Ga naar inhoud

Ellendige pop-ups, zelf bij Chrome


Aanbevolen berichten

Hallo,

De vriendin van mijn schoonvader haar laptop heeft kuren. De snelheid is niet zo zeer een probleem, maar wel de ellendige pop-ups en reclame-advertenties. Zelf in Chrome! Ik krijg ze maar niet weg met bv Ad-aware.

Kunnen jullie een handje helpen?

Hieronder het logje.

Alvast bedankt,

Steven

Logfile of random's system information tool 1.09 (written by random/random)

Run by Brigitte at 2014-01-18 17:39:59

Microsoft Windows 7 Professional Service Pack 1

System drive C: has 151 GB (52%) free of 288 GB

Total RAM: 3000 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 17:40:02, on 18/01/2014

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v11.0 (11.00.9600.16428)

Boot mode: Normal

Running processes:

C:\windows\system32\taskhost.exe

C:\windows\system32\Dwm.exe

C:\windows\Explorer.EXE

C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe

C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe

C:\Program Files\Mobogenie\DaemonProcess.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

C:\Windows\System32\hkcmd.exe

C:\Windows\System32\igfxpers.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

C:\Program Files\IDT\WDM\sttray.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\McAfee\Common Framework\UdaterUI.exe

C:\Program Files\LogMeIn\x86\LogMeInSystray.exe

C:\Windows\WindowsMobile\wmdc.exe

C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\windows\system32\igfxsrvc.exe

C:\Program Files\McAfee\Common Framework\McTray.exe

C:\PROGRA~1\SearchProtect\SearchProtect\bin\cltmng.exe

C:\PROGRA~1\SearchProtect\UI\bin\cltmngui.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files\Hewlett-Packard\Shared\hpqToaster.exe

C:\Program Files\Hewlett-Packard\Shared\hpCaslNotification.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

C:\windows\system32\SearchFilterHost.exe

C:\Users\Brigitte\Desktop\RSIT (1).exe

C:\Program Files\trend micro\Brigitte.exe

C:\windows\system32\DllHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Google

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = PortalDoSites

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = PortalDoSites

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = Google

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O2 - BHO: Protected Toolbar - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll

O2 - BHO: uTorrentControl_v2 - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: glindorus - {9598e82a-7e09-4438-b425-b9e9718c3c73} - C:\Program Files\glindorus\glindorusbho.dll

O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL

O2 - BHO: TheSea.TheSeaPlugin - {C585D593-E7F3-4852-A200-561686EE02E4} - mscoree.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: ViewPassword - {e76da439-a1f1-4cfd-88c1-1fb8bac7e620} - C:\Program Files\ViewPassword\150.dll

O3 - Toolbar: Protected Toolbar - {61096323-3324-48fb-925b-4206f342e162} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll

O3 - Toolbar: uTorrentControl_v2 Toolbar - {7473b6bd-4691-4744-a82b-7854eb3d70b6} - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {3d86a75b-cb6b-4764-885d-ca6336f04ba2} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll

O4 - HKLM\..\Run: [QLBController] C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start

O4 - HKLM\..\Run: [iAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe

O4 - HKLM\..\Run: [synTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe

O4 - HKLM\..\Run: [igfxTray] C:\windows\system32\igfxtray.exe

O4 - HKLM\..\Run: [HotKeysCmds] C:\windows\system32\hkcmd.exe

O4 - HKLM\..\Run: [Persistence] C:\windows\system32\igfxpers.exe

O4 - HKLM\..\Run: [sysTrayApp] C:\Program Files\IDT\WDM\sttray.exe

O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"

O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\udaterui.exe" /StartedFromRunKey

O4 - HKLM\..\Run: [LogMeIn GUI] "c:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

O4 - HKLM\..\Run: [Windows Mobile Device Center] %windir%\WindowsMobile\wmdc.exe

O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files\Mobogenie\DaemonProcess.exe

O4 - HKLM\..\Run: [AdAwareTray] "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe"

O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun

O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver

O4 - HKCU\..\Run: [uTorrent] "C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

O4 - HKCU\..\Run: [iLivid] "C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe" -autorun

O4 - HKCU\..\Run: [NextLive] C:\windows\system32\rundll32.exe "C:\Users\Brigitte\AppData\Roaming\newnext.me\nengine.dll",EntryPoint -m l

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')

O4 - Global Startup: Bluetooth.lnk = ?

O9 - Extra button: (no name) - {137e72ff-50ed-4c67-8370-641ad61f2025} - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: &Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll

O9 - Extra button: @C:\windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra 'Tools' menuitem: @C:\windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\windows\WindowsMobile\INetRepl.dll

O9 - Extra button: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra 'Tools' menuitem: &Gekoppelde notities van OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll

O9 - Extra button: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra 'Tools' menuitem: @C:\Program Files\WIDCOMM\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

O9 - Extra button: Quatro Casino - Ž`__ø÷÷876¸µµÛÚÚhhg˜——@??íë멦¦PPOÊÅÅ,,,€ÿ - C:\Microgaming\Casino\QuatroCasino\casinogame.exe (file missing) (HKCU)

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O15 - ESC Trusted Zone: http://*.mcafee.com (HKLM)

O15 - ESC Trusted Zone: http://betavscan.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://vs.mcafeeasap.com (HKLM)

O15 - ESC Trusted Zone: http://www.mcafeeasap.com (HKLM)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll

O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe

O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agrsmsvc.exe

O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

O23 - Service: Search Protect by Conduit Service (CltMngSvc) - Conduit - C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe

O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Unknown owner - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe (file missing)

O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: HP Health Check Service - Unknown owner - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe (file missing)

O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe

O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe

O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe

O23 - Service: Ad-Aware Service 11 (LavasoftAdAwareService11) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe

O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe

O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\RaMaint.exe

O23 - Service: LogMeIn - LogMeIn, Inc. - c:\Program Files\LogMeIn\x86\LogMeIn.exe

O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe

O23 - Service: MgAssist Service (MgAssistService) - Unknown owner - C:\Program Files\Mobogenie\MgAssist.exe

O23 - Service: RoxMediaDB10 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe

O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe

O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

O23 - Service: Torch Crash Handler (TorchCrashHandler) - TorchMedia Inc. - C:\Users\Brigitte\AppData\Local\Torch\Update\TorchCrashHandler.exe

