internet werkt traag

mijn internet werkt ineens zo traag, ik geraak zelf niet optijd op homebank. heb een fix van windows gedaan, bracht ni veel op...

- - - Updated - - -

ow, en heb verschrikkelijk veel last van pop-ups ook

Download RSIT van de onderstaande locaties en sla deze op het bureaublad op.

Hier staat een beschrijving hoe je kan kijken of je een 32- of 64-bitversie van Windows heeft.

• RSIT 32 bit (RSIT.exe)
  
• RSIT 64 bit (RSITx64.exe)
  

Dubbelklik op RSIT.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Vervolgens wordt de "Disclaimer of warranty" getoond, klik vervolgens op "Continue"
  
• Wanneer de tool gereed is wordt er een kladblok bestand genaamd "Log" geopend.
  
• Plaats de inhoud hiervan in het volgende bericht.
  

Logfile of random's system information tool 1.09 (written by random/random)

Run by Anke at 2013-10-25 20:30:03

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 20 GB (27%) free of 76 GB

Total RAM: 1528 MB (39% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 20:30:20, on 25/10/2013

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16720)

Boot mode: Normal

Running processes:

C:\Windows\system32\taskhost.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Windows\system32\taskeng.exe

C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe

C:\Program Files\Microsoft Security Client\msseces.exe

C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe

C:\Program Files\GoforFiles\GFFUpdater.exe

C:\Program Files\MyPC Backup\MyPC Backup.exe

C:\Program Files\Optimizer Pro\OptProReminder.exe

C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe

C:\Users\Anke\AppData\Local\FilesFrog Update Checker\update_checker.exe

C:\Program Files\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

C:\Program Files\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Users\Anke\Downloads\RSIT.exe

C:\Program Files\trend micro\Anke.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Search

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: dokotoolbar Toolbar - {339E1B37-76D3-4A64-A988-E81425DF831C} - C:\Program Files\Doko-Toolbar\dokotoolbar\1.8.26.9\dokotoolbarTlbr.dll

O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey

O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

O4 - HKLM\..\Run: [Adobe Creative Cloud] "C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true

O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU\..\Run: [AGupdate] C:\Program Files\AppGraffiti\AGupdate.exe

O4 - HKCU\..\Run: [Optimizer Pro] C:\Program Files\Optimizer Pro\OptProLauncher.exe

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')

O4 - HKUS\.DEFAULT\..\RunOnce: [sPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')

O4 - Startup: MyPC Backup.lnk = C:\Program Files\MyPC Backup\MyPC Backup.exe

O8 - Extra context menu item: Free YouTube Download - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytvdownloader.htm

O8 - Extra context menu item: Free YouTube to DVD Converter - C:\Users\Anke\AppData\Roaming\DVDVideoSoftIEHelpers\freeyoutubetodvdconverter.htm

O8 - Extra context menu item: Free YouTube to MP3 Converter - C:\Program Files\Common Files\DVDVideoSoft\plugins\freeytmp3downloader.htm

O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll

O9 - Extra button: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O9 - Extra 'Tools' menuitem: Free YouTube Download - {EE932B49-D5C0-4D19-A3DA-CE0849258DE6} - C:\Program Files\Common Files\DVDVideoSoft\bin\IEDownloadMenuAndBtns.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files\MyPC Backup\BackupStack.exe

O23 - Service: Optimizer Pro Crash Monitor (ca82e1a5) - Unknown owner - c:\progra~1\optimi~1\OptProCrash.exe

O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe

O23 - Service: FreemakeVideoCapture - Ellora Assets Corp. - C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe

O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Update diamondata - diamondata - C:\Program Files\diamondata\updatediamondata.exe

O23 - Service: Util diamondata - diamondata - C:\Program Files\diamondata\bin\utildiamondata.exe

--

End of file - 7256 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

C:\Windows\tasks\LyricsViewer-2-chromeinstaller.job

C:\Windows\tasks\LyricsViewer-2-codedownloader.job

C:\Windows\tasks\LyricsViewer-2-enabler.job

C:\Windows\tasks\LyricsViewer-2-firefoxinstaller.job

C:\Windows\tasks\LyricsViewer-2-updater.job

C:\Windows\tasks\RegClean Pro_DEFAULT.job

C:\Windows\tasks\RegClean Pro_UPDATES.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default

prefs.js - "browser.startup.homepage" - "http://websearch.wisesearch.info/?pid=357&r=2013/10/18&hid=10612048198043085368&lg=EN&cc=BE&unqvl=39"

prefs.js - "keyword.URL" - "http://websearch.wisesearch.info/?pid=357&r=2013/10/18&hid=10612048198043085368&lg=EN&cc=BE&unqvl=39&l=1&q="

"4zffxtbr@VideoDownloadConverter_4z.com"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin

"fmdownloader@gmail.com"=C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com\

"ytfmdownloader@gmail.com"=C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\

"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=C:\Program Files\Common Files\DVDVideoSoft\plugins\ff\

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=10.25.2]

"Description"=Java™ Deployment Toolkit

"Path"=C:\Windows\system32\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.21.165\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@UtilityChest_49.com/Plugin]

"Description"=Utility Chest Plugin

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]

"Description"=VideoDownloadConverter Plugin

"Path"=C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\adobe.com/AdobeAAMDetect]

"Description"=

"Path"=C:\Program Files\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

C:\Program Files\Mozilla Firefox\searchplugins\

bing.xml

bolcom-nl.xml

google.xml

marktplaats-nl.xml

qone8.xml

wikipedia-nl.xml

C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\

75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com

AppGraffiti@AppGraffiti.com

ffxtlbr@babylon.com

ffxtlbr@delta.com

ffxtlbr@dokotoolbar.com

staged

{97A78363-B868-4B48-AC91-A783A31215AF}

C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\

babylon.xml

dokotoolbar.xml

WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-10-09 194640]

{339E1B37-76D3-4A64-A988-E81425DF831C} - dokotoolbar Toolbar - C:\Program Files\Doko-Toolbar\dokotoolbar\1.8.26.9\dokotoolbarTlbr.dll [2013-10-02 293272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2013-08-12 995176]

"AdobeAAMUpdater-1.0"=C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-06-13 472984]

"Adobe Creative Cloud"=C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2013-09-03 2237328]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2013-03-28 39408]

"AGupdate"=C:\Program Files\AppGraffiti\AGupdate.exe [2013-03-19 894048]

"Optimizer Pro"=C:\Program Files\Optimizer Pro\OptProLauncher.exe [2013-09-29 135672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AppsHat]

C:\Users\Anke\AppData\Local\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BearShare]

C:\Program Files\BearShare Applications\BearShare\BearShare.exe [2013-06-24 31164992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

C:\PROGRA~1\MCAFEE~1\307523~1.318\SSSCHE~1.EXE []

C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup

MyPC Backup.lnk - C:\Program Files\MyPC Backup\MyPC Backup.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=5

"ConsentPromptBehaviorUser"=3

"EnableUIADesktopToggle"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"vidc.uyvy"=msyuv.dll

"vidc.yuy2"=msyuv.dll

"vidc.yvyu"=msyuv.dll

"vidc.iyuv"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"vidc.yvu9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2013-10-25 20:30:03 ----D---- C:\rsit

