Ga naar inhoud

Alexandra90

Lid
 Bekijk profiel  Bekijk hun activiteit

  • Items

    25

  • Registratiedatum

  • Laatst bezocht

Alexandra90's prestaties

Leerling

Leerling (3/14)

  • Eerste post
  • Actief
  • Gespreksstarter
  • Week één klaar
  • Een maand later

Recente badges

0

Reputatie

  1. Alexandra90
    Ik vind 'Software' niet terug in de control panel. Als ik de files handmatig zoek in mijn computer, sukkel ik ook. Zou je de tussenstappen kunnen uitleggen aub?
  2. Alexandra90
    Bedankt, ik zal genoemde 3 programma's verwijderen. Ik zou graag AVG terug installeren, hoe desinstalleer ik Panda? Als ik in het verleden pcproblemen had, werd ik vaak geholpen door vrienden die oa. mac's hadden, misschien daarmee - zijn er nog programma's die (bv.) dezelfde functie hebben, veel plaats in nemen en ik kan verwijderen?
  3. Alexandra90
    Zoek.exe Version 4.0.0.2 Updated 12-May-2013 Tool run by Alexandra on 14/05/2013 at 20:36:16,81. Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86 Running in: Normal Mode Internet Access Detected ==== Running Processes ====================== C:\Windows\system32\csrss.exe C:\Windows\system32\wininit.exe C:\Windows\system32\csrss.exe C:\Windows\system32\services.exe C:\Windows\system32\lsass.exe C:\Windows\system32\lsm.exe C:\Windows\system32\winlogon.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe C:\Windows\system32\svchost.exe -k rpcss C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\WLANExt.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\agrsmsvc.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe C:\Windows\system32\TODDSrv.exe C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehtray.exe C:\Program Files\iPod\bin\iPodService.exe C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\consent.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\wuauclt.exe C:\Windows\system32\UI0Detect.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Windows\system32\taskeng.exe C:\Users\Alexandra\Desktop\zoek.exe C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Installed Programs ====================== æTorrent Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 8.2.0 Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Driver Installation Program Atheros Wi-Fi Protected Setup Library Audacity 1.2.6 Bonjour Camera Assistant Software for Toshiba CCleaner CD/DVD Drive Acoustic Silencer Cisco EAP-FAST Module Cisco LEAP Module Cisco PEAP Module DivX Setup DVD MovieFactory for TOSHIBA Facebook Plug-In Facebook Video Calling 1.2.0.287 Free Video to iPhone Converter version 5.0.11.508 Free YouTube to MP3 Converter version 3.10.15.1228 Google Update Helper Handbrake 0.9.4 HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Intel® Graphics Media Accelerator Driver Intelr Matrix Storage Manager iTunes Java 6 Update 17 Java 6 Update 6 Ma-Config.com Malwarebytes' Anti-Malware versie 1.51.2.1300 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft XML Parser Mozilla Firefox 20.0.1 (x86 nl) Mozilla Maintenance Service MSVCRT MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Norton Security Scan OGA Notifier 2.0.0048.0 OpenOffice.org 3.1 Paint.NET v3.5.8 Panda ActiveScan 2.0 Picasa 2 Quake Live Internet Explorer Plugin Quake Live Mozilla Plugin Realtek 8169 8168 8101E 8102E Ethernet Driver Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Search-Results Toolbar Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Windows Media Encoder (KB2447961) Security Update for Windows Media Encoder (KB954156) Security Update for Windows Media Encoder (KB979332) Skype Toolbars SkypeT 6.3 Synaptics Pointing Device Driver TOSHIBA Assist TOSHIBA ConfigFree TOSHIBA Disc Creator TOSHIBA DVD PLAYER TOSHIBA Extended Tiles for Windows Mobility Center TOSHIBA Hardware Setup TOSHIBA Manuals Toshiba Online Product Information TOSHIBA Recovery Disc Creator TOSHIBA Software Modem TOSHIBA Supervisor Password TOSHIBA Value Added Package TRDCReminder TRORDCLauncher Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) VC80CRTRedist - 8.0.50727.4053 VLC media player 1.0.1 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Media Encoder 9 Series Windows Media Player Firefox Plugin Windows Mobile Device Updater Component WinRAR archiver Zune Zune Language Pack (DEU) Zune Language Pack (ESP) Zune Language Pack (FRA) Zune Language Pack (ITA) Zune Language Pack (NLD) Zune Language Pack (PTB) Zune Language Pack (PTG) ==== FireFox Fix ====================== ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default user.js not found ---- Lines ilividtoolbar removed from prefs.js ---- ---- Lines ilividtoolbar modified from prefs.js ---- ---- FireFox user.js and prefs.js backups ---- prefs_052013_2041_.backup ==== Deleting Files \ Folders ====================== "C:\Users\Alexandra\Downloads\iLividSetupV1.exe" deleted "C:\ProgramData\ezsidmv.dat" deleted "C:\Users\Alexandra\AppData\Roaming\Ucimu\lyixu.get" deleted "C:\Users\Alexandra\AppData\Roaming\AVG8" deleted "C:\Users\Alexandra\AppData\Roaming\Ucimu" deleted "C:\Users\Alexandra\AppData\Roaming\Armaah" deleted "C:\Users\Alexandra\AppData\Roaming\Ityfve" deleted "C:\Program Files\Common Files\DVDVideoSoft\TB" deleted "C:\Program Files\Common Files\DVDVideoSoft\bin" deleted "C:\ProgramData\Browser Manager" deleted "C:\ProgramData\Wincert" deleted "C:\Users\Alexandra\AppData\LocalLow\ilividtoolbargaw" deleted "C:\Users\Alexandra\AppData\LocalLow\DataMngr" deleted "C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\ilividtoolbargaw" deleted ==== Files Recently Created / Modified ====================== ====== C:\Windows ==== ====== C:\Users\ALEXAN~1\AppData\Local\Temp ==== ====== C:\Windows\system32 ===== ====== C:\Windows\system32\drivers ===== ====== C:\Windows\Tasks ====== ====== C:\Windows\Temp ====== ======= C:\Program Files ===== 2013-04-28 22:59:41 -------- d-----w- C:\Program Files\Adobe ======= C: ===== ====== C:\Users\Alexandra\AppData\Roaming ====== 2013-04-25 14:16:06 -------- d-----w- C:\users\Alexandra\AppData\Local\MFAData 2013-04-25 14:16:06 -------- d-----w- C:\users\Alexandra\AppData\Local\Avg2013 ====== C:\Users\Alexandra ====== ====== C: exe-files == 2013-05-14 18:36:02 E29BC0EC8BAC99A911E5AE3A7EF3B68A 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-2718213760-2667944845-969641845-1000\$I7L882K.exe 2013-05-14 12:56:31 8F11F0321ED84B1533FC1384AC71AC8D 59784 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateBroker.exe 2013-05-14 12:56:31 00F714CA28A01FACB709486D6DA306A8 59784 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateOnDemand.exe 2013-05-14 12:56:30 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdateSetup.exe 2013-05-14 12:56:26 4E252E85E5DC31BD645E809222AFAF27 287624 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler64.exe 2013-05-14 12:56:25 76B35CB0F3A4E69D6DFF27F542B9F856 216968 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleCrashHandler.exe 2013-05-14 12:56:24 506708142BC63DABA64F2D3AD1DCD5BF 116648 ----atw- C:\Program Files\Google\Update\1.3.21.145\GoogleUpdate.exe 2013-05-14 12:56:23 C26BB2535C1B20DEAFAEB12634BF4DC9 781592 ----a-w- C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.145\GoogleUpdateSetup.exe === C: other files == ==== Startup Registry Enabled ====================== [HKEY_USERS\S-1-5-21-2718213760-2667944845-969641845-1000\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup" "Facebook Update"="C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="C:\Program Files\Zune\ZuneLauncher.exe" "TPwrMain"="%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE" "Toshiba Registration"="C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe" "topi"="C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup" "SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" "SunJavaUpdateSched"="C:\Program Files\Java\jre6\bin\jusched.exe" "SmoothView"="%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe" "Skytel"="Skytel.exe" "RtHDVCpl"="RtHDVCpl.exe" "Persistence"="C:\Windows\system32\igfxpers.exe" "Malwarebytes' Anti-Malware (reboot)"="C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe /runcleanupscript" "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" "IgfxTray"="C:\Windows\system32\igfxtray.exe" "HotKeysCmds"="C:\Windows\system32\hkcmd.exe" "Google EULA Launcher"="c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA" "DivXUpdate"="C:\Program Files\DivX\DivX Update\DivXUpdate.exe /CHECKNOW" "Camera Assistant Software"="C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe /start" "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" "00TCrdMain"="%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe" "vProt"="C:\Program Files\AVG Secure Search\vprot.exe" "Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun" "Speech Recognition"="C:\Windows\Speech\Common\sapisvr.exe -SpeechUX -Startup" "Facebook Update"="C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver" "ehTray.exe"="C:\Windows\ehome\ehTray.exe" ==== Startup Folders ====================== 2008-08-07 16:50:58 1835 ----a-w- C:\users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk 2008-08-07 16:50:58 1835 ----a-w- C:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TRDCReminder.lnk ==== Task Scheduler Jobs ====================== C:\Windows\tasks\Adobe Flash Player Updater.job --a------ C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [25/04/2013 19:03] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000Core.job --a------ C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [23/07/2012 18:46] C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000UA.job --a------ C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [23/07/2012 18:46] C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/02/2013 19:41] C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [11/02/2013 19:41] C:\Windows\tasks\Norton Security Scan for Alexandra.job --ah----- :C:\PROGRA1\NORTON2\Engine\3011.8\Nss.exe [] C:\Windows\tasks\User_Feed_Synchronization-{50E49403-F7BF-4CDF-A766-49FCBB501384}.job --ah----- C:\Windows\system32\msfeedssync.exe [01/03/2013 