491824 ----a-w- C:\Users\Vicky\Downloads\avg_avct_stb_all_2013_3392_cm10.exe

2013-08-25 02:08:27 288C4B8AB34A0F41D9E5BDFE42705C27 1822896 ----a-w- C:\Users\Vicky\AppData\Local\Temp\UNINSTALL.EXE

=== C: other files ==

2013-08-27 19:53:24 A3DCBE772B3C04A26FD07ABFCD6E781F 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$I78T4BW.zip

2013-08-27 19:53:24 889C036F2F4FF4BCA55DC8BC8E33B7E4 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IHB1U54.zip

2013-08-27 19:53:24 239331BB0EEB77FD0D43D2711ADF65C8 544 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$IUN6S9J.zip

2013-08-27 19:27:27 D25D6E0DFE526AED99EC54035022EB6A 119688 ----a-w- C:\PASS BREAKER\PASS.com

2013-08-27 19:27:27 3F5BF11C972707414C5076BC7E8B4BE5 38792 ----a-w- C:\PASS BREAKER\PASSS.com

2013-08-27 19:26:51 A26255EAA2B524671CAB1456542E1952 6173974 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RHB1U54.zip

2013-08-27 19:03:42 94A5279AF49FCA6CD0B75D94B94C2B0B 2247449 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$R78T4BW.zip

2013-08-27 19:01:16 9680FA2C72D3C8A311BE2AF3A5658763 2319198 ----a-w- C:\$Recycle.Bin\S-1-5-21-2931560498-325932720-3938257990-1000\$RUN6S9J.zip

2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\CBA677A9-BAB0-7891-9B7D-9DB0B7975820\Latest\Delta.crx

2013-08-26 12:26:07 BB17F0B291294038DBF00027C21C70D3 16916 ----a-w- C:\Users\Vicky\AppData\Local\Temp\877025C1-BAB0-7891-A5A7-A0B6CB046942\Latest\Delta.crx

2013-08-26 04:08:50 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx64.sys

2013-08-26 04:08:50 311C5A8D894563CD2712CD297A34FAFB 37664 ----a-w- C:\Windows\Temp\avg_a06404\CommonFiles\AVG Secure Search\avgtpx86.sys

2013-08-26 04:08:49 8A196063A0F0305A8A05CCEC1AF746C3 257167 ----a-w- C:\Windows\Temp\avg_a06404\ProgData\AVG Secure Search\ChromeExt\15.5.0.2\avg.crx

2013-08-26 04:08:49 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Windows\Temp\avg_a06404\ProgFiles\AVG Secure Search\data.zip

2013-08-25 02:51:04 E647C4315F36756DF5FA38BDEB51F224 45856 ----a-w- C:\Windows\System32\drivers\avgtpx64.sys

2013-08-25 02:50:59 567B5EC265B26994AFB11DB13F53B07A 147960 ----a-w- C:\Program Files (x86)\AVG Secure Search\data.zip

2013-08-25 02:50:57 BB83BDE5C9EB8A1B932D4A8374758EF8 37664 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx86.sys

2013-08-25 02:50:57 5294DEE34D094B14D7E2697E9BB880B5 257167 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgData\AVG Secure Search\ChromeExt\15.4.0.5\avg.crx

2013-08-25 02:50:57 18AAAC7ED383C465E319B5DD07D0A0B6 45856 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\CommonFiles\AVG Secure Search\avgtpx64.sys

2013-08-25 02:50:56 264F8E1A89771B80D9F2985A68BAA8C3 178115 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05960\ProgFiles\AVG Secure Search\data.zip

2013-08-25 02:50:33 A64D0F9E1D19C3D57E79AAA0EF7A284E 40736 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx64.sys

2013-08-25 02:50:33 56E9703A6F7D60B9862FB95253753C5A 34592 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\CommonFiles\AVG Secure Search\avgtpx86.sys

2013-08-25 02:50:32 DA5604B49CBCF95E555E88BA2E13AEA8 237719 ----a-w- C:\Users\Vicky\AppData\Local\Temp\avg_a05704\ProgData\AVG Secure Search\ChromeExt\15.1.0.2\avg.crx

2013-08-25 02:50:17 0F12F47268CE663E833F98A986379950 1374879 ----a-w- C:\Program Files (x86)\AVG\AVG2013\banners\banners.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"IsMyWinLockerReboot"="msiexec.exe /qn /x{voidguid}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"SuiteTray"="C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

"Adobe ARM"="C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"BackupManagerTray"="C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe -h -k"

"LManager"="C:\Program Files (x86)\Launch Manager\LManager.exe"

"MCCNL Sepang ModemListener"="C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start"

"AVG_UI"="C:\Program Files (x86)\AVG\AVG2013\avgui.exe /TRAYONLY"

"vProt"="C:\Program Files (x86)\AVG Secure Search\vprot.exe"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"RTHDVCPL"="C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s"

"Power Management"="C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

==== Startup Registry Disabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\Nero MediaHome 4]

"key"="SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="Nero MediaHome 4"

"hkey"="HKLM"

"command"="\"C:\\Program Files (x86)\\Nero\\Nero MediaHome 4\\NeroMediaHome.exe\" /AUTORUN"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [21-08-2013 15:23]

C:\Windows\tasks\AVG-Secure-Search-Update_JUNE2013_TB_rmv.job --a------ C:\Windows\TEMP\B8E97F67-9FD6-46AD-B075-D261AFD597E3.exe []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default