2013-10-21 21:43:41 ----D---- C:\Program Files\MyPC Backup

2013-10-21 21:43:15 ----D---- C:\ProgramData\Systweak

2013-10-21 21:42:53 ----D---- C:\Program Files\Advanced System Protector

2013-10-21 21:42:53 ----A---- C:\Windows\system32\sasnative32.exe

2013-10-21 21:42:06 ----D---- C:\Users\Anke\AppData\Roaming\Systweak

2013-10-21 21:42:03 ----A---- C:\Windows\system32\roboot.exe

2013-10-21 21:41:26 ----D---- C:\Program Files\RegClean Pro

2013-10-21 12:51:10 ----D---- C:\Users\Anke\AppData\Roaming\PDAppFlex

2013-10-21 12:50:46 ----D---- C:\ProgramData\regid.1986-12.com.adobe

2013-10-21 11:47:57 ----D---- C:\Program Files\Free Zip

2013-10-18 20:29:49 ----D---- C:\ProgramData\SummerSoft

2013-10-18 20:29:42 ----D---- C:\Program Files\WebSearch

2013-10-18 20:29:31 ----D---- C:\Program Files\ss helper

2013-10-18 20:29:21 ----D---- C:\ProgramData\DowiNLoad keepeR

2013-10-18 20:28:55 ----D---- C:\ProgramData\InstallMate

2013-10-18 20:15:07 ----D---- C:\Users\Anke\AppData\Roaming\Optimizer Pro

2013-10-18 20:15:06 ----AD---- C:\ProgramData\TEMP

2013-10-18 20:09:51 ----D---- C:\Program Files\Doko-Toolbar

2013-10-18 20:09:37 ----D---- C:\Users\Anke\AppData\Roaming\Doko-Toolbar

2013-10-18 20:09:18 ----D---- C:\Program Files\Optimizer Pro

2013-10-11 20:34:42 ----D---- C:\Users\Anke\AppData\Roaming\DVDVideoSoftIEHelpers

2013-10-11 20:33:36 ----D---- C:\Program Files\AppGraffiti

2013-10-10 03:07:06 ----A---- C:\Windows\system32\jscript.dll

2013-10-10 03:07:05 ----A---- C:\Windows\system32\jscript9.dll

2013-10-10 03:07:04 ----A---- C:\Windows\system32\jsproxy.dll

2013-10-10 03:07:03 ----A---- C:\Windows\system32\ieui.dll

2013-10-10 03:07:03 ----A---- C:\Windows\system32\iesetup.dll

2013-10-10 03:07:01 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe

2013-10-10 03:07:01 ----A---- C:\Windows\system32\msfeeds.dll

2013-10-10 03:07:01 ----A---- C:\Windows\system32\iernonce.dll

2013-10-10 03:07:01 ----A---- C:\Windows\system32\ie4uinit.exe

2013-10-10 03:07:00 ----A---- C:\Windows\system32\urlmon.dll

2013-10-10 03:07:00 ----A---- C:\Windows\system32\iesysprep.dll

2013-10-10 03:06:59 ----A---- C:\Windows\system32\iertutil.dll

2013-10-10 03:06:57 ----A---- C:\Windows\system32\wininet.dll

2013-10-10 03:06:56 ----A---- C:\Windows\system32\ieframe.dll

2013-10-10 03:06:52 ----A---- C:\Windows\system32\mshtml.dll

2013-10-09 16:16:41 ----D---- C:\Program Files\Delta

2013-10-09 16:16:27 ----D---- C:\Users\Anke\AppData\Roaming\Delta

2013-10-09 16:16:16 ----D---- C:\Users\Anke\AppData\Roaming\BabSolution

2013-10-09 16:16:15 ----D---- C:\ProgramData\DSearchLink

2013-10-09 16:16:01 ----D---- C:\Program Files\diamondata

2013-10-09 16:15:33 ----D---- C:\ProgramData\Babylon

2013-10-09 16:14:48 ----D---- C:\Users\Anke\AppData\Roaming\GoforFiles

2013-10-09 16:14:48 ----D---- C:\Program Files\GoforFiles

2013-10-09 07:07:49 ----A---- C:\Windows\system32\drivers\usbccgp.sys

2013-10-09 07:07:49 ----A---- C:\Windows\system32\comctl32.dll

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbuhci.sys

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbport.sys

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbohci.sys

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbhub.sys

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbehci.sys

2013-10-09 07:07:48 ----A---- C:\Windows\system32\drivers\usbd.sys

2013-10-09 07:07:47 ----A---- C:\Windows\system32\drivers\hidparse.sys

2013-10-09 07:07:47 ----A---- C:\Windows\system32\drivers\hidclass.sys

2013-10-09 07:07:46 ----A---- C:\Windows\system32\drivers\tcpip.sys

2013-10-09 07:07:45 ----A---- C:\Windows\system32\mswsock.dll

2013-10-09 07:07:45 ----A---- C:\Windows\system32\drivers\afd.sys

2013-10-09 07:07:42 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys

2013-10-09 07:07:41 ----A---- C:\Windows\system32\ntoskrnl.exe

2013-10-09 07:07:41 ----A---- C:\Windows\system32\ntkrnlpa.exe

2013-10-09 07:07:40 ----A---- C:\Windows\system32\tdh.dll

2013-10-09 07:07:40 ----A---- C:\Windows\system32\ntdll.dll

2013-10-09 07:07:39 ----A---- C:\Windows\system32\advapi32.dll

2013-10-09 07:07:38 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2013-10-09 07:07:37 ----A---- C:\Windows\system32\lpk.dll

2013-10-09 07:07:37 ----A---- C:\Windows\system32\fontsub.dll

2013-10-09 07:07:37 ----A---- C:\Windows\system32\dciman32.dll

2013-10-09 07:07:37 ----A---- C:\Windows\system32\atmlib.dll

2013-10-09 07:07:37 ----A---- C:\Windows\system32\atmfd.dll

2013-10-09 07:07:35 ----A---- C:\Windows\system32\scavengeui.dll

2013-10-09 07:07:33 ----A---- C:\Windows\system32\win32k.sys

2013-10-09 07:07:29 ----A---- C:\Windows\system32\WebClnt.dll

2013-10-09 07:07:29 ----A---- C:\Windows\system32\drivers\mrxdav.sys

2013-10-09 07:07:29 ----A---- C:\Windows\system32\davclnt.dll

2013-10-09 07:07:27 ----A---- C:\Windows\system32\drivers\usbcir.sys

2013-10-09 07:07:26 ----A---- C:\Windows\system32\drivers\Wdf01000.sys

2013-10-02 20:49:28 ----D---- C:\Users\Anke\AppData\Roaming\BSplayer Pro

2013-10-02 20:49:28 ----D---- C:\Users\Anke\AppData\Roaming\BSplayer

2013-10-02 20:49:14 ----D---- C:\Program Files\Webteh

2013-10-02 20:34:53 ----D---- C:\Program Files\Microsoft Security Client

2013-10-02 20:30:59 ----D---- C:\Users\Anke\AppData\Roaming\tixati

2013-10-02 20:30:45 ----D---- C:\Program Files\tixati

2013-10-02 20:30:20 ----D---- C:\Windows\pss

2013-10-02 20:29:02 ----A---- C:\Windows\system32\drivers\ataport.sys

2013-10-02 20:15:48 ----D---- C:\Program Files\CCleaner

2013-10-02 16:46:49 ----A---- C:\Windows\system32\drivers\PSKMAD.sys

2013-10-02 15:04:31 ----D---- C:\Program Files\GridinSoft Trojan Killer

2013-10-02 14:30:58 ----D---- C:\Program Files\Enigma Software Group

2013-10-02 14:30:25 ----D---- C:\Windows\865537E164904193A4B6669C62711852.TMP

2013-10-02 14:30:24 ----D---- C:\Program Files\Common Files\Wise Installation Wizard