O23 - Service: Update glindorus - Unknown owner - C:\Program Files\glindorus\updateglindorus.exe

O23 - Service: Util glindorus - Unknown owner - C:\Program Files\glindorus\bin\utilglindorus.exe

--

End of file - 15630 bytes

======Scheduled tasks folder======

C:\windows\tasks\Adobe Flash Player Updater.job

C:\windows\tasks\AVG_SYS_TASK.job

C:\windows\tasks\AVG_SYS_TASK_DELETE.job

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job

C:\windows\tasks\GoogleUpdateTaskMachineCore.job

C:\windows\tasks\GoogleUpdateTaskMachineUA.job

C:\windows\tasks\UpdaterEX.job

C:\windows\tasks\ViewPassword Update.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default

prefs.js - "browser.search.useDBForOrder" - false

prefs.js - "browser.startup.homepage" - "http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307"

prefs.js - "keyword.URL" - "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q="

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]

"Description"=Adobe® Flash® Player 11.9.900.170 Plugin

"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]

"Description"=Adobe Shockwave Player

"Path"=C:\windows\system32\Adobe\Director\np32dsw.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=]

"Description"=iTunes Detector Plug-in

"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Apple.com/iTunes,version=1.0]

"Description"=

"Path"=C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]

"Description"=Google Earth in your browser

"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin]

"Description"=Oracle® Next Generation Java™ Plug-In

"Path"=C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]

"Description"=

"Path"=disabled

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]

"Description"=Ag Player Plugin

"Path"=c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]

"Description"=Office Authorization plug-in for NPAPI browsers

"Path"=C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]

"Description"=Microsoft SharePoint Plug-in for Firefox

"Path"=C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]

"Description"=Google Update

"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.0.5]

"Description"=VLC Multimedia Plugin

"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]

"Description"=Handles PDFs in-place in Firefox

"Path"=C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll

C:\Program Files\Mozilla Firefox\extensions\

{972ce4c6-7e08-4474-a285-3208198ce6fd}

{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

C:\Program Files\Mozilla Firefox\components\

binary.manifest

browsercomps.dll

nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\searchplugins\

bing.xml

bolcom-nl.xml

dosearches.xml

google.xml

marktplaats-nl.xml

Web Search.xml

wikipedia-nl.xml

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\

staged

{7473b6bd-4691-4744-a82b-7854eb3d70b6}

{83ac1a2f-92fc-4314-bc93-c5782d0ba7be}

{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\

MyStart Search.xml

Web Search.xml

WebSearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]

Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-01-03 63912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}]

Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2013-08-20 92560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}]

Protected Toolbar - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll [2012-10-25 1030728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]

uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]

Java Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2012-04-03 325408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]

Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28 441216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73}]

glindorus - C:\Program Files\glindorus\glindorusbho.dll [2013-10-05 249632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]

Office Document Cache Handler - C:\PROGRA~1\MICROS~4\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}]

TheSea.TheSeaPlugin - C:\windows\system32\mscoree.dll [2010-11-05 297808]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2012-04-03 42272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620}]

ViewPassword - C:\Program Files\ViewPassword\150.dll [2013-12-28 146944]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]

{61096323-3324-48fb-925b-4206f342e162} - Protected Toolbar - C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar\ProtectedToolbar.dll [2012-10-25 1030728]

{7473b6bd-4691-4744-a82b-7854eb3d70b6} - uTorrentControl_v2 Toolbar - C:\Program Files\uTorrentControl_v2\prxtbuTor.dll [2011-05-09 176936]

{3d86a75b-cb6b-4764-885d-ca6336f04ba2} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll [2013-08-20 92560]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"QLBController"=C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-01-28 256056]

"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2010-01-08 186904]

"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 1791272]

"WirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2009-09-01 499768]

"IgfxTray"=C:\windows\system32\igfxtray.exe [2010-03-12 141848]

"HotKeysCmds"=C:\windows\system32\hkcmd.exe [2010-03-12 175640]

"Persistence"=C:\windows\system32\igfxpers.exe [2010-03-12 166936]

"SysTrayApp"=C:\Program Files\IDT\WDM\sttray.exe [2010-01-29 495708]

"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2012-01-03 843712]

"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2012-02-20 59240]

"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2012-03-27 421736]

"McAfeeUpdaterUI"=C:\Program Files\McAfee\Common Framework\udaterui.exe [2011-01-12 161088]

"LogMeIn GUI"=c:\Program Files\LogMeIn\x86\LogMeInSystray.exe [2011-09-16 63048]

"Windows Mobile Device Center"=C:\windows\WindowsMobile\wmdc.exe [2007-05-31 648072]

"mobilegeni daemon"=C:\Program Files\Mobogenie\DaemonProcess.exe [2014-01-09 766656]

""= []

"AdAwareTray"=C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareTray.exe [2013-12-11 3540312]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"=C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden []

"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2012-02-29 17149576]

"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2012-03-08 4280184]

"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2012-02-13 3481408]

"Facebook Update"=C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-07-13 138096]

"uTorrent"=C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe [2013-09-24 1130576]

"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2013-12-18 5717272]

"iLivid"=C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe [2013-09-08 6827008]

"NextLive"=C:\Users\Brigitte\AppData\Roaming\newnext.me\nengine.dll [2014-01-06 1283584]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"="C:\PROGRA~1\SearchProtect\SearchProtect\bin\SPVC32Loader.dll c:\progra~2\wincert\win32c~1.dll c:\progra~1\movies~1\datamngr\mgrldr.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]

C:\windows\system32\igfxdev.dll [2010-01-25 225792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]

WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]

"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2013-05-07 115440]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]

"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\!SASCORE]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]

"ConsentPromptBehaviorAdmin"=0

"ConsentPromptBehaviorUser"=3

"EnableLUA"=0

"EnableUIADesktopToggle"=0

"PromptOnSecureDesktop"=0

"dontdisplaylastusername"=0

"legalnoticecaption"=

"legalnoticetext"=

"shutdownwithoutlogon"=1

"undockwithoutlogon"=1

"DisableTaskMgr"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]

"NoRun"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]