10:51] ==== Firefox Extensions ====================== ProfilePath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default - Search-Results Toolbar - %ProfilePath%\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} - Torntv - %ProfilePath%\extensions\torntv@torntv.com.xpi - Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi AppDir: C:\Program Files\Mozilla Firefox - Skype extension - %AppDir%\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} - Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} - Undetermined - %AppDir%\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} - Undetermined - %AppDir%\extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433} ==== Firefox Plugins ====================== Profilepath: C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default 3D928B3FE97C403A33F803B3D1A260C9 - C:\Program Files\Google\Update\1.3.21.145\npGoogleUpdate3.dll - Google Update F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In 0B31B0F8FA99CFD009C8FBEA9E20C9DE - C:\Users\Alexandra\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin 8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector C7A640A4DA72C90D56D2E45C53149425 - C:\Program Files\ma-config.com\nphardwaredetection.dll - Ma-Config.com plugin 6827CA29D7AD3595660271F3F05C79B5 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll - DivX Web Player D94C362E750F8C283BF52537D3DF28B5 - C:\Users\Alexandra\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll - Facebook Plugin 0BB95CBA0D71ACEBE9D51C68C40BF080 - C:\Users\Alexandra\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll - Facebook Plugin 9681C555F1B28E6A717772B420A9AEDF - C:\Program Files\Adobe\Reader 8.0\Reader\browser\nppdf32.dll - Adobe Acrobat 9681C555F1B28E6A717772B420A9AEDF - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat CA57DB9DBD80B8EB047CCF126B64BB1F - C:\Program Files\Mozilla Firefox\plugins\npdeploytk.dll - Java Deployment Toolkit 6.0.170.4 F3CCDFA540671478448481949D33AD1C - C:\ProgramData\id Software\QuakeLive\npquakezero.dll - QUAKE LIVE 7B22883590E6638BE1FB3A8138F76E8B - C:\Program Files\Panda Security\ActiveScan 2.0\npwrapper.dll - Panda ActiveScan 2.0 AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation 99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin 2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight ==== Deleting Files \ Folders ====================== "C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\torntv@torntv.com.xpi" deleted "C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0}" deleted ==== Chrome Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions ndibdjnfmopecpmkdieinmbadjfpblof - C:\ProgramData\AVG Secure Search\ChromeExt\14.2.0.1\avg.crx[] paegbaalpafbkfhikgojkoimcfjacgcc - C:\ProgramData\Browse2save\paegbaalpafbkfhikgojkoimcfjacgcc.crx[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] No DefaultScope Set For HKCU New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com/" [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes] "DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" ==== All HKCU SearchScopes ====================== HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes {0633EE93-D776-472f-A0FF-E1416B8B2E3A} @ieframe.dll,-12512 Url="http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC" {105E99FF-8B9A-4492-B155-06194B9056D2} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}" {2A185EB3-6B48-4196-8A0C-B6659495B872} Google Url="http://www.google.com/search?source=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSEA_en-GB" {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}" ==== Uninstall List x86 ====================== æTorrent [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\uTorrent] Adobe Flash Player 10 ActiveX [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] Adobe Flash Player 11 Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Adobe Flash Player Plugin] Adobe Reader 8.2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-1033-7B44-A82000000003}] Apple Application Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EB879750-CCBD-4013-BFD5-0294D4DA5BD0}] Apple Mobile Device Support [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{EFC04D3F-A152-47E7-8517-EE0F6201AFEF}] Apple Software Update [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}] Atheros Driver Installation Program [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}] Atheros Wi-Fi Protected Setup Library [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}] Audacity 1.2.6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Audacity_is1] Bonjour [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79155F2B-9895-49D7-8612-D92580E0DE5B}] Camera Assistant Software for Toshiba [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{37C866E4-AA67-4725-9E95-A39968DD7960}] CCleaner [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\CCleaner] CD/DVD Drive Acoustic Silencer [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}] Cisco EAP-FAST Module [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{415B2719-AD3A-4944-B404-C472DB6085B3}] Cisco LEAP Module [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{83770D14-21B9-44B3-8689-F7B523F94560}] Cisco PEAP Module [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}] DivX Setup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\DivX Setup.divx.com] DVD MovieFactory for TOSHIBA [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}] Facebook Plug-In [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Facebook Plug-In] Facebook Video Calling 1.2.0.287 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B92C5909-1D37-4C51-8397-A28BB28E5DC3}] Free Video to iPhone Converter version 5.0.11.508 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free Video to iPhone Converter_is1] Free YouTube to MP3 Converter version 3.10.15.1228 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Free YouTube to MP3 Converter_is1] Google Update Helper [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}] Handbrake 0.9.4 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Handbrake] HiJackThis [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45A66726-69BC-466B-A7A4-12FCBA4883D7}] Intel® Graphics Media Accelerator Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\HDMI] Intelr Matrix Storage Manager [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}] iTunes [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{23B8A91D-680B-462B-87AD-3D70F7341731}] Java 6 Update 17 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216016FF}] Java 6 Update 6 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3248F0A8-6813-11D6-A77B-00B0D0160060}] Ma-Config.com [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7A86300F-047F-4F92-B7BB-DD9E92604567}] Malwarebytes' Anti-Malware versie 1.51.2.1300 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Malwarebytes' Anti-Malware_is1] Microsoft .NET Framework 3.5 SP1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}] Microsoft .NET Framework 4 Client Profile [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3C3901C5-3455-3E0A-A214-0B093A5070A6}] Microsoft Choice Guard [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}] Microsoft Silverlight [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}] Microsoft Visual C++ 2005 Redistributable [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}] Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9BE518E6-ECC6-35A9-88E4-87755C07200F}] Microsoft XML Parser [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}] Mozilla Firefox 20.0.1 (x86 nl) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mozilla Firefox 20.0.1 (x86 nl)] Mozilla Maintenance Service [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\MozillaMaintenanceService] MSVCRT [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}] MSXML 4.0 SP2 (KB941833) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C523D256-313D-4866-B36A-F3DE528246EF}] MSXML 4.0 SP2 (KB954430) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}] MSXML 4.0 SP2 (KB973688) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}] Norton Security Scan [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\NSS] OGA Notifier 2.0.0048.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B2544A03-10D0-4E5E-BA69-0362FFC20D18}] OpenOffice.org 3.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7969E57A-9939-4ACF-AF0D-0441C33ACD54}] Paint.NET v3.5.8 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9CF4A37B-A8C4-44D7-8C53-13B9D9594BB2}] Panda ActiveScan 2.0 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ActiveScan 2.0] Picasa 2 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Picasa2] Quake Live Internet Explorer Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{D64FCFC0-A9A2-4F1F-AB20-7C7219735632}] Quake Live Mozilla Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9FDCD01E-9926-4399-8BB9-74EEBE604C11}] Realtek 8169 8168 8101E 8102E Ethernet Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}] Realtek High Definition Audio Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}] Realtek USB 2.0 Card Reader [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{DC24971E-1946-445D-8A82-CE685433FA7D}] Search-Results Toolbar [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbargaw] Skype Toolbars [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B6CF2967-C81E-40C0-9815-C05774FEF120}] SkypeT 6.3 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}] Synaptics Pointing Device Driver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SynTPDeinstKey] TOSHIBA Assist [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12B3A009-A080-4619-9A2A-C6DB151D8D67}] TOSHIBA ConfigFree [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}] TOSHIBA Disc Creator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5DA0E02F-970B-424B-BF41-513A5018E4C0}] TOSHIBA DVD PLAYER [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}] TOSHIBA Extended Tiles for Windows Mobility Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{617C36FD-0CBE-4600-84B2-441CEB12FADF}] TOSHIBA