2013-10-02 14:22:53 ----D---- C:\Program Files\LyricsViewer-2

2013-10-02 14:22:44 ----D---- C:\ProgramData\eSafe

======List of files/folders modified in the last 1 month======

2013-10-25 20:30:20 ----D---- C:\Program Files\Trend Micro

2013-10-25 20:30:16 ----D---- C:\Windows\Prefetch

2013-10-25 20:30:06 ----D---- C:\Windows\Temp

2013-10-25 19:00:20 ----D---- C:\Windows\system32\config

2013-10-25 17:46:09 ----HD---- C:\ProgramData

2013-10-25 15:50:22 ----SHD---- C:\System Volume Information

2013-10-25 15:01:29 ----D---- C:\Windows\system32\Tasks

2013-10-25 07:44:00 ----D---- C:\Windows\system32\drivers

2013-10-24 23:28:24 ----D---- C:\Windows

2013-10-24 19:57:10 ----SHD---- C:\Windows\Installer

2013-10-24 13:21:08 ----D---- C:\Windows\Panther

2013-10-24 13:21:08 ----D---- C:\Windows\inf

2013-10-24 13:21:07 ----D---- C:\Windows\debug

2013-10-21 21:43:41 ----RD---- C:\Program Files

2013-10-21 21:43:28 ----D---- C:\Windows\winsxs

2013-10-21 21:42:53 ----D---- C:\Windows\System32

2013-10-21 21:42:28 ----D---- C:\Windows\Tasks

2013-10-21 13:22:39 ----D---- C:\Program Files\Common Files\Adobe

2013-10-21 13:19:33 ----D---- C:\Program Files\Adobe

2013-10-21 12:51:32 ----D---- C:\Users\Anke\AppData\Roaming\Adobe

2013-10-21 12:23:44 ----D---- C:\ProgramData\Adobe

2013-10-21 12:21:05 ----RSD---- C:\Windows\Fonts

2013-10-21 11:56:46 ----D---- C:\Program Files\Common Files\microsoft shared

2013-10-20 10:02:11 ----D---- C:\ProgramData\HitmanPro

2013-10-20 01:58:16 ----D---- C:\Windows\system32\catroot

2013-10-18 16:56:45 ----A---- C:\Windows\system32\PerfStringBackup.INI

2013-10-18 09:01:44 ----D---- C:\Windows\system32\catroot2

2013-10-11 20:38:39 ----D---- C:\Users\Anke\AppData\Roaming\DVDVideoSoft

2013-10-11 20:34:38 ----D---- C:\Program Files\DVDVideoSoft

2013-10-11 20:34:17 ----RSD---- C:\Windows\assembly

2013-10-11 20:34:13 ----D---- C:\Program Files\Common Files\DVDVideoSoft

2013-10-11 20:32:59 ----D---- C:\Users\Anke\AppData\Roaming\OpenCandy

2013-10-10 18:32:07 ----D---- C:\Windows\system32\NDF

2013-10-10 04:12:10 ----D---- C:\Windows\rescache

2013-10-10 03:43:44 ----D---- C:\Windows\Microsoft.NET

2013-10-10 03:34:23 ----D---- C:\Program Files\Microsoft Silverlight

2013-10-10 03:32:52 ----D---- C:\Windows\system32\en-US

2013-10-10 03:32:52 ----D---- C:\Program Files\Internet Explorer

2013-10-10 03:32:50 ----D---- C:\Windows\system32\DriverStore

2013-10-10 03:12:21 ----D---- C:\Windows\system32\MRT

2013-10-10 03:09:09 ----A---- C:\Windows\system32\MRT.exe

2013-10-08 21:18:11 ----A---- C:\Windows\system32\FlashPlayerApp.exe

2013-10-02 20:47:59 ----D---- C:\Windows\Logs

2013-10-02 20:35:03 ----SD---- C:\ProgramData\Microsoft

2013-10-02 20:26:19 ----D---- C:\Program Files\Common Files

2013-10-02 20:08:41 ----D---- C:\Windows\system32\appmgmt

2013-09-26 07:51:21 ----D---- C:\Windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2013-06-18 211560]

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\drivers\vmbus.sys [2010-11-20 175360]

R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2010-11-20 388096]

R2 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2013-06-18 107392]

R2 npf;NetGroup Packet Filter Driver; C:\Windows\system32\drivers\npf.sys [2011-02-11 35088]

R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

R3 aeaudio;aeaudio; C:\Windows\system32\drivers\aeaudio.sys [2003-10-23 100384]

R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]

R3 smwdm;smwdm; C:\Windows\system32\drivers\smwdm.sys [2004-04-15 612416]

S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 AVFSFilter;AVFSFilter; C:\Windows\system32\DRIVERS\avfsfilter.sys []

S3 esgiguard;esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys []

S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2010-11-20 133632]

S3 s3cap;s3cap; C:\Windows\system32\drivers\vms3cap.sys [2010-11-20 5632]

S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 storvsc;storvsc; C:\Windows\system32\drivers\storvsc.sys [2010-11-20 28032]

S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VMBusHID;VMBusHID; C:\Windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-05-11 65640]

R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files\MyPC Backup\BackupStack.exe [2013-09-20 38440]

R2 ca82e1a5;Optimizer Pro Crash Monitor; c:\progra~1\optimi~1\OptProCrash.exe [2013-10-18 143488]

R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]

R2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2013-08-26 101888]

R2 FreemakeVideoCapture;FreemakeVideoCapture; C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe [2013-08-26 9216]

R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2013-10-20 106280]

R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2013-08-12 22208]

R2 Update diamondata;Update diamondata; C:\Program Files\diamondata\updatediamondata.exe [2013-10-03 65312]

R2 Util diamondata;Util diamondata; C:\Program Files\diamondata\bin\utildiamondata.exe [2013-10-10 65312]

R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2013-08-12 295376]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 gupdate;Google Update-service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-28 136176]

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-10-08 257416]

S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]

S3 gupdatem;Google Update-service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2013-03-28 136176]

S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-28 194032]

S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-03-07 115608]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-03-28 1343400]

-----------------EOF-----------------

Van zodra 1 van de experts online is zal deze je zeker verder helpen aangaande je vraag/probleem.

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
{339E1B37-76D3-4A64-A988-E81425DF831C};c
 C:\Program Files\Doko-Toolbar;fs
 Optimizer Pro;s
 C:\Program Files\Optimizer Pro;fs
 C:\Program Files\MyPC Backup;fs
 C:\Program Files\Common Files\DVDVideoSoft;fs
 C:\Users\Anke\AppData\Roaming\DVDVideoSoftIEHelpers;fs
 {AAA38851-3CFF-475F-B5E0-720D3645E4A5};c
 C:\Program Files\Minibar;fs
 ca82e1a5;s
 Update diamondata;s
 Util diamondata;s
 C:\Program Files\diamondata;fs
 C:\Windows\tasks\LyricsViewer-2-chromeinstaller.job;f
 C:\Windows\tasks\LyricsViewer-2-codedownloader.job;f
 C:\Windows\tasks\LyricsViewer-2-enabler.job;f
 C:\Windows\tasks\LyricsViewer-2-firefoxinstaller.job;f
 C:\Windows\tasks\LyricsViewer-2-updater.job;f
 C:\Windows\tasks\RegClean Pro_DEFAULT.job;f
 C:\Windows\tasks\RegClean Pro_UPDATES.job;f
 C:\Program Files\VideoDownloadConverter_4z;fs
 [-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin];r
 C:\Program Files\Mozilla Firefox\searchplugins\qone8.xml;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e...0d3e13631d.com;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\[email="ffxtlbr@babylon.com"]ffxtlbr@babylon.com[/email];f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\babylon.xml;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\dokotoolbar.xml;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\WebSearch.xml;f
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
 "Optimizer Pro"=-;r
 C:\ProgramData\Systweak;fs
 C:\Program Files\Advanced System Protector;fs
 C:\Users\Anke\AppData\Roaming\Systweak;fs
 C:\Program Files\RegClean Pro;fs
 C:\Program Files\WebSearch;fs
 C:\ProgramData\InstallMate;fs
 C:\Users\Anke\AppData\Roaming\Optimizer Pro;fs
 C:\Program Files\Doko-Toolbar
 C:\Users\Anke\AppData\Roaming\Doko-Toolbar;fs
 C:\Program Files\Optimizer Pro;fs
 C:\Users\Anke\AppData\Roaming\DVDVideoSoftIEHelpers;fs
 C:\Program Files\Delta;fs
 C:\Users\Anke\AppData\Roaming\Delta;fs
 C:\Users\Anke\AppData\Roaming\BabSolution;fs
 C:\ProgramData\DSearchLink;fs
 C:\Program Files\diamondata;fs
 C:\ProgramData\Babylon;fs
 C:\Program Files\LyricsViewer-2;fs
 C:\Users\Anke\AppData\Roaming\OpenCandy;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Defaults
  