- Undetermined - C:\ProgramData\AVG Secure Search\FireFoxExt\13.2.0.5

- Search-Results Toolbar - %ProfilePath%\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}

AppDir: C:\Program Files (x86)\Mozilla Firefox

- Undetermined - %AppDir%\extensions\staged

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default

6BE1D348BE7547113EF27B26777917CC - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll - Shockwave Flash

==== Deleting Files \ Folders ======================

"C:\Users\Vicky\AppData\Roaming\Mozilla\Firefox\Profiles\4x8775zd.default\extensions\{f34c9277-6577-4dff-b2d7-7d58092f272f}" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

dlnembnfbcpjnepmfjmngjenhhajpdfd - C:\Program Files\Web Assistant\source.crx[]

jplinpmadfkdgipabgcdchbdikologlh - C:\Program Files (x86)\1ClickDownload\1click12.crx[]

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Fotomodel Vicky Iliaens"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="Fotomodel Vicky Iliaens"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="{searchTerms} - Bing"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="{searchTerms} - Google Search}"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\dlnembnfbcpjnepmfjmngjenhhajpdfd deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jplinpmadfkdgipabgcdchbdikologlh deleted successfully

==== HijackThis Entries ======================

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Fotomodel Vicky Iliaens

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

F2 - REG:system.ini: UserInit=userinit.exe

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O4 - HKLM\..\Run: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe"

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [backupManagerTray] "C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe" -h -k

O4 - HKLM\..\Run: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

O4 - HKLM\..\Run: [MCCNL Sepang ModemListener] C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ModemListener.exe start

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid} (User 'Default user')

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files (x86)\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O9 - Extra 'Tools' menuitem: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\15.5.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)

O23 - Service: AVG Firewall (avgfws) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgfws.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG2013\avgwdsvc.exe

O23 - Service: Dritek WMI Service (DsiWMIService) - Dritek System Inc. - C:\Program Files (x86)\Launch Manager\dsiwmis.exe

O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)

O23 - Service: EgisTec Ticket Service - Egis Technology Inc. - C:\Program Files (x86)\Common Files\EgisTec\Services\EgisTicketService.exe

O23 - Service: ePower Service (ePowerSvc) - Acer Incorporated - C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)

O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: GREGService - Acer Incorporated - C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Live Updater Service - Acer Incorporated - C:\Program Files\Acer\Acer Updater\UpdaterService.exe

O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

O23 - Service: MCCNL Sepang Modem Device Helper - Unknown owner - C:\Program Files (x86)\HSPA USB MODEM\BackgroundService\ServiceManager.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)

O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: NTI IScheduleSvc - NTI Corporation - C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe

O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)

O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe

O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)

O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)

O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)

O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)

O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)

O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)

O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)

O23 - Service: vToolbarUpdater15.5.0 - Unknown owner - C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe

O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)

O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)

O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Vicky\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

No FireFox Cache found

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Vicky\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\bl" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.dll" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.settings" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\dm" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\uninstall.exe" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\00" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\01" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\02" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\03" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\10" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\11" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\12" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\13" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\20" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\21" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\22" not found

"C:\ProgramData\BrowserDefender\2.6.1562.220\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\traking_settings\23" not found

"C:\ProgramData\BrowserDefender" not found

"C:\ProgramData\BrowserDefender" not found

==== EOF on do 29-08-2013 at 14:32:56,81 ======================

Mijn computer doet nu wel nog vreemdere dingen dan voorheen eigenlijk , enig idee waarom ? Kan het te maken hebben met de hijack-tools enzo ?

alvast bedankt ! :)

aangepast door kape
dubbellog verwijderd
Link naar reactie
Delen op andere sites
vicky_i Leerling

vicky_i

Geplaatst:
  • Auteur
Geplaatst:
Er is alvast een berg rotzooi van je computer gehaald. In welke zin doet de PC vreemde dingen ?

Hij opent soms zelfs een venster in internet explorer , eigenlijk gewoon een nieuw tabblad dan , of hij zegt dat flash player niet geïnstalleerd is en dat ik dus op bepaalde sites iets niet kan bekijken terwijl ik dat eigenlijk wel zou moeten kunnen . Was dat logje het enige dat ik moest doen ? Ik heb wel al de hele dag geen problemen gehad met internet explorer ( voor zover ik er op bezig geweest ben toch :) ) .

Mocht het probleem met IE nu echt opgelost zijn dan ben je superhard bedankt ! En ik denk ook wel dat het probleem ermee opgelost is maar ja , ik weet dat nu nog niet , hij is toch al langer bezig zonder weg te vallen dan gewoonlijk !

Ivm die rotzooi , staat er dan nog een boel rotzooi op ? want ik gebruik wel regelmatig de Ccleaner en scan dagelijks , maar of dat voldoende is denk ik niet .

Groetjes

Link naar reactie
Delen op andere sites
kape Grootmeester

kape

Geplaatst:
Geplaatst:

Start CCleaner eens op, maar scan nu volgens deze procedure:

Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en na de analyse op 'Schoonmaken'. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”.

Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft.

Sluit hierna CCleaner terug af.

Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Kijk daarna even hoe de zaken verder lopen ... en dan lezen we hier wel wat je conclusies zijn. Mochten er nieuwe problemen opduiken, dan mag je dat ook hier terug melden. Succes !

Link naar reactie
Delen op andere sites
 Delen
Ga naar topic overzicht
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.