Extended Tiles for Windows Mobility Center [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}] TOSHIBA Hardware Setup [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2883F6F5-0509-43F3-868C-D50330DD9DD3}] TOSHIBA Manuals [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E7271ABF-69D3-4E9D-AA0A-2DE34C10A93D}] Toshiba Online Product Information [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2290A680-4083-410A-ADCC-7092C67FC052}] TOSHIBA Recovery Disc Creator [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}] TOSHIBA Software Modem [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\TOSHIBA Software Modem] TOSHIBA Supervisor Password [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}] TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{FEDD27A0-B306-45EF-BF58-B527406B42C8}] TOSHIBA Value Added Package [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}] TRDCReminder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{773970F1-5EBA-4474-ADEE-1EA3B0A59492}] TRDCReminder [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{773970F1-5EBA-4474-ADEE-1EA3B0A59492}] TRORDCLauncher [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E65C7D8E-186D-484B-BEA8-DEF0331CE600}] TRORDCLauncher [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{E65C7D8E-186D-484B-BEA8-DEF0331CE600}] VC80CRTRedist - 8.0.50727.4053 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5EE7D259-D137-4438-9A5F-42F432EC0421}] VLC media player 1.0.1 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\VLC media player] Windows Live Call [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E6158D07-2637-4ECF-B576-37C489669174}] Windows Live Communications Platform [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}] Windows Live Essentials [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinLiveSuite_Wave3] Windows Live Messenger [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{B57EAFF2-D6EE-4C6C-9175-ED9F17BFC1BC}] Windows Live Sign-in Assistant [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{45338B07-A236-4270-9A77-EBB4115517B5}] Windows Live Upload Tool [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{205C6BDD-7B73-42DE-8505-9A093F35A238}] Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}] Windows Media Encoder 9 Series [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Media Encoder 9] Windows Media Player Firefox Plugin [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}] Windows Mobile Device Updater Component [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2C4E2E4E-A7C9-4CCB-BF03-FE6EBD5D4AB7}] WinRAR archiver [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WinRAR archiver] Zune [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{7006ED29-58F2-40C3-AE87-039287AD20B6}] Zune [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Zune] Zune Language Pack (DEU) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{BE236D9A-52EC-4A17-82DA-84B5EAD31E3E}] Zune Language Pack (ESP) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6B33492E-FBBC-4EC3-8738-09E16E395A10}] Zune Language Pack (FRA) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C68D33B1-0204-4EBE-BC45-A6E432B1D13A}] Zune Language Pack (ITA) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{C5D37FFA-7483-410B-982B-91E93FD3B7DA}] Zune Language Pack (NLD) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{6740BCB0-5863-47F4-80F4-44F394DE4FE2}] Zune Language Pack (PTB) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{07EEE598-5F21-4B57-B40B-46592625B3D9}] Zune Language Pack (PTG) [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{5C93E291-A1CC-4E51-85C6-E194209FCDB4}] ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof deleted successfully HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\paegbaalpafbkfhikgojkoimcfjacgcc deleted successfully ==== Empty IE Cache ====================== C:\Users\Alexandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully C:\Users\Alexandra\AppData\Local\temp\acro_rd_dir\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alexandra\AppData\Local\temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\Alexandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot ==== Empty FireFox Cache ====================== No FireFox Cache found ==== Empty Chrome Cache ====================== No Chrome User Data found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully After Reboot ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\ALEXAN~1\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== Deleting Files / Folders ====================== "C:\Users\Alexandra\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found "C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not found
  4. Alexandra90
    Goedemiddag, Nogmaals bedankt voor me al zo goed geholpen te hebben! Combofix en ADWcleaner zijn gedeïnstalleerd. Toen ik AVG terug wilde downloaden, kreeg ik melding dat er niet genoeg plaats was op m'n schijf, dus ik heb het nog niet kunnen herinstalleren. Ik heb op jullie forum gekeken hoe je wat meer ruimte kan creeëren op een Vista, en dit heeft een beetje geholpen, maar nog niet genoeg. Wat kan ik verwijderen van mijn pc om deze lichter te maken - films en foto's verwijderen? Of ook programma's die ik eigenlijk niet nodig heb? Hoe herken ik deze? Data (E:) 14,4 GB free van 147 GB Vista (C:) 713 MB free of 148 GB (rood)
  5. Alexandra90
    Ik had uw bericht niet gezien! Netjes, het gaat goed, geen Sweettoolbar meer, ik zou AVG terug moeten activeren dat ik weer een antivirus zou hebben, niet? Tenzij ik nog iets moet scannen met combofix of .. ? Zelfs de homepage is netjes die van Firefox zelf en niet zo'n vreemde pagina die bleef terugkomen. Ik zou nog Adobe flashreader moeten updaten opdat ik youtube terug normaal kan bekijken, en ik zou graag een add-blocker installeren maar weet niet welke de beste is. De pc vraagt wel soms om updates die ik niet goed durf toe te passen. Bedankt!
  6. Alexandra90
    Gedaan. Nu zal ik ADW downloaden. ComboFix 13-04-14.01 - Alexandra 14/04/2013 14:09:30.5.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.2017 [GMT 2:00] Running from: c:\users\Alexandra\Desktop\ComboFix.exe Command switches used :: c:\users\Alexandra\Desktop\CFScript.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-03-14 to 2013-04-14 ))))))))))))))))))))))))))))))) . . 2013-04-14 12:18 . 2013-04-14 12:18 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-04-14 12:18 . 2013-04-14 12:18 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-04-14 09:58 . 2013-04-14 09:58 -------- d-----w- c:\program files\AVG Secure Search 2013-04-12 21:18 . 2013-04-12 21:18 -------- d-----w- c:\program files\Common Files\Skype 2013-04-12 15:58 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F1A2E82-26CF-4247-8E88-B73042277172}\mpengine.dll 2013-04-07 19:37 . 2013-04-14 09:58 -------- d-----w- c:\programdata\AVG Secure Search 2013-04-07 19:36 . 2013-04-07 19:36 -------- d-----w- c:\users\Alexandra\AppData\Roaming\TuneUp Software . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-07 19:36 . 2012-08-30 19:27 33624 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-03-11 23:10 . 2009-11-03 09:37 237088 ------w- c:\windows\system32\MpSigStub.exe 2013-02-12 01:57 . 2013-03-14 21:41 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys 2013-03-08 13:21 . 2013-03-08 13:21 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] 2013-04-14 09:58 1929392 ----a-w- c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{95B7759C-8C7F-4BF1-B163-73684A933233}"= "c:\program files\AVG Secure Search\14.2.0.1\AVG Secure Search_toolbar.dll" [2013-04-14 1929392] . [HKEY_CLASSES_ROOT\clsid\{95b7759c-8c7f-4bf1-b163-73684a933233}] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj.1] [HKEY_CLASSES_ROOT\AVG Secure Search.PugiObj] . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024] "Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664] "Facebook Update"="c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-23 138096] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 159472] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816] "Skytel"="Skytel.exe" [2007-11-20 1826816] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800] "vProt"="c:\program files\AVG Secure Search\vprot.exe" [2013-04-14 1151152] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2013-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000Core.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-14 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000UA.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-14 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-07 c:\windows\Tasks\Norton Security Scan for Alexandra.job - c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-22 01:30] . 2013-04-14 c:\windows\Tasks\User_Feed_Synchronization-{50E49403-F7BF-4CDF-A766-49FCBB501384}.job - c:\windows\system32\msfeedssync.exe [2013-04-10 08:51] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.129 195.130.131.129 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll FF - ProfilePath - c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\ FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 56545 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-02-18 22:28; {377e5d4d-77e5-476a-8716-7e70a9272da0}; c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} FF - ExtSQL: 2013-04-07 21:37; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\14.2.0.1 FF - ExtSQL: !HIDDEN! 