• Reset Chrome
  
• IE Defaults
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Zoek.exe Version 4.0.0.4 Updated 26-October-2013

Tool run by Anke on za 26/10/2013 at 9:21:25,66.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Anke\Desktop\zoek.exe [script inserted]

==== System Restore Info ======================

26/10/2013 9:23:08 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\ProgramData\Babylon deleted successfully

C:\ProgramData\{C4ABDBC8-1C81-42C9-BFFC-4A68511E9E4F} deleted successfully

C:\Users\Anke\AppData\Roaming\Google deleted successfully

C:\Users\Anke\AppData\Local\Lollipop deleted successfully

C:\Users\Anke\AppData\Local\WMTools Downloaded Files deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-766547166-3330058944-3535508039-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{339E1B37-76D3-4A64-A988-E81425DF831C} deleted successfully

HKEY_USERS\S-1-5-21-766547166-3330058944-3535508039-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{339E1B37-76D3-4A64-A988-E81425DF831C} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{339E1B37-76D3-4A64-A988-E81425DF831C} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{339E1B37-76D3-4A64-A988-E81425DF831C} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ca82e1a5 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\ca82e1a5 deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util diamondata deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util diamondata deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@VideoDownloadConverter_4z.com/Plugin]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"Optimizer Pro"=-

==== Deleting Files \ Folders ======================

C:\Program Files\VideoDownloadConverter_4z not found

C:\ProgramData\Babylon not found

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e...0d3e13631d.com" not found

C:\Program Files\Doko-Toolbar deleted

C:\Users\Anke\AppData\Roaming\DVDVideoSoftIEHelpers deleted

C:\Program Files\Minibar deleted

C:\ProgramData\Systweak deleted

C:\Users\Anke\AppData\Roaming\Systweak deleted

C:\Program Files\RegClean Pro deleted

C:\Program Files\WebSearch deleted

C:\ProgramData\InstallMate deleted

C:\Users\Anke\AppData\Roaming\Optimizer Pro deleted

C:\Users\Anke\AppData\Roaming\Doko-Toolbar deleted

C:\Program Files\Delta deleted

C:\Users\Anke\AppData\Roaming\Delta deleted

C:\Users\Anke\AppData\Roaming\BabSolution deleted

C:\ProgramData\DSearchLink deleted

C:\Program Files\LyricsViewer-2 deleted

"C:\Windows\tasks\LyricsViewer-2-chromeinstaller.job" deleted

"C:\Windows\tasks\LyricsViewer-2-codedownloader.job" deleted

"C:\Windows\tasks\LyricsViewer-2-enabler.job" deleted

"C:\Windows\tasks\LyricsViewer-2-firefoxinstaller.job" deleted

"C:\Windows\tasks\LyricsViewer-2-updater.job" deleted

"C:\Windows\tasks\RegClean Pro_DEFAULT.job" deleted

"C:\Windows\tasks\RegClean Pro_UPDATES.job" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\qone8.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\babylon.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\dokotoolbar.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\searchplugins\WebSearch.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\chrome.manifest" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\ini.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\install.rdf" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\install.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\chrome.manifest" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\install.rdf" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\uninstall.exe" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\chrome.manifest" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\install.rdf" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\uninstall.exe" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\chrome\AppGraffiti.jar" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@babylon.com\defaults\preferences\dflt.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\components\FFDisp.dll" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\delta.css" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\delta.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\dpk.htm" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\hlprs.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\loader.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\mtstart.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\serp.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\tmplt.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\arwDwn.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\closeo.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\help_16.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\home.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\icon_seperator.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\logo.PNG" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\privecy_16_hot.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\sign.jpg" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\specialoffer.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\tellafriend.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\uninstall.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ae.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\bg.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ch.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cn.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\cz.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\de.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\eg.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\en.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\es.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\fr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\gr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\he.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\il.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\it.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ja.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\jp.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\nl.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\no.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pl.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\pt.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ro.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ru.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sa.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\se.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\sv.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\tr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\ua.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs\us.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\components\FFDisp.dll" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\dokotoolbar.css" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\dokotoolbar.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\dpk.htm" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\hlprs.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\loader.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\mtstart.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\serp.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\tmplt.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\arwDwn.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\closeo.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\help_16.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\home.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\icon_seperator.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\logo.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\privecy_16_hot.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\sign.jpg" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\specialoffer.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\tellafriend.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\uninstall.gif" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ae.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\bg.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ch.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\cn.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\cz.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\de.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\eg.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\en.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\es.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\fr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\gr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\he.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\il.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\it.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ja.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\jp.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\nl.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\no.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\pl.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\pt.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ro.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ru.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\sa.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\se.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\sv.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\tr.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\ua.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs\us.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\defaults\preferences\dflt.js" deleted

"C:\Program Files\Optimizer Pro\OptProReminder.exe" deleted

"C:\Program Files\MyPC Backup\AWSSDK.dll" deleted

"C:\Program Files\MyPC Backup\BackupStack.exe" deleted

"C:\Program Files\MyPC Backup\GetText.dll" deleted

"C:\Program Files\MyPC Backup\MPCBClient.dll" deleted

"C:\Program Files\MyPC Backup\MyPC Backup.exe" deleted

"C:\Program Files\MyPC Backup\Shared Stack.dll" deleted

"C:\Program Files\diamondata\updatediamondata.exe" deleted

"C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe" deleted

"C:\Program Files\Advanced System Protector\aspsys.dll" deleted

"C:\Program Files\Advanced System Protector\Microsoft.Win32.TaskScheduler.DLL" deleted

"C:\Program Files\Advanced System Protector\System.Data.SQLite.dll" deleted

"C:\Program Files\Advanced System Protector\unrar.dll" deleted

"C:\Program Files\Advanced System Protector\Xceed.Compression.dll" deleted

"C:\Program Files\Advanced System Protector\Xceed.FileSystem.dll" deleted

"C:\Program Files\Advanced System Protector\Xceed.Zip.dll" deleted

"C:\Program Files\Optimizer Pro\OptProReminder.exe" deleted

"C:\Program Files\diamondata\updatediamondata.exe" deleted

"C:\Program Files\MyPC Backup\Database\mpcb_settings.db" deleted

"C:\Program Files\MyPC Backup\Database\mpcb_version_queue.db" deleted

"C:\Program Files\MyPC Backup\x86\System.Data.SQLite.dll" deleted

"C:\Program Files\MyPC Backup\Resources\keycache\_023c2e8d-b42d-4c64-a874-27ec03d084e7_backupKeyCache.block" not deleted

"C:\Program Files\MyPC Backup\Resources\keycache\_023c2e8d-b42d-4c64-a874-27ec03d084e7_backupKeyCache.tree" not deleted

"C:\Program Files\MyPC Backup\Resources\keycache\_28f505d4-dc5a-4ff1-908d-a9a2506facfe_backupKeyCache.block" not deleted

"C:\Program Files\MyPC Backup\Resources\keycache\_28f505d4-dc5a-4ff1-908d-a9a2506facfe_backupKeyCache.tree" not deleted

"C:\Program Files\Common Files\DVDVideoSoft\lib\DVSShellContextMenuExtension.dll" deleted

"C:\Program Files\diamondata\bin\sqlite3.dll" deleted

"C:\Program Files\diamondata\bin\utildiamondata.exe" deleted

"C:\Program Files\diamondata\bin\sqlite3.dll" deleted

"C:\Program Files\diamondata\bin\utildiamondata.exe" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@babylon.com" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\AppGraffiti@AppGraffiti.com\chrome" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@babylon.com\defaults" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@babylon.com\defaults\preferences" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\components" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@delta.com\content\imgs\flgs" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\components" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\defaults" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\content\imgs\flgs" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\ffxtlbr@dokotoolbar.com\defaults\preferences" deleted