"vidc.mrle"=msrle32.dll

"vidc.msvc"=msvidc32.dll

"msacm.imaadpcm"=imaadp32.acm

"msacm.msg711"=msg711.acm

"msacm.msgsm610"=msgsm32.acm

"msacm.msadpcm"=msadp32.acm

"midimapper"=midimap.dll

"wavemapper"=msacm32.drv

"VIDC.UYVY"=msyuv.dll

"VIDC.YUY2"=msyuv.dll

"VIDC.YVYU"=msyuv.dll

"VIDC.IYUV"=iyuv_32.dll

"vidc.i420"=iyuv_32.dll

"VIDC.YVU9"=tsbyuv.dll

"msacm.l3acm"=C:\Windows\System32\l3codeca.acm

"vidc.cvid"=iccvid.dll

"MSVideo8"=VfWWDM32.dll

"wave1"=wdmaud.drv

"midi1"=wdmaud.drv

"mixer1"=wdmaud.drv

"aux1"=wdmaud.drv

"wave2"=wdmaud.drv

"midi2"=wdmaud.drv

"mixer2"=wdmaud.drv

"wave"=wdmaud.drv

"midi"=wdmaud.drv

"mixer"=wdmaud.drv

"msacm.siren"=sirenacm.dll

"aux"=wdmaud.drv

"wave3"=wdmaud.drv

"midi3"=wdmaud.drv

"mixer3"=wdmaud.drv

"wave4"=wdmaud.drv

"midi4"=wdmaud.drv

"mixer4"=wdmaud.drv

"wave5"=wdmaud.drv

"midi5"=wdmaud.drv

"mixer5"=wdmaud.drv

"wave6"=wdmaud.drv

"midi6"=wdmaud.drv

"mixer6"=wdmaud.drv

"wave7"=wdmaud.drv

"midi7"=wdmaud.drv

"mixer7"=wdmaud.drv

"wave8"=wdmaud.drv

"midi8"=wdmaud.drv

"mixer8"=wdmaud.drv

"wave9"=wdmaud.drv

"midi9"=wdmaud.drv

"mixer9"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-01-18 17:36:23 ----D---- C:\rsit

2014-01-18 17:36:23 ----D---- C:\Program Files\trend micro

2014-01-18 15:36:20 ----D---- C:\ProgramData\BitDefender

2014-01-18 14:20:37 ----D---- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics

2014-01-18 14:18:48 ----D---- C:\Users\Brigitte\AppData\Roaming\Lavasoft

2014-01-18 14:17:57 ----A---- C:\windows\system32\bdnc.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\OEMbdpredir.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\httproxy.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\bdsmtpp.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\bdpredir.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\bdpop3p.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\bdfwcore.dll

2014-01-18 14:17:55 ----A---- C:\windows\system32\BdFirewallSDK.dll

2014-01-18 14:16:45 ----D---- C:\Program Files\Lavasoft

2014-01-18 14:15:59 ----D---- C:\Program Files\Common Files\Lavasoft

2014-01-18 14:15:46 ----D---- C:\ProgramData\Lavasoft

2014-01-16 18:46:14 ----D---- C:\Users\Brigitte\AppData\Roaming\EuroTalk

2014-01-16 18:46:09 ----D---- C:\Program Files\EuroTalk Interactive

2014-01-15 08:05:44 ----A---- C:\windows\system32\win32k.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbuhci.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbport.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbohci.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbhub.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbehci.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbd.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\usbccgp.sys