2013-02-18 22:29; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Search Results Toolbar\Datamngr\FirefoxExtension FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-04-14 14:18 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Completion time: 2013-04-14 14:22:12 ComboFix-quarantined-files.txt 2013-04-14 12:22 ComboFix2.txt 2013-04-13 15:55 ComboFix3.txt 2013-04-09 12:53 ComboFix4.txt 2011-06-24 18:48 ComboFix5.txt 2013-04-14 12:05 . Pre-Run: 549.011.456 bytes free Post-Run: 654.315.520 bytes free . - - End Of File - - 992364A6BC911577AD4CE884DB3F10E7 - - - Updated - - - # AdwCleaner v2.200 - Logfile created 04/14/2013 at 14:39:02 # Updated 02/04/2013 by Xplode # Operating system : Windows Vista Home Premium Service Pack 2 (32 bits) # User : Alexandra - ALEXANDRA-PC # Boot Mode : Normal # Running from : C:\Users\Alexandra\Desktop\adwcleaner.exe # Option [Delete] ***** [services] ***** ***** [Files / Folders] ***** Deleted on reboot : C:\Program Files\Common Files\AVG Secure Search Deleted on reboot : C:\ProgramData\Browser Manager Deleted on reboot : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{1fd91a9c-410c-4090-bbcc-55d3450ef433} File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml File Deleted : C:\Program Files\Mozilla FireFox\searchplugins\Search_Results.xml File Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{EEE6C361-6118-11DC-9C72-001320C79847}.xpi File Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\searchplugins\Conduit.xml File Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\searchplugins\Search_Results.xml File Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\searchplugins\SweetIm.xml File Deleted : C:\Users\Alexandra\Desktop\TornTV.lnk Folder Deleted : C:\Program Files\AVG Secure Search Folder Deleted : C:\Program Files\Conduit Folder Deleted : C:\Program Files\Optimizer Pro Folder Deleted : C:\Program Files\search results toolbar Folder Deleted : C:\Program Files\SweetIM Folder Deleted : C:\Program Files\TornTV.com Folder Deleted : C:\ProgramData\AVG Secure Search Folder Deleted : C:\ProgramData\AVG Security Toolbar Folder Deleted : C:\ProgramData\boost_interprocess Folder Deleted : C:\ProgramData\InstallMate Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro Folder Deleted : C:\ProgramData\SweetIM Folder Deleted : C:\ProgramData\Tarma Installer Folder Deleted : C:\Users\Alexandra\AppData\Local\AVG Secure Search Folder Deleted : C:\Users\Alexandra\AppData\Local\AVG Security Toolbar Folder Deleted : C:\Users\Alexandra\AppData\Local\Conduit Folder Deleted : C:\Users\Alexandra\AppData\Local\Ilivid Folder Deleted : C:\Users\Alexandra\AppData\Local\Ilivid Player Folder Deleted : C:\Users\Alexandra\AppData\Local\PackageAware Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\AVG Secure Search Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\AVG Security Toolbar Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\Browse2save Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\Conduit Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\searchquband Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\searchresultstb Folder Deleted : C:\Users\Alexandra\AppData\LocalLow\SweetIM Folder Deleted : C:\Users\Alexandra\AppData\Roaming\dvdvideosoftiehelpers Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TornTV.com Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\ConduitCommon Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\CT2269050 Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\50ce2c906afb6@50ce2c906aff0.com Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\jetpack Folder Deleted : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\SweetPacksToolbarData Folder Deleted : C:\Windows\Installer\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Folder Deleted : C:\Windows\Installer\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} ***** [Registry] ***** Key Deleted : HKCU\Software\1ClickDownload Key Deleted : HKCU\Software\APN DTX Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Key Deleted : HKCU\Software\AppDataLow\Software\searchqutoolbar Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar Key Deleted : HKCU\Software\AVG Secure Search Key Deleted : HKCU\Software\Conduit Key Deleted : HKCU\Software\DataMngr_Toolbar Key Deleted : HKCU\Software\ilivid Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{CD95D125-2992-4858-B3EF-5F6FB52FBAD6} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\1ClickDownload Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\AVG Secure Search Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\ilivid Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{83FF80F4-8C74-4B80-B5BA-C8DDD434E5C4} Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKCU\Software\Optimizer Pro Key Deleted : HKLM\Software\AVG Secure Search Key Deleted : HKLM\Software\AVG Security Toolbar Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF} Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C} Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1 Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1 Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader Key Deleted : HKLM\SOFTWARE\Classes\BrowserConnection.Loader.1 Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9FF9AE6F-4553-41A7-B645-B0E88850EABF} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468} Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1 Key Deleted : HKLM\Software\Classes\Installer\Features\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\Software\Classes\Installer\Features\B2FD9C0A5B9838449838816A28001F4B Key Deleted : HKLM\Software\Classes\Installer\Features\EB6AF8AEEB922FA4392548F13812E50B Key Deleted : HKLM\Software\Classes\Installer\Products\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\Software\Classes\Installer\Products\B2FD9C0A5B9838449838816A28001F4B Key Deleted : HKLM\Software\Classes\Installer\Products\EB6AF8AEEB922FA4392548F13812E50B Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F} Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1 Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1 Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1 Key Deleted : HKLM\SOFTWARE\Classes\sim-packages Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2269050 Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1 Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{1FDC0B61-91AC-4157-9B27-CAD9A09AB67E} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{75E8DA27-44AF-40AE-927C-F2EEC99D65B1} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94} Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755} Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1 Key Deleted : HKLM\Software\Conduit Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jbpkiefagocgkmemidfngdkamloieekf Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla Key Deleted : HKLM\Software\iLividSRTB Key Deleted : HKLM\Software\Iminent Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{377E5D4D-77E5-476A-8716-7E70A9272DA0} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706} Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\07D5290CDBDAE4242926B8E6CA650501 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08E33F7B61DEFF24BB9673ED7D467636 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E3D8A5B48622A445A7DF73FEFF32C3F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12BF94BD06C95F343A77631402B9556A Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2124D8A8CF720FD44866190AF560228E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\27A325ACED8CA4743A30127638591ADB Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\34EDDB1BFB3A2D448845F3EFD0F15A43 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\350D17402BD84234EAF7D32F08172D7C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3EE8C5F419057E1478A654868CEE60B5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\427EA997C413D1D47907CBFC7B2DB432 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4318DF19719275242801CBE292063A4C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45FC115D1FEAEF849A4E1610D6EC8BF0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\46A5861A389ADB844AF89E31BC9DF0A1 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4735D908D66E1BA46B6C2D7185A12B2B Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49B0E1A6FF50BBE4289E4E23DE6EA0C7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4CCCAC049F34D0540AAC13011398BEDB Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5C4389D0BFB302C479DE4178BD5D9EBA Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D2B09BDEF4FE54418E6F3373CDBC7AC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\61B65D3397A1FBF4CB1571B5E4F6B5B0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E8A05C60DD9254591DBD16C94EDDBF Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\697E782CF574CC34CBB9566440BA12BC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AE27A8613CF7EA4782F2886F67295E5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\75D5168E5E176C24981B4E5DBD991078 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\76D8378E2DDAED3428720A631F6E3BF0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE172051F585E04187BCB97570BFA74 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86A901BA5265452499DCBF719C378EE3 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8724E58E6C7D00C48A0D4F3345EB2C26 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ABD1CD5C40EC84789A7F6EF86DAC5E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\980289C22F80A7C4BB9323DC61255E4E Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A001B259DB7D694E818BE29B973992C Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9A4B7EF3789F871419D9302583B20C15 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A6C53B0F76C44004A8F36716213017DB Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AB676B0E1B9EFA049B9F7DDDA9645734 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B31BBB0B825EDEF45AB0FE7099C68C81 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B471D8D7319336B4CA89374ED0D7B806 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B59F2D8189784CC46A4597F2842480B0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BAE2EC163C6A68A48921573E0E7E199D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BC30043663AA2CA4DA1DAA9CA5FDCC75 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BD746FB95FB8E5B45BF66BE54D5FD91F Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C06C6662FA5B04646829E4A460857770 