"C:\Program Files\Optimizer Pro" deleted

"C:\Program Files\MyPC Backup" not deleted

"C:\Program Files\Common Files\DVDVideoSoft" not deleted

"C:\Program Files\diamondata" not deleted

"C:\Program Files\Advanced System Protector" not deleted

"C:\Program Files\Optimizer Pro" deleted

"C:\Program Files\diamondata" not deleted

"C:\Users\Anke\AppData\Roaming\OpenCandy" deleted

"C:\Program Files\MyPC Backup\Database" not deleted

"C:\Program Files\MyPC Backup\Resources" not deleted

"C:\Program Files\MyPC Backup\x86" not deleted

"C:\Program Files\MyPC Backup\Resources\keycache" not deleted

"C:\Program Files\Common Files\DVDVideoSoft\lib" not deleted

"C:\Program Files\diamondata\bin" not deleted

"C:\Program Files\diamondata\bin" not deleted

==== Files Recently Created / Modified ======================

====== C:\Windows ====

2013-10-02 18:35:40 2A66E81AE941E54A237490FC35D387C8 1945 ----a-w- C:\Windows\epplauncher.mif

====== C:\Users\Anke\AppData\Local\Temp ====

====== Java Cache =====

2013-10-22 10:06:35 0F08A8F6BA89A7E31BD59FE8189B97BC 193418 ----a-w- C:\Users\Anke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\32\474b93a0-1e91598d

2013-10-22 10:06:36 E035E0B09BCADCCD3FBAD1CD731585A4 469 ----a-w- C:\Users\Anke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\38\4de63de6-337c0836

2013-10-04 09:01:57 A98998FB8CF1C95844FC05EFFB8A6C76 1040305 ----a-w- C:\Users\Anke\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\54\5530fcf6-4ed5e94e

====== C:\Windows\system32 =====

2013-10-21 19:42:53 0065E911F966A71A115D9A52FF3DFC99 17136 ----a-w- C:\Windows\System32\sasnative32.exe

2013-10-21 19:42:03 05589174BBE539C14B3F466C33963CA8 18776 ----a-w- C:\Windows\System32\roboot.exe

====== C:\Windows\system32\drivers =====

2013-10-09 05:07:49 71D97F1A3CC47A56728F7A400A3F8295 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

2013-10-09 05:07:48 FDA6F2BB7FA034D95863ED8788B4E416 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2013-10-09 05:07:48 DCDF9855145A14DFCA0AB32308871961 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2013-10-09 05:07:48 C4FB8E7ADEA9B5CEEA885A1B504B7E40 43008 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2013-10-09 05:07:48 8E51D04175BAA14C4F79AA5F6D248770 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2013-10-09 05:07:48 86AA95ACB611001E26CD2C0145F2225A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2013-10-09 05:07:48 6FB17D7A2E76B838886E5E8C60239DAE 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2013-10-09 05:07:47 F1B27299F547D452EDAEF01FC187CB91 25728 ----a-w- C:\Windows\System32\drivers\hidparse.sys

2013-10-09 05:07:47 50ABE682EBE752EAF62B18790D6D491C 55808 ----a-w- C:\Windows\System32\drivers\hidclass.sys

2013-10-09 05:07:46 CA59F7C570AF70BC174F477CFE2D9EE3 1294272 ----a-w- C:\Windows\System32\drivers\tcpip.sys

2013-10-09 05:07:45 F81BB7E487EDCEAB630A7EE66CF23913 338944 ----a-w- C:\Windows\System32\drivers\afd.sys

2013-10-09 05:07:42 71BC35067CABC02C9453AEAA42B2E43E 729024 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys

2013-10-09 05:07:29 21F4B24ACFC79A483515BD986DD9043F 115712 ----a-w- C:\Windows\System32\drivers\mrxdav.sys

2013-10-09 05:07:27 2352AB5F9F8F097BF9D41D5A4718A041 86016 ----a-w- C:\Windows\System32\drivers\usbcir.sys

2013-10-09 05:07:26 25944D2CC49E0A6C581D02A74B7D6645 527064 ----a-w- C:\Windows\System32\drivers\Wdf01000.sys

2013-10-02 18:29:02 DDCE686D76C2B4DB435A3AF5BD0E691D 133056 ----a-w- C:\Windows\System32\drivers\ataport.sys

2013-10-02 14:46:49 05A0C2744CEAC6F1B723EC469B650EF0 47632 ----a-w- C:\Windows\System32\drivers\PSKMAD.sys

====== C:\Windows\Tasks ======

2013-10-21 19:44:58 275154DD1D3A25C63F95BCFE3D1E2116 3108 ----a-w- C:\Windows\system32\Tasks\Advanced System Protector_startup

2013-10-21 19:42:16 BF659580A7F0084F918B449AF1EB9299 3096 ----a-w- C:\Windows\system32\Tasks\RegClean Pro

2013-10-21 09:58:31 1D63C72B24927B7CC5629434AF27568B 3490 ----a-w- C:\Windows\system32\Tasks\AdobeAAMUpdater-1.0-Zot_geval-Anke

2013-10-21 09:47:48 27B7CF5B01174A689320ADBAB583C408 3246 ----a-w- C:\Windows\system32\Tasks\SomotoUpdateCheckerAutoStart

2013-10-11 18:47:33 419BB1F10DA8563CCC6C1804FE6421D4 3420 ----a-w- C:\Windows\system32\Tasks\BitGuard

2013-10-09 14:16:19 6403227901BA34D636F0DB56E75A17C7 3386 ----a-w- C:\Windows\system32\Tasks\EPUpdater

2013-10-09 14:15:12 BEABB0E90908206BB3C58E90370CFFB7 3062 ----a-w- C:\Windows\system32\Tasks\GoforFilesUpdate

====== C:\Windows\Temp ======

======= C:\Program Files =====

2013-10-21 19:43:41 -------- d-----w- C:\Program Files\MyPC Backup

2013-10-21 19:42:53 -------- d-----w- C:\Program Files\Advanced System Protector

2013-10-21 09:47:57 -------- d-----w- C:\Program Files\Free Zip

2013-10-18 18:29:31 -------- d-----w- C:\Program Files\ss helper

2013-10-11 18:33:36 -------- d-----w- C:\Program Files\AppGraffiti

2013-10-09 14:16:01 -------- d-----w- C:\Program Files\diamondata

2013-10-09 14:14:48 -------- d-----w- C:\Program Files\GoforFiles

2013-10-02 18:49:14 -------- d-----w- C:\Program Files\Webteh

2013-10-02 18:30:45 -------- d-----w- C:\Program Files\tixati

2013-10-02 13:04:31 -------- d-----w- C:\Program Files\GridinSoft Trojan Killer

2013-10-02 12:30:58 -------- d-----w- C:\Program Files\Enigma Software Group

2013-10-02 12:30:24 -------- d-----w- C:\Program Files\Common Files\Wise Installation Wizard

======= C: =====

====== C:\Users\Anke\AppData\Roaming ======

2013-10-21 19:43:50 -------- d-----w- C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

2013-10-21 10:51:10 -------- d-----w- C:\Users\Anke\AppData\Roaming\PDAppFlex

2013-10-21 09:47:49 -------- d-----w- C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FilesFrog Update Checker

2013-10-21 09:47:41 -------- d-----w- C:\Users\Anke\AppData\Local\FilesFrog Update Checker

2013-10-11 18:38:57 -------- d-----w- C:\Users\Anke\AppData\Locallow\Delta

2013-10-11 18:33:41 -------- d-----w- C:\Users\Anke\AppData\Locallow\AppGraffiti

2013-10-09 16:29:12 -------- d-----w- C:\Users\Anke\AppData\Local\avgchrome

2013-10-09 14:16:36 -------- d-----w- C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard

2013-10-09 14:14:48 -------- d-----w- C:\Users\Anke\AppData\Roaming\GoforFiles

2013-10-02 18:49:28 -------- d-----w- C:\Users\Anke\AppData\Roaming\BSplayer Pro

2013-10-02 18:49:28 -------- d-----w- C:\Users\Anke\AppData\Roaming\BSplayer

2013-10-02 18:30:59 -------- d-----w- C:\Users\Anke\AppData\Roaming\tixati

2013-10-02 18:30:49 -------- d-----w- C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tixati

====== C:\Users\Anke ======

2013-10-25 18:29:30 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Anke\Downloads\RSIT.exe

2013-10-21 19:43:19 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector

2013-10-21 19:42:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RegClean Pro

2013-10-21 19:39:28 E423CB96C400DBB600DE5FD91F2937A6 611648 ----a-w- C:\Users\Anke\Downloads\the-wolverine-dut-5160271.exe

2013-10-21 10:50:46 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe

2013-10-21 09:54:25 E44FC2615F6C32C663F7D13B121B850A 2832256 ----a-w- C:\Users\Anke\Downloads\CreativeCloudSet-Up.exe

2013-10-21 09:48:01 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Free Zip

2013-10-21 09:47:12 32409777B3EB2BF508E677FA945C37D1 166632 ----a-w- C:\Users\Anke\Downloads\FreeZipSetup.exe

2013-10-18 18:29:49 -------- d-----w- C:\ProgramData\SummerSoft

2013-10-18 18:29:21 -------- d-----w- C:\ProgramData\DowiNLoad keepeR

2013-10-18 18:28:45 84FEC64CF1DB849FE26968CDF11EB030 329048 ----a-w- C:\Users\Anke\Downloads\Les-Miserables-2012-DVDSCR-EDAW2013-srt.exe

2013-10-18 18:15:06 -------- d---a-w- C:\ProgramData\TEMP

2013-10-18 18:09:52 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2

2013-10-18 18:07:52 A7E6BB3D12BD7D2558C4C0AA769E19DF 611648 ----a-w- C:\Users\Anke\Downloads\les-miserables-dut-4863346.exe

2013-10-11 18:33:40 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AppGraffiti

2013-10-02 18:50:24 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player

2013-10-02 12:22:44 -------- d-----w- C:\ProgramData\eSafe

====== C: exe-files ==

2013-10-25 18:30:04 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\Trend Micro\Anke.exe

2013-10-25 18:29:30 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Anke\Downloads\RSIT.exe

2013-10-21 19:42:53 0065E911F966A71A115D9A52FF3DFC99 17136 ----a-w- C:\Windows\System32\sasnative32.exe

2013-10-21 19:42:03 05589174BBE539C14B3F466C33963CA8 18776 ----a-w- C:\Windows\System32\roboot.exe

2013-10-21 19:39:28 E423CB96C400DBB600DE5FD91F2937A6 611648 ----a-w- C:\Users\Anke\Downloads\the-wolverine-dut-5160271.exe

2013-10-21 09:54:25 E44FC2615F6C32C663F7D13B121B850A 2832256 ----a-w- C:\Users\Anke\Downloads\CreativeCloudSet-Up.exe

2013-10-21 09:48:05 AC8F7611F353CA9803FAD5FF81900678 228432 ----a-w- C:\Users\Anke\AppData\Local\Bundled software uninstaller\biclient.exe

2013-10-21 09:48:02 B6A40AC93155EC0A6FFDFCF39607CF78 58785 ----a-w- C:\Program Files\Free Zip\Uninstall.exe

2013-10-21 09:47:48 A29AE906C3A3AA83E934E77C8E198C8E 61990 ----a-w- C:\Users\Anke\AppData\Local\FilesFrog Update Checker\uninstall.exe

2013-10-21 09:47:12 32409777B3EB2BF508E677FA945C37D1 166632 ----a-w- C:\Users\Anke\Downloads\FreeZipSetup.exe

=== C: other files ==

2013-10-21 19:40:58 1FC66FDE338E51E765C221E8665BFF40 21570 ----a-w- C:\Users\Anke\Desktop\downloads\the-wolverine-dut-51602.zip

2013-10-21 11:22:45 FF236A1AE6AB3FA7A4DBC5E116749906 13823802 ----a-w- C:\Program Files\Common Files\Adobe\Adobe\AdobePatchFiles\{F096BB83-0493-4882-9796-633B26900066}.zip

2013-10-21 11:22:14 D1E6A222BE84C86B0F198A97C6994D81 9559022 ----a-w- C:\ProgramData\Adobe\CameraRaw\Adobe\AdobePatchFiles\{5F3BB96C-06FC-4A40-A8F9-D0C0470F659B}.zip

2013-10-21 11:21:05 695393F1AAB03066BA0969D7A8F04A32 7152388 ----a-w- C:\Program Files\Adobe\Adobe\AdobePatchFiles\{E6EAFC2D-08C7-4CAF-978D-721FED26BE14}.zip

2013-10-21 11:19:35 484EF5BD232D2A81E6EA0AC191203F1F 5457 ----a-w- C:\Program Files\Adobe\Adobe\AdobePatchFiles\{54945F15-E8F0-4FE6-B549-EA90BBDA8ED2}.zip

2013-10-21 11:18:05 76CDB2BAD9582D23C1F6F4D868218D6C 22 ----a-w- C:\Program Files\Common Files\Adobe\CEPServiceManager4\Adobe\AdobePatchFiles\{81036849-4B6D-4CB8-8D47-31222F3540E3}.zip

2013-10-21 09:57:10 4AB22EB2C58A697F1E63906536DA4A06 216316 ----a-w- C:\Program Files\Common Files\Adobe\CEPServiceManager4\Adobe\AdobePatchFiles\{D6EDED07-FEE0-4C10-B477-95FF3085DF31}.zip

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-766547166-3330058944-3535508039-1000\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"AGupdate"="C:\Program Files\AppGraffiti\AGupdate.exe"

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"SPReview"="C:\Windows\System32\SPReview\SPReview.exe /sp:1 /errorfwlink:Troubleshoot problems installing Service Pack 1 (SP1) for Windows 7 and Windows Server 2008 R2 /build:7601"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"MSC"="c:\Program Files\Microsoft Security Client\msseces.exe -hide -runkey"

"AdobeAAMUpdater-1.0"="C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"

"Adobe Creative Cloud"="C:\Program Files\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe --showwindow=false --onOSstartup=true"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

"AGupdate"="C:\Program Files\AppGraffiti\AGupdate.exe"

==== Startup Registry Disabled ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\AppsHat]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="AppsHat"

"hkey"="HKCU"

"command"="C:\\Users\\Anke\\AppData\\Local\\WebPlayer\\AppsHat\\WebPlayer.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\BearShare]

"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"

"item"="BearShare"

"hkey"="HKCU"

"command"="\"C:\\Program Files\\BearShare Applications\\BearShare\\BearShare.exe\" --lightmode"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk]

"item"="McAfee Security Scan Plus"

"path"="C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\Startup\\McAfee Security Scan Plus.lnk"

"backup"="C:\\Windows\\pss\\McAfee Security Scan Plus.lnk.CommonStartup"

"backupExtension"=".CommonStartup"

"command"="C:\\PROGRA~1\\MCAFEE~1\\307523~1.318\\SSSCHE~1.EXE"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run-]

"Adobe ARM"="\"C:\\Program Files\\Common Files\\Adobe\\ARM\\1.0\\AdobeARM.exe\""

"SunJavaUpdateSched"="\"C:\\Program Files\\Common Files\\Java\\Java Update\\jusched.exe\""

==== Startup Folders ======================

2013-10-21 19:43:50 1055 ----a-w- C:\Users\Anke\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk

==== Task Scheduler Jobs ======================

C:\Windows\tasks\Adobe Flash Player Updater.job --a------ [undetermined Task]

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [28/03/2013 22:31]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\system32\tasks\Adobe Flash Player Updater" [C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\Windows\system32\tasks\Adobe online update program" [C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe]

"C:\Windows\system32\tasks\AdobeAAMUpdater-1.0-Zot_geval-Anke" [C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe]