2014-01-15 08:05:44 ----A---- C:\windows\system32\drivers\netio.sys

2014-01-14 13:18:48 ----D---- C:\Users\Brigitte\AppData\Roaming\newnext.me

2014-01-14 13:18:07 ----D---- C:\Program Files\Mobogenie

2014-01-14 13:17:25 ----A---- C:\windows\system32\XAudio2_7.dll

2014-01-14 13:17:25 ----A---- C:\windows\system32\XAPOFX1_5.dll

2014-01-14 13:17:25 ----A---- C:\windows\system32\D3DCompiler_43.dll

2014-01-14 13:17:24 ----A---- C:\windows\system32\d3dx11_43.dll

2014-01-14 13:17:24 ----A---- C:\windows\system32\d3dx10_42.dll

2014-01-05 19:12:41 ----D---- C:\ProgramData\SSaiverAedddon

2014-01-05 19:12:41 ----D---- C:\ProgramData\djplgkgacgbgeggaldhknlocbfijlpmd

2014-01-05 19:12:26 ----D---- C:\ProgramData\79aa0853f68303e0

2014-01-05 19:12:25 ----D---- C:\ProgramData\safeorWeb

2014-01-01 13:17:06 ----D---- C:\ProgramData\TorchCrashHandler

2014-01-01 13:10:31 ----D---- C:\ProgramData\Wincert

2014-01-01 13:10:02 ----D---- C:\Program Files\Movies Toolbar

2014-01-01 13:10:01 ----D---- C:\ProgramData\Datamngr

2013-12-28 21:22:51 ----D---- C:\ProgramData\AVG 1213b Campaign

2013-12-28 21:19:01 ----D---- C:\Program Files\ViewPassword

2013-12-19 06:56:11 ----D---- C:\Program Files\MSECache

======List of files/folders modified in the last 1 month======

2014-01-18 17:36:34 ----D---- C:\windows\Prefetch

2014-01-18 17:36:23 ----RD---- C:\Program Files

2014-01-18 17:33:58 ----D---- C:\windows\Temp

2014-01-18 17:33:08 ----D---- C:\Users\Brigitte\AppData\Roaming\Skype

2014-01-18 16:34:11 ----D---- C:\windows\system32\config

2014-01-18 15:36:28 ----D---- C:\windows\System32

2014-01-18 15:36:20 ----HD---- C:\ProgramData

2014-01-18 14:34:25 ----D---- C:\Users\Brigitte\AppData\Roaming\uTorrent

2014-01-18 14:32:46 ----A---- C:\ProgramData\HPWALog.txt

2014-01-18 14:17:57 ----SHD---- C:\windows\Installer

2014-01-18 14:17:55 ----D---- C:\windows\system32\drivers

2014-01-18 14:17:55 ----D---- C:\windows\inf

2014-01-18 14:17:53 ----D---- C:\windows\system32\DriverStore

2014-01-18 14:17:53 ----D---- C:\windows\system32\catroot

2014-01-18 14:15:59 ----D---- C:\Program Files\Common Files

2014-01-18 01:44:46 ----A---- C:\windows\system32\PerfStringBackup.INI

2014-01-18 01:39:37 ----D---- C:\ProgramData\LogMeIn

2014-01-16 16:23:25 ----D---- C:\Program Files\SearchProtect

2014-01-15 09:24:43 ----D---- C:\windows\winsxs

2014-01-15 09:13:39 ----D---- C:\windows\system32\MRT

2014-01-15 09:11:38 ----A---- C:\windows\system32\MRT.exe

2014-01-15 08:04:26 ----D---- C:\windows\system32\catroot2

2014-01-14 13:17:56 ----D---- C:\Program Files\Common Files\microsoft shared

2014-01-14 13:17:22 ----D---- C:\windows\Logs

2014-01-12 14:43:07 ----SD---- C:\Users\Brigitte\AppData\Roaming\Microsoft

2014-01-12 13:32:59 ----D---- C:\Users\Brigitte\AppData\Roaming\vlc

2014-01-11 19:18:28 ----SHD---- C:\$Recycle.Bin

2014-01-09 13:30:24 ----D---- C:\Program Files\F-Secure

2014-01-09 13:29:44 ----D---- C:\ProgramData\fssg

2014-01-09 13:29:38 ----D---- C:\Windows

2014-01-09 13:24:33 ----D---- C:\ProgramData\MFAData

2014-01-09 13:24:33 ----D---- C:\ProgramData\AVG2014

2014-01-07 11:19:22 ----AD---- C:\ProgramData\TEMP

2014-01-06 21:28:10 ----A---- C:\windows\system32\FlashPlayerApp.exe

2013-12-28 21:22:56 ----D---- C:\windows\system32\Tasks

2013-12-28 21:22:55 ----D---- C:\windows\Tasks

2013-12-19 17:49:22 ----D---- C:\windows\system32\wdi

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2010-01-08 331288]

R0 PxHelp20;PxHelp20; C:\windows\System32\Drivers\PxHelp20.sys [2009-07-09 45200]

R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]

R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 175360]

R1 BdfNdisf;BitDefender Firewall NDIS 6 Filter Driver; \??\c:\program files\lavasoft\ad-aware antivirus\firewall engine\1.6.0.0\drivers\bdfndisf6.sys [2013-07-17 77192]

R1 bdfwfpf;bdfwfpf; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Firewall Engine\1.6.0.0\Drivers\bdfwfpf.sys [2013-07-17 90704]

R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2011-07-22 12880]

R1 SAS***IL;SAS***IL; \??\C:\Program Files\SUPERAntiSpyware\SAS***IL.SYS [2011-07-12 67664]

R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 48128]

R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 296064]

R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]

R2 LMIInfo;LogMeIn Kernel Information Provider; \??\c:\Program Files\LogMeIn\x86\RaInfo.sys [2013-06-02 13624]

R2 LMIRfsDriver;LogMeIn Remote File System Driver; \??\C:\windows\system32\drivers\LMIRfsDriver.sys [2011-09-16 47640]

R3 AgereSoftModem;Agere Systems Soft Modem; C:\windows\system32\DRIVERS\AGRSM.sys [2010-01-26 1163328]

R3 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2012-04-03 242240]

R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]

R3 gzflt;gzflt; \??\C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\2.6.0.0\gzflt.sys [2013-07-17 154464]

R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2009-07-16 15872]

R3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2010-01-25 6282240]

R3 IntcHdmiAddService;Intel® High Definition Audio HDMI; C:\windows\system32\drivers\IntcHdmi.sys [2009-07-09 122880]

R3 lmimirr;lmimirr; C:\windows\system32\DRIVERS\lmimirr.sys [2011-09-16 10144]

R3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 133632]

R3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856]

R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver; C:\windows\system32\DRIVERS\rtl8192se.sys [2011-09-08 1117800]

R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-01-30 73344]

R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt.sys [2010-01-29 423424]

R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1303728]

R3 Trufos;Trufos; C:\windows\system32\DRIVERS\Trufos.sys [2013-07-17 340624]

R3 vpcbus;Hostbusservice voor Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 172416]

R3 vpcusb;Connectorservice voor USB-virtualisatie; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 78336]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]

S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]

S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]

S3 amdagp;AMD AGP Bus Filter Driver; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]

S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\windows\System32\Drivers\ssadadb.sys [2011-05-13 30312]

S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]

S3 BthEnum;Bluetooth-stuurprogramma voor aanvraagblok; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]

S3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]

S3 BTHPORT;Stuurprogramma voor Bluetooth-poort; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]

S3 BTHUSB;USB-stuurprogramma voor Bluetooth-radio; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]

S3 btwaudio;Bluetooth-audioapparaat; C:\windows\system32\drivers\btwaudio.sys [2010-01-07 86056]

S3 btwavdt;Bluetooth AVDT; C:\windows\system32\DRIVERS\btwavdt.sys [2010-01-07 108072]

S3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-01-07 29472]

S3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-01-07 18472]

S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudbus.sys [2013-08-20 84248]

S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]

S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]

S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 5632]

S3 sisagp;SIS AGP Bus Filter; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]

S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\windows\system32\DRIVERS\ssadbus.sys [2011-05-13 121064]

S3 ssadmdfl;SAMSUNG Android USB Modem (Filter); C:\windows\system32\DRIVERS\ssadmdfl.sys [2011-05-13 12776]

S3 ssadmdm;SAMSUNG Android USB Modem Drivers; C:\windows\system32\DRIVERS\ssadmdm.sys [2011-05-13 136808]

S3 ssadserd;SAMSUNG Android USB Diagnostic Serial Port (WDM); C:\windows\system32\DRIVERS\ssadserd.sys [2011-05-13 114280]

S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudmdm.sys [2013-08-20 182680]

S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.); C:\windows\system32\DRIVERS\ssudserd.sys [2013-08-20 182680]

S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 28032]

S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 30720]

S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]

S3 USBAAPL;Apple Mobile USB Driver; C:\windows\System32\Drivers\usbaapl.sys [2012-02-15 43520]

S3 usbscan;Stuurprogramma voor USB-scanner; C:\windows\system32\DRIVERS\usbscan.sys [2013-07-03 36352]