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CCF399FCD6D2D3F46BF02A1378654FC9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CEEB3E14ABE8270419B0FD762E18F7C6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D149C1355C98DE24E82CEFBD996FE06A Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB59FDB786388EA4D897F3EE715683AC Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB8DAD19CFBCC2049A4477183787E8C5 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E1C820A74ED67374BA048B52CB3C3804 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EC65F200D112357449C8B1BC3CFA03D0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\ED1B5E9A3BDB51349BF96E842C062D98 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F327D0C73C0973644A21E8CC852267A0 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FA96423FE2B98E248A3B23548D1E22D9 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FDC83385E6C239F4C876A77A37DF581D Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FECBC2BC14DA6CD459BD59A041709836 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\9EE58E3C298524145B73CBBED3CAC4D3 Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\B2FD9C0A5B9838449838816A28001F4B Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB6AF8AEEB922FA4392548F13812E50B Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2F603A45-D956-496B-81B5-50D782424976} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{953AA732-9AFB-49C9-84A4-7F96CA0A08DA} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A0C9DF2B-89B5-4483-8983-18A68200F1B4} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{B85C4CB2-B352-4BD8-818C-BCE353599107} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C3E85EE9-5892-4142-B537-BCEB3DAC4C3D} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EA8FA6BE-29BE-4AF2-9352-841F83215EB0} Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\1ClickDownload Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilivid Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Search Results Toolbar Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin Key Deleted : HKLM\SOFTWARE\Software Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs [C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll] Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar] ***** [internet Browsers] ***** -\\ Internet Explorer v8.0.6001.19412 [OK] Registry is clean. -\\ Mozilla Firefox v19.0.2 (nl) File : C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\prefs.js C:\Users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\user.js ... Deleted ! Deleted : user_pref("CT2269050..clientLogIsEnabled", false); Deleted : user_pref("CT2269050..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...] Deleted : user_pref("CT2269050..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...] Deleted : user_pref("CT2269050.ALLOW_SHOWING_HIDDEN_TOOLBAR", false); Deleted : user_pref("CT2269050.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx"); Deleted : user_pref("CT2269050.AppTrackingLastCheckTime", "Mon Aug 06 2012 22:43:23 GMT+0200 (Romance Daylight[...] Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129681780741097243", true); Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129853623028165512", true); Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129881141106886992", true); Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_129977890572899945", true); Deleted : user_pref("CT2269050.BrowserCompStateIsOpen_1359634297000", true); Deleted : user_pref("CT2269050.CTID", "CT2269050"); Deleted : user_pref("CT2269050.CommunitiesChangesLastCheckTime", "0"); Deleted : user_pref("CT2269050.CurrentServerDate", "14-4-2013"); Deleted : user_pref("CT2269050.DSChangedManually", true); Deleted : user_pref("CT2269050.DSInstall", true); Deleted : user_pref("CT2269050.DialogsAlignMode", "LTR"); Deleted : user_pref("CT2269050.DialogsGetterLastCheckTime", "Wed Apr 10 2013 23:17:09 GMT+0200 (Romance Daylig[...] Deleted : user_pref("CT2269050.DownloadReferralCookieData", ""); Deleted : user_pref("CT2269050.EMailNotifierPollDate", "Wed May 09 2012 22:12:00 GMT+0200 (Romance Daylight Ti[...] Deleted : user_pref("CT2269050.EnableClickToSearchBox", false); Deleted : user_pref("CT2269050.EnableSearchHistory", false); Deleted : user_pref("CT2269050.EnableSearchSuggest", false); Deleted : user_pref("CT2269050.FirstServerDate", "9-5-2012"); Deleted : user_pref("CT2269050.FirstTime", true); Deleted : user_pref("CT2269050.FirstTimeFF3", true); Deleted : user_pref("CT2269050.FirstTimeHiddenVer", true); Deleted : user_pref("CT2269050.FixPageNotFoundErrors", false); Deleted : user_pref("CT2269050.GroupingInvalidateCache", false); Deleted : user_pref("CT2269050.GroupingLastCheckTime", "0"); Deleted : user_pref("CT2269050.GroupingLastServerUpdateTime", "0"); Deleted : user_pref("CT2269050.GroupingServerCheckInterval", 1440); Deleted : user_pref("CT2269050.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/"); Deleted : user_pref("CT2269050.HPInstall", true); Deleted : user_pref("CT2269050.HasUserGlobalKeys", true); Deleted : user_pref("CT2269050.HomePageProtectorEnabled", false); Deleted : user_pref("CT2269050.HomepageBeforeUnload", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=[...] Deleted : user_pref("CT2269050.Initialize", true); Deleted : user_pref("CT2269050.InitializeCommonPrefs", true); Deleted : user_pref("CT2269050.InstallationAndCookieDataSentCount", 3); Deleted : user_pref("CT2269050.InstallationType", "UnknownIntegration"); Deleted : user_pref("CT2269050.InstalledDate", "Wed May 09 2012 21:50:11 GMT+0200 (Romance Daylight Time)"); Deleted : user_pref("CT2269050.InvalidateCache", false); Deleted : user_pref("CT2269050.IsAlertDBUpdated", true); Deleted : user_pref("CT2269050.IsGrouping", false); Deleted : user_pref("CT2269050.IsInitSetupIni", true); Deleted : user_pref("CT2269050.IsMulticommunity", false); Deleted : user_pref("CT2269050.IsOpenThankYouPage", false); Deleted : user_pref("CT2269050.IsOpenUninstallPage", false); Deleted : user_pref("CT2269050.IsProtectorsInit", true); Deleted : user_pref("CT2269050.LanguagePackLastCheckTime", "Sat Apr 13 2013 17:59:52 GMT+0200 (Romance Dayligh[...] Deleted : user_pref("CT2269050.LanguagePackReloadIntervalMM", 1440); Deleted : user_pref("CT2269050.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...] Deleted : user_pref("CT2269050.LastLogin_3.12.2.3", "Thu May 31 2012 00:12:06 GMT+0200 (Romance Daylight Time)[...] Deleted : user_pref("CT2269050.LastLogin_3.13.0.6", "Sun Jul 08 2012 01:15:19 GMT+0200 (Romance Daylight Time)[...] Deleted : user_pref("CT2269050.LastLogin_3.14.1.0", "Sat Aug 25 2012 05:26:20 GMT+0200 (Romance Daylight Time)[...] Deleted : user_pref("CT2269050.LastLogin_3.15.1.0", "Sun Feb 10 2013 22:19:43 GMT+0100 (Romance Standard Time)[...] Deleted : user_pref("CT2269050.LastLogin_3.18.0.7", "Sun Apr 14 2013 12:00:14 GMT+0200 (Romance Daylight Time)[...] Deleted : user_pref("CT2269050.LatestVersion", "3.18.0.7"); Deleted : user_pref("CT2269050.Locale", "en"); Deleted : user_pref("CT2269050.MCDetectTooltipHeight", "83"); Deleted : user_pref("CT2269050.MCDetectTooltipShow", false); Deleted : user_pref("CT2269050.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1"); Deleted : user_pref("CT2269050.MCDetectTooltipWidth", "295"); Deleted : user_pref("CT2269050.MyStuffEnabledAtInstallation", true); Deleted : user_pref("CT2269050.OriginalFirstVersion", "3.12.2.3"); Deleted : user_pref("CT2269050.RadioIsPodcast", false); Deleted : user_pref("CT2269050.RadioLastCheckTime", "0"); Deleted : user_pref("CT2269050.RadioLastUpdateIPServer", "0"); Deleted : user_pref("CT2269050.RadioLastUpdateServer", "0"); Deleted : user_pref("CT2269050.RadioMediaID", "12473383"); Deleted : user_pref("CT2269050.RadioMediaType", "Media Player"); Deleted : user_pref("CT2269050.RadioMenuSelectedID", "EBRadioMenu_CT226905012473383"); Deleted : user_pref("CT2269050.RadioShrinkedFromSetup", false); Deleted : user_pref("CT2269050.RadioStationName", "Hotmix%20108"); Deleted : user_pref("CT2269050.RadioStationURL", "hxxp://67.202.67.18:8082"); Deleted : user_pref("CT2269050.SHRINK_TOOLBAR", 1); Deleted : user_pref("CT2269050.SavedHomepage", "www.google.com"); Deleted : user_pref("CT2269050.SearchBackToDefaultEngine", false); Deleted : user_pref("CT2269050.SearchCaption", "DVDVideoSoftTB Customized Web Search"); Deleted : user_pref("CT2269050.SearchEngineBeforeUnload", "Google"); Deleted : user_pref("CT2269050.SearchFromAddressBarIsInit", true); Deleted : user_pref("CT2269050.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT226[...] Deleted : user_pref("CT2269050.SearchInNewTabEnabled", true); Deleted : user_pref("CT2269050.SearchInNewTabIntervalMM", 1440); Deleted : user_pref("CT2269050.SearchInNewTabLastCheckTime", "Sat Apr 13 2013 17:59:49 GMT+0200 (Romance Dayli[...] Deleted : user_pref("CT2269050.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...] Deleted : user_pref("CT2269050.SearchInNewTabUserEnabled", false); Deleted : user_pref("CT2269050.SearchProtectorEnabled", false); Deleted : user_pref("CT2269050.SearchProtectorToolbarDisabled", false); Deleted : user_pref("CT2269050.SendProtectorDataViaLogin", true); Deleted : user_pref("CT2269050.ServiceMapLastCheckTime", "Sat Apr 13 2013 17:59:50 GMT+0200 (Romance Daylight [...] Deleted : user_pref("CT2269050.SettingsLastCheckTime", "Sun Apr 14 2013 12:00:13 GMT+0200 (Romance Daylight Ti[...] Deleted : user_pref("CT2269050.SettingsLastUpdate", "1365927018"); Deleted : user_pref("CT2269050.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2269050&SearchSource=13"); Deleted : user_pref("CT2269050.ThirdPartyComponentsInterval", 504); Deleted : user_pref("CT2269050.ThirdPartyComponentsLastCheck", "Wed Sep 26 2012 13:15:52 GMT+0200 (Romance Day[...] Deleted : user_pref("CT2269050.ThirdPartyComponentsLastUpdate", "1331805997"); Deleted : user_pref("CT2269050.ToolbarShrinkedFromSetup", false); Deleted : user_pref("CT2269050.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2269050"); Deleted : user_pref("CT2269050.