"C:\Windows\system32\tasks\Advanced System Protector_startup" [C:\Program Files\Advanced System Protector\AdvancedSystemProtector.exe]

"C:\Windows\system32\tasks\BitGuard" [C:\Windows\system32\sc.exe start BitGuard]

"C:\Windows\system32\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\Windows\system32\tasks\EPUpdater" [C:\Users\Anke\AppData\Roaming\BABSOL~1\Shared\BabMaint.exe]

"C:\Windows\system32\tasks\GoforFilesUpdate" [C:\Program Files\GoforFiles\GFFUpdater.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\Windows\system32\tasks\Java Update Scheduler" [C:\Program Files\Common Files\Java\Java Update\jusched.exe]

"C:\Windows\system32\tasks\RegClean Pro" [C:\Program Files\RegClean Pro\RegCleanPro.exe]

"C:\Windows\system32\tasks\SomotoUpdateCheckerAutoStart" [C:\Users\Anke\AppData\Local\FilesFrog Update Checker\update_checker.exe]

"C:\Windows\system32\tasks\NCH Software\VideoPadDowngrade" [C:\Program Files\NCH Software\VideoPad\videopad.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"="C:\Program Files\Common Files\DVDVideoSoft\plugins\ff" []

==== Firefox Extensions ======================

ProfilePath: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default

- LyricsViewer-2 - %ProfilePath%\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com

- Undetermined - %ProfilePath%\extensions\staged

- AppsHat - %ProfilePath%\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}

- diamondata - %ProfilePath%\extensions\firefox@diamondata.net.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[16/08/2013 07:36]

edcikfknpchdehdlmjpbofgkoaonaijg - C:\Users\Anke\AppData\Roaming\BabSolution\CR\Doko.crx[]

ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[16/08/2013 07:36]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Anke\AppData\Roaming\BabSolution\CR\Delta.crx[]

hendmekoldfacfhlojkjcnbjegkahclb - C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[02/10/2013 14:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

Google Docs - Anke - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

DowiNLoad keepeR - Anke - Default\Extensions\bihdackfdgiogegcokiakmpkbimmommm

YouTube - Anke - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Anke - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Doko Toolbar - Anke - Default\Extensions\edcikfknpchdehdlmjpbofgkoaonaijg

Delta Toolbar - Anke - Default\Extensions\eooncjejnppfjjklapaamhcdmjbilmde

LyricsViewer-2 - Anke - Default\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd

diamondata - Anke - Default\Extensions\hendmekoldfacfhlojkjcnbjegkahclb

Web Video Solution - Anke - Default\Extensions\lehjhdjciofcglicaidnlfleggadgfpk

Helper extension - Anke - Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla

DVDVideoSoft - Anke - Default\Extensions\nikpibnbobmbdbheedjfogjlikpgpnhp

Chrome In-App Payments service - Anke - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Anke - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Anke - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

DowiNLoad keepeR - Anke - Profile 1\Extensions\bihdackfdgiogegcokiakmpkbimmommm

YouTube - Anke - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Freemake Video Downloader - Anke - Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Google Search - Anke - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Freemake Youtube Download Button - Anke - Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh

LyricsViewer-2 - Anke - Profile 1\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd

Select City - Anke - Profile 1\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Gmail - Anke - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

undetermined - Anke - Default\Extensions\newtab.crx

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\4zffxtbr@VideoDownloadConverter_4z.com deleted successfully

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C} deleted successfully

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files\MyPC Backup\Resources\keycache\_023c2e8d-b42d-4c64-a874-27ec03d084e7_backupKeyCache.block" not found

"C:\Program Files\MyPC Backup\Resources\keycache\_023c2e8d-b42d-4c64-a874-27ec03d084e7_backupKeyCache.tree" not found

"C:\Program Files\MyPC Backup\Resources\keycache\_28f505d4-dc5a-4ff1-908d-a9a2506facfe_backupKeyCache.block" not found

"C:\Program Files\MyPC Backup\Resources\keycache\_28f505d4-dc5a-4ff1-908d-a9a2506facfe_backupKeyCache.tree" not found

"C:\Program Files\MyPC Backup" not found

"C:\Program Files\Common Files\DVDVideoSoft" not found

"C:\Program Files\diamondata" not found

"C:\Program Files\Advanced System Protector" not found

"C:\Program Files\diamondata" not found

==== EOF on za 26/10/2013 at 9:37:18,36 ======================

Download Zoek.zip naar het bureaublad.

• Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  
• Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.
  
• Klik met de rechtermuisknop op Zoek.zip en klik op de optie "Alles uitpakken".
  
• Dubbelklik op Zoek.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

chromelook; 
firefoxlook; 
 C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx;f
 Nikpibnbobmbdbheedjfogjlikpgpnhp;chr
 Edcikfknpchdehdlmjpbofgkoaonaijg;chr
 Eooncjejnppfjjklapaamhcdmjbilmde;chr
 Gnbbmjlpkhenbefmmdjodjfmcamegmpd;chr
 Hendmekoldfacfhlojkjcnbjegkahclb;chr
 Bihdackfdgiogegcokiakmpkbimmommm;chr
 Lehjhdjciofcglicaidnlfleggadgfpk;chr
 Nchpfiddbhbdnagofhkjlaiaejmkdcla;chr
 Nikpibnbobmbdbheedjfogjlikpgpnhp;chr
 Bihdackfdgiogegcokiakmpkbimmommm;chr
 Gnbbmjlpkhenbefmmdjodjfmcamegmpd;chr
 C:\Program Files\MyPC Backup;fs
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\firefox@diamondata.net.xpi;f
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd};fs
 [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions];r
 "{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=-;r
 C:\Windows\system32\tasks\BitGuard;fs
 C:\Windows\system32\tasks\RegClean Pro;fs
 C:\Program Files\RegClean Pro;fs

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Zoek.exe Version 4.0.0.4 Updated 26-October-2013

Tool run by Anke on za 26/10/2013 at 15:15:05,73.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Anke\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-26-073718.log 45312 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"{ACAA314B-EEBA-48e4-AD47-84E31C44796C}"=-

==== Deleting Files \ Folders ======================

C:\Program Files\MyPC Backup not found

C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} not found

C:\Program Files\RegClean Pro not found

"C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx" not found

C:\Windows\system32\tasks\BitGuard deleted

C:\Windows\system32\tasks\RegClean Pro deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\firefox@diamondata.net.xpi" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome.manifest" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\install.rdf" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\manifest.xml" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins.json" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\button1.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\button2.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\button3.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\button4.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\button5.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\crossrider_statusbar.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\icon128.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\icon16.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\icon24.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\icon48.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\panelarrow-up.png" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\popup.html" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\skin.css" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin\update.css" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\background.html" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\baseObject.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\browser.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\dialog.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\main.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\options.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\options.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\search_dialog.xul" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\asyncDB.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\background.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\browserAction.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\contextMenu.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\dbManager.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\dom_bg.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\fileManager.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\firefox.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\firefoxNotifications.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\firefoxOmnibox.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\message.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\pageAction.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\request.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\tabs.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api\webRequest.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\console.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\consts.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\delegate.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\extensionDataStore.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\folderIOWrapper.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\httpObserver.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\IDBWrapper.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\installer.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\logFile.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\prefs.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\progressListenerObserver.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\registry.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\reloadObserver.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\reports.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\requestObject.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\searchSettings.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\uninstallObserver.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\updateManager.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\utils.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core\xhr.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\defaults\preferences\prefs.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\101_cortica_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\102_dealply_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\103_intext_5_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\104_jollywallet_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\105_corticas_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\107_coupish_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\108_icm_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\116_ads_only_5_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\117_coupons_intext_ads_5_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\119_similar_web_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\120_luck_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\123_intext_adv_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\124_superfish_no_search_no_coupons_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\125_arcadi2_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\126_revizer_ws_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\127_revizer_p_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\128_superfish_pricora_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\129_widdit_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\135_arcadi3_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\138_getdeal_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\13_CrossriderAppUtils.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\141_corticas_ru_m.js.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\142_intext_fa_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\14_CrossriderUtils.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\155_ibario_pops_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\158_50onred_ads_only_no_fb_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\159_cortica_rollover_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\16_FFAppAPIWrapper.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\17_jQuery.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\1_base.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\21_debug.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\22_resources.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\28_initializer.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\47_resources_background.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\4_jquery_1_7_1.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\64_appApiMessage.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\72_appApiValidation.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\78_CrossriderInfo.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\87_ginyas_wrapper.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\91_monetizationLoader.js.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\92_superfish_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\93_superfish_no_coupons_m.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins\98_omniCommands.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\userCode\background.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\userCode\extension.js" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\locale\en-US\translations.dtd" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\defaults" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\locale" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\skin" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\api" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\chrome\content\core" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\defaults\preferences" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\plugins" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\extensionData\userCode" deleted