S3 viaagp;VIA AGP Bus Filter; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]

S3 ViaC7;VIA C7 Processor Driver; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]

S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 17920]

S4 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 388096]

S4 LMIRfsClientNP;LMIRfsClientNP; C:\windows\system32\drivers\LMIRfsClientNP.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 !SASCORE;SAS Core Service; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [2013-10-10 120088]

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-01-03 63928]

R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\aestsrv.exe [2009-03-03 81920]

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Program Files\LSI SoftModem\agrsmsvc.exe [2009-12-03 26112]

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2012-02-26 55144]

R2 Bonjour Service;Bonjour-service; C:\Program Files\Bonjour\mDNSResponder.exe [2011-08-30 390504]

R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2009-12-29 595232]

R2 CltMngSvc;Search Protect by Conduit Service; C:\PROGRA~1\SearchProtect\Main\bin\CltMngSvc.exe [2014-01-01 2301216]

R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-01-28 265272]

R2 IAANTMON;Intel® Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2010-01-08 354840]

R2 LavasoftAdAwareService11;Ad-Aware Service 11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.1.5152.0\AdAwareService.exe [2013-12-11 494136]

R2 LMIGuardianSvc;LMIGuardianSvc; c:\Program Files\LogMeIn\x86\LMIGuardianSvc.exe [2013-12-14 375120]

R2 LMIMaint;LogMeIn Maintenance Service; c:\Program Files\LogMeIn\x86\RaMaint.exe [2013-12-14 202576]

R2 LogMeIn;LogMeIn; c:\Program Files\LogMeIn\x86\LogMeIn.exe [2011-09-16 390528]

R2 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2011-01-12 120128]

R2 MgAssistService;MgAssist Service; C:\Program Files\Mobogenie\MgAssist.exe [2014-01-09 63168]

R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\windows\system32\svchost.exe [2009-07-14 20992]

R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt.inf_x86_neutral_9b219d80a8843bf8\STacSV.exe [2010-01-29 229458]

R2 TorchCrashHandler;Torch Crash Handler; C:\Users\Brigitte\AppData\Local\Torch\Update\TorchCrashHandler.exe [2013-12-21 1205760]

R2 Update glindorus;Update glindorus; C:\Program Files\glindorus\updateglindorus.exe [2014-01-14 97056]

R2 Util glindorus;Util glindorus; C:\Program Files\glindorus\bin\utilglindorus.exe [2014-01-14 97056]

R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\windows\system32\svchost.exe [2009-07-14 20992]

R3 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2009-12-17 230968]

R3 iPod Service;iPod-service; C:\Program Files\iPod\bin\iPodService.exe [2012-03-27 821608]

R3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 20992]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]

S2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe []

S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-18 116648]

S2 HP Health Check Service;HP Health Check Service; C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe []

S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-01-06 257416]

S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 20992]

S3 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]

S3 gupdatem;Google Update Service (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-07-18 116648]

S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2013-11-26 108032]

S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]

S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4640000]

S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 20992]

S3 RoxMediaDB10;RoxMediaDB10; c:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [2009-11-23 1120752]

S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2009-10-16 74392]

S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 20992]

S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-04-03 1343400]

S4 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 20992]

S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------

Link naar reactie
Delen op andere sites

Deze PC is inderdaad "zwaar" besmet, logisch dat je dat zo maar niet weg krijgt ;-)

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe (hier en hier) kan je lezen hoe je dat doet.

Download 51a612a8b27e2-Zoek.pngZoek.exe naar het bureaublad (niet de .zip- of .rar-versie)

  • Wanneer Internet Explorer of een andere browser of virusscanner melding geeft dat dit bestand onveilig zou zijn kun je negeren, dit is namelijk een onterechte waarschuwing.
  • Dubbelklik op Zoek.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

chromelook; 
firefoxlook;
  {3d86a75b-cb6b-4764-885d-ca6336f04ba2};c
 {61096323-3324-48fb-925b-4206f342e162};c
 C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar;fs
 {7473b6bd-4691-4744-a82b-7854eb3d70b6};c
 C:\Program Files\uTorrentControl_v2;fs
 {9598e82a-7e09-4438-b425-b9e9718c3c73};c
 C:\Program Files\glindorus;fs
 {C585D593-E7F3-4852-A200-561686EE02E4};c
 mobilegeni daemon;s
 C:\Program Files\Mobogenie;fs
 iLivid;s
 C:\Users\Brigitte\AppData\Local\iLivid;fs
 NextLive;s
 C:\Users\Brigitte\AppData\Roaming\newnext.me;fs
 {137e72ff-50ed-4c67-8370-641ad61f2025};c
 C:\Microgaming\Casino;fs
 CltMngSvc;s
 DatamngrCoordinator;s
 C:\Program Files\Movies Toolbar;fs
 MgAssistService;s
 Update glindorus;s
 Util glindorus;s
 C:\Program Files\Mozilla Firefox\searchplugins\dosearches.xml;f
 C:\Program Files\Mozilla Firefox\searchplugins\Web Search.xml;f
 C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\Web Search.xml;f
 C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\WebSearch.xml;f
 C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\MyStart Search.xml;f
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73}];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}];r
 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run];r
 "mobilegeni daemon"=-;r
 ""=-;r
 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
 "iLivid"=-;r
 "NextLive"=-;r
 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows];r
 "AppInit_DLLs"=-;r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe];r
 [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe];r
 C:\ProgramData\SSaiverAedddon;fs
 C:\ProgramData\djplgkgacgbgeggaldhknlocbfijlpmd;fs
 C:\ProgramData\79aa0853f68303e0;fs
 C:\ProgramData\safeorWeb;fs
 C:\ProgramData\Wincert;fs
 C:\Program Files\Movies Toolbar;fs
 C:\ProgramData\Datamngr;fs
 C:\Program Files\SearchProtect;fs
 emptyfolderscheck;delete 
startupall; 
filesrcm;

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Shortcut Fix
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

Hey Kape,

bedankt voor de snelle reactie :top:

Chrome ziet er al heel wat beter uit.... maar merk dat ik toch nog af en toe een pop-up krijg.

Hieronder het logje zoals je gevraagd had.