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...] Deleted : user_pref("CT2269050.UserID", "UN73655996309980950"); Deleted : user_pref("CT2269050.ValidationData_Search", 1); Deleted : user_pref("CT2269050.WeatherNetwork", ""); Deleted : user_pref("CT2269050.WeatherPollDate", "Wed May 09 2012 21:50:13 GMT+0200 (Romance Daylight Time)"); Deleted : user_pref("CT2269050.WeatherUnit", "C"); Deleted : user_pref("CT2269050.alertChannelId", "666138"); Deleted : user_pref("CT2269050.approveUntrustedApps", false); Deleted : user_pref("CT2269050.backendstorage.cbcountry_000", "4245"); Deleted : user_pref("CT2269050.backendstorage.cbfirsttime", "576564204D617920303920323031322032313A35303A32322[...] Deleted : user_pref("CT2269050.backendstorage.ct2269050ads1", "25374225323261647325323225334125354225374225323[...] Deleted : user_pref("CT2269050.backendstorage.ct2269050current_term", "393933"); Deleted : user_pref("CT2269050.backendstorage.ct2269050isadsdisabled", "66616C7365"); Deleted : user_pref("CT2269050.backendstorage.ct2269050sdate", "3239"); Deleted : user_pref("CT2269050.backendstorage.shoppingapp.gk.exipres", "4D6F6E204D617920313420323031322032313A[...] Deleted : user_pref("CT2269050.backendstorage.shoppingapp.gk.geolocation", "62656C6769756D"); Deleted : user_pref("CT2269050.componentAlertEnabled", false); Deleted : user_pref("CT2269050.components.1000034", false); Deleted : user_pref("CT2269050.components.1000082", false); Deleted : user_pref("CT2269050.components.1000234", false); Deleted : user_pref("CT2269050.components.129023235807856892", false); Deleted : user_pref("CT2269050.components.129121052374999726", false); Deleted : user_pref("CT2269050.components.129351672002618989", false); Deleted : user_pref("CT2269050.components.129351776130744254", false); Deleted : user_pref("CT2269050.components.129391330693125668", false); Deleted : user_pref("CT2269050.components.129466585396013141", false); Deleted : user_pref("CT2269050.components.129466585399606892", false); Deleted : user_pref("CT2269050.components.129681780741097243", false); Deleted : user_pref("CT2269050.components.129863783591067571", false); Deleted : user_pref("CT2269050.components.129881140170815901", false); Deleted : user_pref("CT2269050.components.129881141106886992", false); Deleted : user_pref("CT2269050.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...] Deleted : user_pref("CT2269050.globalFirstTimeInfoLastCheckTime", "Fri Oct 12 2012 16:06:02 GMT+0200 (Romance [...] Deleted : user_pref("CT2269050.homepageProtectorEnableByLogin", true); Deleted : user_pref("CT2269050.initDone", true); Deleted : user_pref("CT2269050.isAppTrackingManagerOn", false); Deleted : user_pref("CT2269050.isFirstRadioInstallation", false); Deleted : user_pref("CT2269050.isSearchProtectorNotifyChanges", false); Deleted : user_pref("CT2269050.myStuffEnabled", true); Deleted : user_pref("CT2269050.myStuffPublihserMinWidth", 400); Deleted : user_pref("CT2269050.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...] Deleted : user_pref("CT2269050.myStuffServiceIntervalMM", 1440); Deleted : user_pref("CT2269050.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...] Deleted : user_pref("CT2269050.navigateToUrlOnSearch", false); Deleted : user_pref("CT2269050.oldAppsList", "128834881989343894,128834881989343895,111,129466585399606892,129[...] Deleted : user_pref("CT2269050.revertSettingsEnabled", true); Deleted : user_pref("CT2269050.searchProtectorDialogDelayInSec", 10); Deleted : user_pref("CT2269050.searchProtectorEnableByLogin", true); Deleted : user_pref("CT2269050.testingCtid", ""); Deleted : user_pref("CT2269050.toolbarAppMetaDataLastCheckTime", "Sat Apr 13 2013 17:59:52 GMT+0200 (Romance D[...] Deleted : user_pref("CT2269050.toolbarContextMenuLastCheckTime", "Sat Oct 06 2012 12:11:34 GMT+0200 (Romance D[...] Deleted : user_pref("CT2269050.usageEnabled", false); Deleted : user_pref("CT2269050.usagesFlag", 2); Deleted : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2269050&Search[...] Deleted : user_pref("CommunityToolbar.ConduitSearchList", "DVDVideoSoftTB Customized Web Search"); Deleted : user_pref("CommunityToolbar.ETag.hxxp://Settings.toolbar.search.conduit.com/root/CT2269050/CT2269050[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/666138/661999/BE", "\"0\"")[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2269050", [...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.13[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.14[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.15[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.18[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2269050",[...] Deleted : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=en", "\"97f[...] Deleted : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Alexandra\\AppData\\Roaming\\Mozill[...] Deleted : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.15.1.0"); Deleted : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://dts.search-results.com/sr?src=ffb[...] Deleted : user_pref("CommunityToolbar.ToolbarsList", "CT2269050"); Deleted : user_pref("CommunityToolbar.ToolbarsList2", "CT2269050"); Deleted : user_pref("CommunityToolbar.ToolbarsList4", "CT2269050"); Deleted : user_pref("CommunityToolbar.globalUserId", "101feed0-4fd4-4156-836c-7014cf6f24b8"); Deleted : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true); Deleted : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sat Oct 06 2012 21:21:0[...] Deleted : user_pref("CommunityToolbar.notifications.alertEnabled", true); Deleted : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440); Deleted : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Fri Oct 12 2012 16:09:57 GMT+020[...] Deleted : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.locale", "en"); Deleted : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440); Deleted : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Fri Oct 12 2012 16:09:48 GMT+0200 (R[...] Deleted : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611"); Deleted : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20); Deleted : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com"); Deleted : user_pref("CommunityToolbar.notifications.showTrayIcon", false); Deleted : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300); Deleted : user_pref("CommunityToolbar.notifications.userId", "e3b34ac5-1170-458b-adf6-c9431364f452"); Deleted : user_pref("CommunityToolbar.originalHomepage", "www.google.com"); Deleted : user_pref("CommunityToolbar.originalSearchEngine", "Google"); Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\14.2.0.1"); Deleted : user_pref("avg.install.userHPSettings", "hxxp://www.searchnu.com/406"); Deleted : user_pref("browser.newtab.url", "hxxp://home.sweetim.com/?src=97&barid={A529FB6F-366D-11E2-BAC5-001E[...] Deleted : user_pref("browser.search.defaultenginename", "Search Results"); Deleted : user_pref("browser.search.defaultthis.engineName", "DVDVideoSoftTB Customized Web Search"); Deleted : user_pref("browser.search.order.1", "Search Results"); Deleted : user_pref("extensions.50ce2c906b063.scode", "(function(){try{if('aol.com,mail.google.com,premiumrepo[...] Deleted : user_pref("sweetim.toolbar.RevertDialog.enable", "false"); Deleted : user_pref("sweetim.toolbar.UserSelectedSaveSettings", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.VisibilityGuardLastUnHide", "1365868831851"); Deleted : user_pref("sweetim.toolbar.Visibility.enable", "true"); Deleted : user_pref("sweetim.toolbar.Visibility.intervaldays", "7"); Deleted : user_pref("sweetim.toolbar.cargo", "3.1010000.10011"); Deleted : user_pref("sweetim.toolbar.cda.DisableOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.HideOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.RemoveOveride.enable", "true"); Deleted : user_pref("sweetim.toolbar.cda.returnValue", "hide"); Deleted : user_pref("sweetim.toolbar.dialogs.0.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.0.handler", "chrome://sim_toolbar_package/content/optionsdialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.height", "335"); Deleted : user_pref("sweetim.toolbar.dialogs.0.id", "id_options_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.0.title", "$string.config.label;"); Deleted : user_pref("sweetim.toolbar.dialogs.0.url", "hxxp://www.sweetim.com/simffbar/options_remote_ff.asp?la[...] Deleted : user_pref("sweetim.toolbar.dialogs.0.width", "761"); Deleted : user_pref("sweetim.toolbar.dialogs.1.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.1.handler", "chrome://sim_toolbar_package/content/exampledialog-h[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.height", "300"); Deleted : user_pref("sweetim.toolbar.dialogs.1.id", "id_example_dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.title", "Example (unit-test) dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.1.url", "chrome://sim_toolbar_package/content/exampledialog.html"[...] Deleted : user_pref("sweetim.toolbar.dialogs.1.width", "500"); Deleted : user_pref("sweetim.toolbar.dialogs.2.enable", "true"); Deleted : user_pref("sweetim.toolbar.dialogs.2.handler", "chrome://sim_toolbar_package/content/cdadialog-handl[...] Deleted : user_pref("sweetim.toolbar.dialogs.2.height", "150"); Deleted : user_pref("sweetim.toolbar.dialogs.2.id", "id_dialog_hide_disable_remove"); Deleted : user_pref("sweetim.toolbar.dialogs.2.title", "Option Dialog"); Deleted : user_pref("sweetim.toolbar.dialogs.2.url", "hxxp://www.sweetim.com/simffbar/simcdadialog.asp"); Deleted : user_pref("sweetim.toolbar.dialogs.2.width", "530"); Deleted : user_pref("sweetim.toolbar.dnscatch.domain-blacklist", ".*.sweetim.com/.*|.*.facebook.com/.*|.*.goog[...] Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0"); Deleted : user_pref("sweetim.toolbar.keywordUrlGuard.enable", "false"); Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000"); Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7"); Deleted : user_pref("sweetim.toolbar.mode.debug", "false"); Deleted : user_pref("sweetim.toolbar.newtab.created", "true"); Deleted : user_pref("sweetim.toolbar.newtab.enable", "true"); Deleted : user_pref("sweetim.toolbar.previous.browser.newtab.url", "about:newtab"); Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Deleted : user_pref("sweetim.toolbar.rc.url", "hxxp://www.sweetim.com/simffbar/rc.html?toolbar_version=$ITEM_V[...] Deleted : user_pref("sweetim.toolbar.scripts.0.