"C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\75c7fb8e-ed08-477a-8353-7cf520516d6e@19506253-d4c6-4684-b849-190d3e13631d.com\locale\en-US" deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"ytfmdownloader@gmail.com"="C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" [04/09/2013 20:51]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default

- Undetermined - %ProfilePath%\extensions\staged

- AppsHat - %ProfilePath%\extensions\{97A78363-B868-4B48-AC91-A783A31215AF}

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[16/08/2013 07:36]

edcikfknpchdehdlmjpbofgkoaonaijg - C:\Users\Anke\AppData\Roaming\BabSolution\CR\Doko.crx[]

ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[16/08/2013 07:36]

eooncjejnppfjjklapaamhcdmjbilmde - C:\Users\Anke\AppData\Roaming\BabSolution\CR\Delta.crx[]

hendmekoldfacfhlojkjcnbjegkahclb - C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[02/10/2013 14:22]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

nikpibnbobmbdbheedjfogjlikpgpnhp - C:\Program Files\Common Files\DVDVideoSoft\plugins\DVDVideoSoftBrowserExtension.crx[]

Google Docs - Anke - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

DowiNLoad keepeR - Anke - Default\Extensions\bihdackfdgiogegcokiakmpkbimmommm

YouTube - Anke - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Anke - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

LyricsViewer-2 - Anke - Default\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd

Web Video Solution - Anke - Default\Extensions\lehjhdjciofcglicaidnlfleggadgfpk

Helper extension - Anke - Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla

Chrome In-App Payments service - Anke - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Anke - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Anke - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

DowiNLoad keepeR - Anke - Profile 1\Extensions\bihdackfdgiogegcokiakmpkbimmommm

YouTube - Anke - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Freemake Video Downloader - Anke - Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Google Search - Anke - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Freemake Youtube Download Button - Anke - Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh

LyricsViewer-2 - Anke - Profile 1\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd

Select City - Anke - Profile 1\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Gmail - Anke - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

undetermined - Anke - Default\Extensions\newtab.crx

==== Chrome Fix ======================

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnbbmjlpkhenbefmmdjodjfmcamegmpd deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\bihdackfdgiogegcokiakmpkbimmommm deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bihdackfdgiogegcokiakmpkbimmommm deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bihdackfdgiogegcokiakmpkbimmommm_0.localstorage-journal deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\lehjhdjciofcglicaidnlfleggadgfpk deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_lehjhdjciofcglicaidnlfleggadgfpk_0.localstorage deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\nchpfiddbhbdnagofhkjlaiaejmkdcla deleted successfully

==== Deleting Registry Keys ======================

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\Nikpibnbobmbdbheedjfogjlikpgpnhp deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\Edcikfknpchdehdlmjpbofgkoaonaijg deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\Eooncjejnppfjjklapaamhcdmjbilmde deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\Hendmekoldfacfhlojkjcnbjegkahclb deleted successfully

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_0.localstorage" not deleted

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_0" deleted

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bihdackfdgiogegcokiakmpkbimmommm_0.localstorage" not deleted

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bihdackfdgiogegcokiakmpkbimmommm_0.localstorage" not deleted

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_0.localstorage" not deleted

"C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_0" not found

==== EOF on za 26/10/2013 at 15:18:29,78 ======================

Dubbelklik op Zoek.exe om de tool te starten.

• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Kopieer nu onderstaande code en plak die in het grote invulvenster:
  
• Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.
  

C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com;f
 [HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions];r
 "ytfmdownloader@gmail.com"=-;r
 C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF};fs
 C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd};fs
 C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx;f
 C:\Users\Anke\AppData\Roaming\BabSolution\CR\Doko.crx;f
 C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx;f
 C:\Users\Anke\AppData\Roaming\BabSolution\CR\Delta.crx;f
 C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx;f
 bpegkgagfojjbcpkihigfmkojdmmimdf;chr
 ehgldbbpchgpcfagfpfjgoomddhccfgh;chr
 gnbbmjlpkhenbefmmdjodjfmcamegmpd;chr 
 nchpfiddbhbdnagofhkjlaiaejmkdcla;chr 
 bpegkgagfojjbcpkihigfmkojdmmimdf;chr 
 ehgldbbpchgpcfagfpfjgoomddhccfgh;chr 

• Klik op de knop "Options" en vink nu de onderstaande opties aan.
  
• Firefox Look
  
• Chrome Look
  
• Auto Clean
  
• Klik nu op de knop "Run script".
  
• Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  
• Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
  
• Post nu de inhoud van het geopende logje in het volgende bericht.
  

Zoek.exe Version 4.0.0.4 Updated 26-October-2013

Tool run by Anke on za 26/10/2013 at 20:11:32,73.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Anke\Desktop\zoek.exe [script inserted]

==== Older Logs ======================

C:\zoek-results2013-10-26-073718.log 45312 bytes

C:\zoek-results2013-10-26-131829.log 32021 bytes

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\Software\Mozilla\Firefox\Extensions]

"ytfmdownloader@gmail.com"=-

==== Deleting Files \ Folders ======================

"C:\Users\Anke\AppData\Roaming\BabSolution\CR\Doko.crx" not found

"C:\Users\Anke\AppData\Roaming\BabSolution\CR\Delta.crx" not found

"C:\Program Files\diamondata\hendmekoldfacfhlojkjcnbjegkahclb.crx" not found

C:\Users\Anke\AppData\Roaming\Mozilla\Firefox\Profiles\ad6ajl7f.default\extensions\{97A78363-B868-4B48-AC91-A783A31215AF} deleted

C:\Program Files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome.manifest" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\install.rdf" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\modules\jQuery.js" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\modules\youtube_com.js" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.js" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\downloader.xul" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\icons\32freemake.png" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\icons\icon.png" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\de-DE\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\en-US\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\es-ES\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\fr-FR\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\it-IT\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\jp-JP\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\ru-RU\main.properties" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\modules" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\content\icons" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\de-DE" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\en-US" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\es-ES" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\fr-FR" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\it-IT" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\jp-JP" deleted

"C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com\chrome\locale\ru-RU" deleted

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

bpegkgagfojjbcpkihigfmkojdmmimdf - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\Freemake.Plugin.Chrome.crx[]

ehgldbbpchgpcfagfpfjgoomddhccfgh - C:\Program Files\Freemake\Freemake Video Downloader\BrowserPlugin\Chrome\ChromeYoutubePlugin.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[02/10/2013 14:22]

Google Docs - Anke - Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Anke - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Google Search - Anke - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Chrome In-App Payments service - Anke - Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Gmail - Anke - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

Docs - Anke - Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Anke - Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf

YouTube - Anke - Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Freemake Video Downloader - Anke - Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf

Google Search - Anke - Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

Freemake Youtube Download Button - Anke - Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh

Select City - Anke - Profile 1\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

Gmail - Anke - Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

undetermined - Anke - Default\Extensions\newtab.crx

==== Chrome Fix ======================

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

C:\Users\Anke\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_gnbbmjlpkhenbefmmdjodjfmcamegmpd_0.localstorage deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh deleted successfully

==== EOF on za 26/10/2013 at 20:12:44,30 ======================