Zoek.exe v5.0.0.0 Updated 18-Januari-2014

Tool run by Brigitte on Sat 18/01/2014 at 19:20:10,30.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Brigitte\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

18/01/2014 19:22:06 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Program Files\MSXML 4.0 deleted successfully

C:\ProgramData\PDFC deleted successfully

C:\Users\Brigitte\AppData\Local\CutePDF Writer deleted successfully

C:\Users\Brigitte\AppData\Local\PDFC deleted successfully

C:\Users\Brigitte\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{61096323-3324-48fb-925b-4206f342e162} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{61096323-3324-48fb-925b-4206f342e162} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{137e72ff-50ed-4c67-8370-641ad61f2025} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{61096323-3324-48fb-925b-4206f342e162} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{137e72ff-50ed-4c67-8370-641ad61f2025} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{3d86a75b-cb6b-4764-885d-ca6336f04ba2} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{61096323-3324-48fb-925b-4206f342e162} deleted successfully

HKEY_LOCAL_MACHINE\software\microsoft\internet explorer\urlsearchhooks\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted successfully

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CltMngSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\CltMngSvc deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\DatamngrCoordinator deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\MgAssistService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\MgAssistService deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Update glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Update glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Update glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Update glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Eventlog\Application\Util glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Util glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Eventlog\Application\Util glindorus deleted successfully

HKEY_LOCAL_MACHINE\SYSTEM\ControlSet002\Services\Util glindorus deleted successfully

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3d86a75b-cb6b-4764-885d-ca6336f04ba2}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{61096323-3324-48fb-925b-4206f342e162}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7473b6bd-4691-4744-a82b-7854eb3d70b6}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9598e82a-7e09-4438-b425-b9e9718c3c73}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C585D593-E7F3-4852-A200-561686EE02E4}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]

"mobilegeni daemon"=-

""=-

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"iLivid"=-

"NextLive"=-

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]

"AppInit_DLLs"=-

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

==== Deleting Files \ Folders ======================

C:\Microgaming\Casino not found

C:\Users\Brigitte\AppData\Roaming\ProtectedToolbar deleted

C:\Program Files\uTorrentControl_v2 deleted

C:\Users\Brigitte\AppData\Roaming\newnext.me deleted

C:\Program Files\Movies Toolbar deleted

C:\ProgramData\SSaiverAedddon deleted

C:\ProgramData\djplgkgacgbgeggaldhknlocbfijlpmd deleted

C:\ProgramData\79aa0853f68303e0 deleted

C:\ProgramData\safeorWeb deleted

C:\ProgramData\Wincert deleted

C:\ProgramData\Datamngr deleted

C:\Program Files\SearchProtect deleted

"C:\Program Files\Mozilla Firefox\searchplugins\dosearches.xml" deleted

"C:\Program Files\Mozilla Firefox\searchplugins\Web Search.xml" deleted

"C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\Web Search.xml" deleted

"C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\WebSearch.xml" deleted

"C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\searchplugins\MyStart Search.xml" deleted

"C:\Program Files\glindorus\updateglindorus.exe" deleted

"C:\Program Files\Mobogenie\DaemonProcess.exe" deleted

"C:\Program Files\Mobogenie\DCR.dll" deleted

"C:\Program Files\Mobogenie\Device.dll" deleted

"C:\Program Files\Mobogenie\libeay32.dll" deleted

"C:\Program Files\Mobogenie\msvcp100.dll" deleted

"C:\Program Files\Mobogenie\msvcr100.dll" deleted

"C:\Program Files\Mobogenie\QtCore4.dll" deleted

"C:\Program Files\Mobogenie\QtGui4.dll" deleted

"C:\Program Files\Mobogenie\QtNetwork4.dll" deleted

"C:\Program Files\Mobogenie\QtSql4.dll" deleted

"C:\Program Files\Mobogenie\QtWebKit4.dll" deleted

"C:\Program Files\Mobogenie\ssleay32.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\libeay32.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\msvcp100.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\msvcr100.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\QtCore4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\QtGui4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\QtNetwork4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\QtWebKit4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\QtXml4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\ssleay32.dll" deleted

"C:\Program Files\glindorus\bin\sqlite3.dll" deleted

"C:\Program Files\glindorus\bin\utilglindorus.exe" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qgif4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qico4.dll" deleted

"C:\Users\Brigitte\AppData\Local\iLivid\imageformats\qjpeg4.dll" deleted

"C:\Program Files\glindorus" not deleted

"C:\Program Files\Mobogenie" deleted

"C:\Users\Brigitte\AppData\Local\iLivid" deleted

"C:\Program Files\glindorus\bin" not deleted

"C:\Users\Brigitte\AppData\Local\iLivid\imageformats" deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

====== C:\Users\Brigitte\AppData\Local\Temp ====

2014-01-14 12:17:46 282791611C9DBA51A4425DE58CC8DF27 7710720 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\01141317-00001f48-wxm4arvyf7\WLXSuite.msi

2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe

2014-01-05 13:34:59 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe

2014-01-05 13:34:59 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe

====== Java Cache =====

====== C:\windows\system32 =====

2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\windows\System32\win32k.sys

2014-01-14 12:17:25 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\windows\System32\XAPOFX1_5.dll

2014-01-14 12:17:25 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\windows\System32\XAudio2_7.dll

2014-01-14 12:17:25 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\windows\System32\D3DCompiler_43.dll

2014-01-14 12:17:24 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\windows\System32\d3dx11_43.dll

2014-01-14 12:17:24 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\windows\System32\d3dx10_42.dll

====== C:\windows\system32\drivers =====

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\windows\System32\drivers\usbhub.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\windows\System32\drivers\usbport.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\windows\System32\drivers\usbehci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\windows\System32\drivers\usbohci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\windows\System32\drivers\usbuhci.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\windows\System32\drivers\usbd.sys

2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\windows\System32\drivers\netio.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\windows\System32\drivers\usbccgp.sys

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

2014-01-18 16:36:23 -------- d-----w- C:\Program Files\trend micro

2014-01-18 13:16:45 -------- d-----w- C:\Program Files\Lavasoft

2014-01-16 17:46:09 -------- d-----w- C:\Program Files\EuroTalk Interactive

2013-12-28 20:19:01 -------- d-----w- C:\Program Files\ViewPassword

======= C: =====

====== C:\Users\Brigitte\AppData\Roaming ======

2014-01-18 13:20:37 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics

2014-01-16 17:46:14 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\EuroTalk