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.0.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.0.domain-whitelist", "hxxp://(www.|apps.)?facebook\\.com.*"); Deleted : user_pref("sweetim.toolbar.scripts.0.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.0.id", "id_script_fb"); Deleted : user_pref("sweetim.toolbar.scripts.0.url", "hxxp://sc.sweetim.com/apps/in/fb/infb.js"); Deleted : user_pref("sweetim.toolbar.scripts.1.addcontextdiv", "true"); Deleted : user_pref("sweetim.toolbar.scripts.1.callback", "simVerification"); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Deleted : user_pref("sweetim.toolbar.scripts.1.domain-whitelist", "hxxps://(www.|apps.)?facebook\\.com.*"); Deleted : user_pref("sweetim.toolbar.scripts.1.elementid", "id_script_sim_fb"); Deleted : user_pref("sweetim.toolbar.scripts.1.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.1.id", "id_script_fb_hxxpS"); Deleted : user_pref("sweetim.toolbar.scripts.1.url", "hxxps://sc.sweetim.com/apps/in/fb/infb.js"); Deleted : user_pref("sweetim.toolbar.scripts.2.addcontextdiv", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.callback", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.domain-blacklist", ".*.google..*|.*.bing..*|.*.live..*|.*.msn..[...] Deleted : user_pref("sweetim.toolbar.scripts.2.domain-whitelist", ""); Deleted : user_pref("sweetim.toolbar.scripts.2.elementid", "id_predict_include_script"); Deleted : user_pref("sweetim.toolbar.scripts.2.enable", "false"); Deleted : user_pref("sweetim.toolbar.scripts.2.id", "id_script_prad"); Deleted : user_pref("sweetim.toolbar.scripts.2.url", "hxxp://cdn1.certified-apps.com/scripts/shared/enable.js?[...] Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[...] Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10"); Deleted : user_pref("sweetim.toolbar.searchguard.enable", "false"); Deleted : user_pref("sweetim.toolbar.searchguard.initialized_by_rc", "true"); Deleted : user_pref("sweetim.toolbar.simapp_id", "{A529FB6F-366D-11E2-BAC5-001E33AF678F}"); Deleted : user_pref("sweetim.toolbar.version", "1.9.0.0"); ************************* AdwCleaner[s1].txt - [47559 octets] - [14/04/2013 14:39:02] ########## EOF - C:\AdwCleaner[s1].txt - [47620 octets] ########## - - - Updated - - - Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 14:46:17, on 14/04/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19412) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\system32\taskeng.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\System32\hkcmd.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\ehome\ehtray.exe C:\Windows\system32\NOTEPAD.EXE C:\Windows\ehome\ehmsas.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe" O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/710-44557-9400-3/4 (file missing) O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- End of file - 7867 bytes
  7. Alexandra90
    Hier alvast combofix logje. ComboFix 13-04-08.04 - Alexandra 13/04/2013 17:40:55.4.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1975 [GMT 2:00] Running from: c:\users\Alexandra\Desktop\ComboFix.exe Command switches used :: c:\users\Alexandra\Desktop\CFScript.txt SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((( Files Created from 2013-03-13 to 2013-04-13 ))))))))))))))))))))))))))))))) . . 2013-04-13 15:49 . 2013-04-13 15:49 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-04-13 15:49 . 2013-04-13 15:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-04-12 21:18 . 2013-04-12 21:18 -------- d-----w- c:\program files\Common Files\Skype 2013-04-12 15:58 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{8F1A2E82-26CF-4247-8E88-B73042277172}\mpengine.dll 2013-04-07 19:37 . 2013-04-07 19:37 -------- d-----w- c:\programdata\AVG Secure Search 2013-04-07 19:36 . 2013-04-07 19:36 -------- d-----w- c:\users\Alexandra\AppData\Roaming\TuneUp Software 2013-03-14 21:41 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-07 19:36 . 2012-08-30 19:27 33624 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-03-11 23:10 . 2009-11-03 09:37 237088 ------w- c:\windows\system32\MpSigStub.exe 2013-03-08 13:21 . 2013-03-08 13:21 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-02-28 18642024] "Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664] "Facebook Update"="c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-23 138096] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 159472] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816] "Skytel"="Skytel.exe" [2007-11-20 1826816] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2013-04-12 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000Core.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-13 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000UA.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-13 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-07 c:\windows\Tasks\Norton Security Scan for Alexandra.job - c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-22 01:30] . 2013-04-13 c:\windows\Tasks\User_Feed_Synchronization-{50E49403-F7BF-4CDF-A766-49FCBB501384}.job - c:\windows\system32\msfeedssync.exe [2013-04-10 08:51] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 195.130.130.129 195.130.131.129 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll FF - ProfilePath - c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406 FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 56545 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-02-18 22:28; {377e5d4d-77e5-476a-8716-7e70a9272da0}; c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} FF - ExtSQL: 2013-04-07 21:37; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\15.0.0.2 FF - ExtSQL: !HIDDEN! 2013-02-18 22:29; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Search Results Toolbar\Datamngr\FirefoxExtension FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-04-13 17:49 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Completion time: 2013-04-13 17:55:41 ComboFix-quarantined-files.txt 2013-04-13 15:55 ComboFix2.txt 2013-04-09 12:53 ComboFix3.txt 2011-06-24 18:48 ComboFix4.txt 2011-06-24 17:13 . Pre-Run: 577.683.456 bytes free Post-Run: 551.612.416 bytes free . - - End Of File - - 30FC3DD6C3DD3F3A4E89683B50FA73D1
  8. Alexandra90
    Zijn er nog problemen in m'n logjes? Moet ik nog verdere stappen ondernemen? Bedankt.
  9. Alexandra90
    Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 15:10:17, on 09/04/2013 Platform: Windows Vista SP2 (WinNT 6.00.1906) MSIE: Internet Explorer v8.00 (8.00.6001.19401) Boot mode: Normal Running processes: C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Program Files\Zune\ZuneLauncher.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Windows\RtHDVCpl.exe C:\Windows\System32\igfxpers.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Windows\system32\igfxsrvc.exe C:\Windows\System32\hkcmd.exe C:\Program Files\DivX\DivX Update\DivXUpdate.exe C:\Program Files\Skype\Phone\Skype.exe C:\Windows\ehome\ehtray.exe C:\Windows\ehome\ehmsas.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\conime.exe C:\Windows\explorer.exe C:\Program Files\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O4 - HKLM\..\Run: [Zune Launcher] "C:\Program Files\Zune\ZuneLauncher.exe" O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration.exe O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba Online Product Information\topi.exe -startup O4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM\..\Run: [sweetpacks Communicator] C:\Program Files\SweetIM\Communicator\SweetPacksUpdateManager.exe O4 - HKLM\..\Run: [sweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [smoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe O4 - HKLM\..\Run: [skytel] Skytel.exe O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [igfxTray] C:\Windows\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe O4 - HKLM\..\Run: [Google EULA Launcher] c:\Program Files\Google\Google EULA\GoogleEULALauncher.exe IE PA O4 - HKLM\..\Run: [DivXUpdate] "C:\Program Files\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW O4 - HKLM\..\Run: [DATAMNGR] C:\PROGRA~1\SEARCH~1\Datamngr\DATAMN~1.EXE O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe" /start O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [speech Recognition] "C:\Windows\Speech\Common\sapisvr.exe" -SpeechUX -Startup O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder.exe (User 'Default user') O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html O9 - Extra button: eBay.co.uk - Buy It Sell It Love It - {76577871-04EC-495E-A12B-91F7C3600AFA} - eBay - one of the UK's largest shopping destinations (file missing) O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe O23 - Service: Servicio de Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Servicio de Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe O23 - Service: Ma-Config Service (maconfservice) - Unknown owner - C:\Program Files\ma-config.com\maconfservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv.exe O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe O23 - Service: vToolbarUpdater15.0.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.0.0\ToolbarUpdater.exe -- End of file - 8141 bytes
  10. Alexandra90