2014-01-15 12:28:52 978ABE7248592A3665A5D9B5BEEFD3EE 288 ----a-w- C:\Users\Brigitte\AppData\Roaming\.backup.dm

2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\Mobogenie

2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\genienext

2014-01-14 12:18:48 -------- d-----w- C:\Users\Brigitte\AppData\Local\cache

2014-01-14 12:18:11 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie

2014-01-01 12:16:56 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch

2014-01-01 12:16:31 -------- d-----w- C:\Users\Brigitte\AppData\Local\Torch

2014-01-01 12:11:00 -------- d-----w- C:\Users\Brigitte\AppData\Locallow\DataMngr

2014-01-01 12:10:24 -------- d-----w- C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha

2014-01-01 12:10:20 -------- d-----w- C:\Users\Brigitte\AppData\Locallow\ilividmoviestoolbarha

====== C:\Users\Brigitte ======

2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe

2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe

2014-01-18 14:36:20 -------- d-----w- C:\ProgramData\BitDefender

2014-01-18 13:15:46 -------- d-----w- C:\ProgramData\Lavasoft

2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe

2014-01-16 17:46:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now!

2014-01-14 12:18:51 D41D8CD98F00B204E9800998ECF8427E 0 ----a-w- C:\Users\Brigitte\daemonprocess.txt

2014-01-14 12:18:49 -------- d-----w- C:\Users\Brigitte\.android

2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe

2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe

2014-01-09 20:03:25 A99ABB043DF796C6C941154EE858AAE9 1751600 ----a-w- C:\Users\Brigitte\Downloads\iLividSetup-r1040-n-bi.exe

2014-01-01 12:17:06 -------- d-----w- C:\ProgramData\TorchCrashHandler

2013-12-28 20:22:51 -------- d-----w- C:\ProgramData\AVG 1213b Campaign

====== C: exe-files ==

2014-01-18 17:04:08 E2282FC6D371FE1D91FBBFA9C3C9D3B8 1009952 ----a-w- C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe

2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe

2014-01-18 16:36:23 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Brigitte.exe

2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe

2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe

2014-01-14 12:16:45 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7d35043c1cf112204\DXSETUP.exe

2014-01-14 12:16:43 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7c33ef9e1cf112203\DXSETUP.exe

2014-01-14 12:16:42 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7bbcead01cf112202\DXSETUP.exe

2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe

2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe

2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe

=== C: other files ==

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\udaterui.exe /StartedFromRunKey"

"LogMeIn GUI"="c:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Folders ======================

2012-04-03 17:32:12 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/01/2014 21:28]

C:\windows\tasks\AVG_SYS_TASK.job --a------ C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe [05/12/2013 19:06]

C:\windows\tasks\AVG_SYS_TASK_DELETE.job --a------ [undetermined Task]

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job --a------ [undetermined Task]

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/07/2012 21:46]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48]

C:\windows\tasks\UpdaterEX.job --a------ C:\Users\Brigitte\AppData\Roaming\UPDATE1\UPDATE1\UPDATE1.exe []

C:\windows\tasks\ViewPassword Update.job --a------ [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\windows\system32\tasks\AVG_SYS_TASK" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe]

"C:\windows\system32\tasks\AVG_SYS_TASK_DELETE" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe]

"C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\windows\system32\tasks\DealPly" [C:\Users\Brigitte\AppData\Roaming\DealPly\UPDATE~1\UPDATE~1.EXE]

"C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\UpdaterEX" [C:\Users\Brigitte\AppData\Roaming\UPDATE~1\UPDATE~1\UPDATE~1.EXE]

"C:\windows\system32\tasks\ViewPassword Update" [C:\Program Files\ViewPassword\ViewPassword.exe]

"C:\windows\system32\tasks\{C850CDCE-2B72-458E-8CFF-58F265C69A33}" ["c:\program files\internet explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux ? Skype

"C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

"C:\windows\system32\tasks\ProtectedSearch\Protected Search" ["C:\Program Files\Protected Search\ProtectedSearch.exe"]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{0b67060e-62bf-4fc6-a316-c327841d0451}"="C:\Program Files\ViewPassword\150.xpi" [28/12/2013 21:19]

==== Firefox Extensions ======================

ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default

- Undetermined - %ProfilePath%\extensions\staged

- uTorrentControl_v2 - %ProfilePath%\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}

- Protected Toolbar - %ProfilePath%\extensions\{83ac1a2f-92fc-4314-bc93-c5782d0ba7be}

- IncrediMail MediaBar 2 Community Toolbar - %ProfilePath%\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0}

- glindorus - %ProfilePath%\extensions\firefox@glindorus.net.xpi

AppDir: C:\Program Files\Mozilla Firefox

- Default - %AppDir%\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

- Java Console - %AppDir%\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA}

==== Firefox Plugins ======================

Profilepath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Brigitte\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1

D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1

BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1

C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1

AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1

CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1

1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1

34E3709244736B8976820F730E5A8815 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U31

A878453A1714870EAADA83E6434BDB77 - C:\Program Files\Java\jre6\bin\plugin2\npdeployJava1.dll - Java Deployment Toolkit 6.0.310.5

A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

4676A8E1EE37E71486717ECD1E61C17B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

8082F66DC9C8167FF1AA548736F58457 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

53FE2D34B143EFDB80685281E751B91C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[20/08/2013 06:55]

ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[]

ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[19/11/2012 20:00]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[30/10/2013 19:07]

jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files\ViewPassword\150.crx[28/12/2013 21:18]

kjlkjjohncghchjiniokhljcgmlajgpb - C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx[25/10/2012 08:47]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[19/11/2012 20:00]

Movies Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

glindorus - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe

safeorWeb - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk

uTorrentControl_v2 - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Select City - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

ViewPassword - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Protected Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb

Google Wallet - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Movies Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

Ask Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne

glindorus - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe

safeorWeb - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk

DropToS - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo

Torch Games - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp

Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad

FaceLift - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk

ViewPassword - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Torch Helper - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Torch Torrent - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc

Google Wallet - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed

Hola - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh

undetermined - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} deleted successfully