    Het is eindelijk gelukt! Nadat ik die removal tool gedownload had + na (slechts) 1x herstarten, zei de pc(Windows security Essentials?) me weer dat ik geen bevoegdheid had, maar heb vaak op exit geklikt en toen kwam combofix eindelijk in actie. Ik maak zometeen ook een nieuw hijacklogje! ComboFix 13-04-08.04 - Alexandra 09/04/2013 14:39:29.3.2 - x86 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2939.1958 [GMT 2:00] Running from: c:\users\Alexandra\Desktop\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Outdated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Browse2save c:\programdata\Browse2save\50ce2c906b180.html c:\programdata\Browse2save\50ce2c906b1b8.js c:\programdata\Browse2save\paegbaalpafbkfhikgojkoimcfjacgcc.crx c:\programdata\Browse2save\settings.ini c:\programdata\Browse2save\uninstall.exe c:\programdata\Microsoft\Windows\Start Menu\Programs\Browse2save c:\programdata\Microsoft\Windows\Start Menu\Programs\Browse2save\Browse2save.lnk c:\programdata\Microsoft\Windows\Start Menu\Programs\Browse2save\Uninstall.lnk C:\sooi832.bin c:\windows\system32\pt c:\windows\system32\pt\toscdspd.cpl.mui . . ((((((((((((((((((((((((( Files Created from 2013-03-09 to 2013-04-09 ))))))))))))))))))))))))))))))) . . 2013-04-09 12:49 . 2013-04-09 12:49 -------- d-----w- c:\users\Public\AppData\Local\temp 2013-04-09 12:49 . 2013-04-09 12:49 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-04-08 09:34 . 2013-03-19 03:50 7108640 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{099204B4-C597-420D-8428-CD5F1EA5B853}\mpengine.dll 2013-04-07 19:37 . 2013-04-07 19:37 -------- d-----w- c:\programdata\AVG Secure Search 2013-04-07 19:36 . 2013-04-07 19:36 -------- d-----w- c:\users\Alexandra\AppData\Roaming\TuneUp Software 2013-03-14 21:41 . 2013-02-12 01:57 15872 ----a-w- c:\windows\system32\drivers\usb8023.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-04-07 19:36 . 2012-08-30 19:27 33624 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2013-03-11 23:10 . 2009-11-03 09:37 237088 ------w- c:\windows\system32\MpSigStub.exe 2013-03-08 13:21 . 2013-03-08 13:21 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2013-01-08 18705664] "Speech Recognition"="c:\windows\Speech\Common\sapisvr.exe" [2008-01-21 49664] "Facebook Update"="c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe" [2012-07-23 138096] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-21 125952] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Zune Launcher"="c:\program files\Zune\ZuneLauncher.exe" [2010-09-24 159472] "TPwrMain"="c:\program files\TOSHIBA\Power Saver\TPwrMain.EXE" [2008-01-17 431456] "Toshiba Registration"="c:\program files\Toshiba\Registration\ToshibaRegistration.exe" [2008-01-11 574864] "topi"="c:\program files\TOSHIBA\Toshiba Online Product Information\topi.exe" [2007-07-10 581632] "SynTPEnh"="c:\program files\Synaptics\SynTP\SynTPEnh.exe" [2007-12-06 1029416] "Sweetpacks Communicator"="c:\program files\SweetIM\Communicator\SweetPacksUpdateManager.exe" [2012-08-15 231768] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2012-10-04 115032] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-10-11 149280] "SmoothView"="c:\program files\Toshiba\SmoothView\SmoothView.exe" [2008-06-24 509816] "Skytel"="Skytel.exe" [2007-11-20 1826816] "RtHDVCpl"="RtHDVCpl.exe" [2008-04-08 6037504] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-06-25 145944] "Malwarebytes' Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-03-27 421736] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-06-25 150040] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-06-25 170520] "Google EULA Launcher"="c:\program files\Google\Google EULA\GoogleEULALauncher.exe" [2008-05-28 20480] "DivXUpdate"="c:\program files\DivX\DivX Update\DivXUpdate.exe" [2010-09-16 1164584] "Camera Assistant Software"="c:\program files\Camera Assistant Software for Toshiba\traybar.exe" [2008-09-26 417792] "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 39792] "00TCrdMain"="c:\program files\TOSHIBA\FlashCards\TCrdMain.exe" [2008-05-09 716800] . c:\users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ TRDCReminder.lnk - c:\program files\TOSHIBA\TRDCReminder\TRDCReminder.exe [2008-3-5 393216] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "aux"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware] "DisableMonitoring"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder . 2013-04-08 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000Core.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-09 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2718213760-2667944845-969641845-1000UA.job - c:\users\Alexandra\AppData\Local\Facebook\Update\FacebookUpdate.exe [2011-12-15 16:46] . 2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-09 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-02-11 17:41] . 2013-04-07 c:\windows\Tasks\Norton Security Scan for Alexandra.job - c:\progra~1\NORTON~2\Engine\301~1.8\Nss.exe [2011-01-22 01:30] . 2013-04-09 c:\windows\Tasks\User_Feed_Synchronization-{50E49403-F7BF-4CDF-A766-49FCBB501384}.job - c:\windows\system32\msfeedssync.exe [2013-03-13 05:51] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com/ IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html TCP: DhcpNameServer = 192.168.1.1 Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\Common Files\AVG Secure Search\ViProtocolInstaller\15.0.0\ViProtocol.dll FF - ProfilePath - c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2269050&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://www.searchnu.com/406 FF - prefs.js: keyword.URL - hxxp://dts.search-results.com/sr?src=ffb&gct=ds&appid=287&systemid=406&apn_dtid=BND406&apn_ptnrs=AG6&apn_uid=9290710335174403&o=APN10645&q= FF - prefs.js: network.proxy.http - 127.0.0.1 FF - prefs.js: network.proxy.http_port - 56545 FF - prefs.js: network.proxy.type - 0 FF - ExtSQL: 2013-02-18 22:28; {377e5d4d-77e5-476a-8716-7e70a9272da0}; c:\users\Alexandra\AppData\Roaming\Mozilla\Firefox\Profiles\h758x4p8.default\extensions\{377e5d4d-77e5-476a-8716-7e70a9272da0} FF - ExtSQL: 2013-04-07 21:37; avg@toolbar; c:\programdata\AVG Secure Search\FireFoxExt\15.0.0.2 FF - ExtSQL: !HIDDEN! 2013-02-18 22:29; {1FD91A9C-410C-4090-BBCC-55D3450EF433}; c:\program files\Search Results Toolbar\Datamngr\FirefoxExtension FF - user.js: network.cookie.cookieBehavior - 0 FF - user.js: privacy.clearOnShutdown.cookies - false FF - user.js: security.warn_viewing_mixed - false FF - user.js: security.warn_viewing_mixed.show_once - false FF - user.js: security.warn_submit_insecure - false FF - user.js: security.warn_submit_insecure.show_once - false . - - - - ORPHANS REMOVED - - - - . BHO-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-10 - (no file) Toolbar-!{872b5b88-9db5-4310-bdd0-ac189557e5f5} - (no file) Toolbar-!{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) Toolbar-{95B7759C-8C7F-4BF1-B163-73684A933233} - (no file) HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe HKLM-Run-ROC_ROC_JULY_P1 - c:\program files\AVG Secure Search\ROC_ROC_JULY_P1.exe HKLM-Run-ROC_roc_dec12 - c:\program files\AVG Secure Search\ROC_roc_dec12.exe HKLM-Run-QuickTime Task - c:\program files\QuickTime\QTTask.exe AddRemove-Optimizer Pro_is1 - c:\program files\Optimizer Pro\unins000.exe AddRemove-{C3F3165C-74D3-6FDB-3274-14FDA8698CFA} - c:\programdata\Browse2save\uninstall.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2013-04-09 14:49 Windows 6.0.6002 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Completion time: 2013-04-09 14:53:38 ComboFix-quarantined-files.txt 2013-04-09 12:53 ComboFix2.txt 2011-06-24 18:48 ComboFix3.txt 2011-06-24 17:13 . Pre-Run: 3.979.984.896 bytes free Post-Run: 4.729.192.448 bytes free . - - End Of File - - 2E25157EC9968C4ABDE972B9507F7A43
  11. Alexandra90
    Ik moet weer teleurstellen, het lukt weeral niet! Op de koop toe vraagt AVG me steeds weer om te rebooten. Ik heb gedaan wat u in bovenstaand bericht schreef. Als ik (na safe booten) het kladblokbestand in combofix sleepte, vroeg die me of ik 'met force' AVG wilde verwijderen. Ik klikte 'ok' en dan verscheen weeral het bericht dat AVG niet zou toelaten dat combofix wordt opgestart..
  12. Alexandra90
    Goededag, AVG wilt zich niet verwijderen en is toch niet actief (ik ben niet beschermd als ik op internet ga). Laat ik zoek.exe en combofix voor wat het is en zet ik AVG + Windows Defender etc. terug aan of is er nog een andere mogelijkheid? Alvast bedankt.
  13. Alexandra90
    Ja, en meerdere keren de pc opgestart. AVG zegt me nu wel heel de tijd dat ik 'niet protected' ben. maar het blijft botsen met combofix. De AVG toolbar kwam ook plots terug, maar ik denk dat ik hem weg heb gedaan.
  14. Alexandra90
    Het is niet gelukt. Ik heb heel de namiddag geprobeerd om combofix te doen runnen. Toen kwam zoek.exe uit zichzelf weer open, maar het lukte niet met uw code en de nieuwe vinkjes aan te kruisen in 'options'. Ik heb het voor de 2e keer laten 'runnen', maar na 2 uur gebeurde er weer niets. Combofix daarentegen blokkeerde omdat ik AVG heb (zélfs als ik het tijdelijk 'disable'). Vervolgens heb ik AVG proberen te verwijderen (met uw removal tool + online opgezocht voor alternatieven om het te verwijderen) maar dit is niet gelukt. Heb in totaal m'n pc minstens 8x herstart. Wat kan ik nog doen?
  15. Alexandra90
    Het lukt niet! 1. Ik wilde zoek.exe dat nog steeds aan het runnen was, sluiten. Dit ging niet. 2. Dan heb ik de code erin geplakt, werkte ook niet. 3. Ik heb m'n pc herstart om het opnieuw te proberen, ik kreeg geen toegang meer tot zoek.exe Ik krijg nog steeds de foutmelding van Windows Security Alerts (wget.exe - Bad Image : zie bovenstaand bericht). 4. Ik heb (buiten AVG tijdelijk uit te schakelen) bij uw link om Antivirus Software uit te schakelen, naar het voorbeeld voor Microsoft Security Essentials gekeken, maar dit was niet hetzelfde als wat er op mijn pc staat. Bij Windows Security Essentials (op mijn Pc) heb ik de Firewall uitgeschakeld. De malware protection stond ook af. Toch blijft er die foutmelding komen. Ik weet niet om welke antivirus het gaat, noch hoe die af te zetten, vind ze niet terug tussen uw (beide) links. 5. Ik heb zoek.exe proberen te verwijderen en het opnieuw gedownload. Dit werkte ook niet, en ik heb nu 2x zoek.exe op mijn bureaublad staan..
Logo

OVER ONS

PC Helpforum helpt GRATIS computergebruikers sinds juli 2006. Ons team geeft via het forum professioneel antwoord op uw vragen en probeert uw pc problemen zo snel mogelijk op te lossen. Word lid vandaag, plaats je vraag online en het PC Helpforum-team helpt u graag verder!

SITEMAP

×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.