==== shortcuts on Users Desktops ======================

C:\Users\Brigitte\Desktop\Continue PDF Creator Installation.lnk - C:\Users\Brigitte\AppData\Local\Temp\ICReinstall_PDFCreatorSetup.exe /RR

C:\Users\Brigitte\Desktop\Documenten op Brigitte's Apparaat.LNK - C:\Users\Brigitte\Documents\Documenten op Brigitte's Apparaat

C:\Users\Brigitte\Desktop\Downloads - Snelkoppeling.lnk - C:\Users\Brigitte\Downloads

C:\Users\Brigitte\Desktop\filmpjes 2013 - Snelkoppeling (2).lnk - G:\MP_ROOT\100ANV01\filmpjes 2013

C:\Users\Brigitte\Desktop\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe

C:\Users\Brigitte\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Brigitte\Desktop\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Brigitte\Desktop\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe

C:\Users\Brigitte\Desktop\Start - Snelkoppeling.lnk - F:\Start.exe

C:\Users\Brigitte\Desktop\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

C:\Users\Brigitte\Desktop\Windows Mobile Apparaatcentrum.lnk - C:\Windows\WindowsMobile\wmdc.exe /show

C:\Users\Brigitte\Desktop\Youtube.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe YouTube --run-by-youtube

C:\Users\Brigitte\Desktop\µTorrent.lnk -

C:\Users\Brigitte\Desktop\BACKUP OUDE DATA\Documents\reggy\Lokale schijf © - Snelkoppeling.lnk - C:\

C:\Users\Brigitte\Desktop\cd\32.????????????????? - Snelkoppeling - kopie.lnk -

C:\Users\Brigitte\Desktop\cd\32.????????????????? - Snelkoppeling.lnk -

C:\Users\Brigitte\Desktop\werk\imm002_0 - Snelkoppeling.lnk - F:\Roll\imm002_0.jpg

C:\Users\Brigitte\Desktop\werk\imm004_2 - Snelkoppeling.lnk - F:\Roll\imm004_2.jpg

C:\Users\Brigitte\Desktop\werk\imm005_3 - Snelkoppeling.lnk - F:\Roll\imm005_3.jpg

C:\Users\Brigitte\Desktop\werk\imm006_4 - Snelkoppeling.lnk - F:\Roll\imm006_4.jpg

C:\Users\Brigitte\Desktop\werk\imm007_5 - Snelkoppeling.lnk - F:\Roll\imm007_5.jpg

C:\Users\Brigitte\Desktop\werk\imm008_6 - Snelkoppeling.lnk - F:\Roll\imm008_6.jpg

C:\Users\Brigitte\Desktop\werk\imm009_7 - Snelkoppeling.lnk - F:\Roll\imm009_7.jpg

C:\Users\Brigitte\Desktop\werk\imm010_8 - Snelkoppeling.lnk - F:\Roll\imm010_8.jpg

C:\Users\Brigitte\Desktop\werk\imm011_9 - Snelkoppeling.lnk - F:\Roll\imm011_9.jpg

C:\Users\Brigitte\Desktop\werk\imm012_10 - Snelkoppeling.lnk - F:\Roll\imm012_10.jpg

C:\Users\Brigitte\Desktop\werk\imm013_11 - Snelkoppeling.lnk - F:\Roll\imm013_11.jpg

C:\Users\Brigitte\Desktop\werk\imm014_12 - Snelkoppeling.lnk - F:\Roll\imm014_12.jpg

C:\Users\Brigitte\Desktop\werk\imm015_13 - Snelkoppeling.lnk - F:\Roll\imm015_13.jpg

C:\Users\Brigitte\Desktop\werk\imm016_14 - Snelkoppeling.lnk - F:\Roll\imm016_14.jpg

C:\Users\Brigitte\Desktop\werk\imm017_15 - Snelkoppeling.lnk - F:\Roll\imm017_15.jpg

C:\Users\Brigitte\Desktop\werk\imm018_16 - Snelkoppeling.lnk - F:\Roll\imm018_16.jpg

C:\Users\Brigitte\Desktop\werk\imm019_17 - Snelkoppeling.lnk - F:\Roll\imm019_17.jpg

C:\Users\Brigitte\Desktop\werk\imm020_18 - Snelkoppeling.lnk - F:\Roll\imm020_18.jpg

C:\Users\Brigitte\Desktop\werk\imm021_19 - Snelkoppeling.lnk - F:\Roll\imm021_19.jpg

C:\Users\Brigitte\Desktop\werk\imm022_20 - Snelkoppeling.lnk - F:\Roll\imm022_20.jpg

C:\Users\Brigitte\Desktop\werk\imm023_21 - Snelkoppeling.lnk - F:\Roll\imm023_21.jpg

C:\Users\Brigitte\Desktop\werk\imm024_22 - Snelkoppeling.lnk - F:\Roll\imm024_22.jpg

C:\Users\Brigitte\Desktop\werk\imm025_23 - Snelkoppeling.lnk - F:\Roll\imm025_23.jpg

C:\Users\Brigitte\Desktop\werk\imm026_24 - Snelkoppeling.lnk - F:\Roll\imm026_24.jpg

C:\Users\Brigitte\Desktop\werk\imm027_25 - Snelkoppeling.lnk - F:\Roll\imm027_25.jpg

C:\Users\Brigitte\Desktop\werk\imm028_26 - Snelkoppeling.lnk - F:\Roll\imm028_26.jpg

C:\Users\Brigitte\Desktop\werk\imm029_27 - Snelkoppeling.lnk - F:\Roll\imm029_27.jpg

C:\Users\Brigitte\Desktop\werk\imm030_28 - Snelkoppeling.lnk - F:\Roll\imm030_28.jpg

C:\Users\Brigitte\Desktop\werk\imm031_29 - Snelkoppeling.lnk - F:\Roll\imm031_29.jpg

C:\Users\Brigitte\Desktop\werk\imm032_30 - Snelkoppeling.lnk - F:\Roll\imm032_30.jpg

C:\Users\Brigitte\Desktop\werk\imm033_31 - Snelkoppeling.lnk - F:\Roll\imm033_31.jpg

C:\Users\Brigitte\Desktop\werk\imm034_32 - Snelkoppeling.lnk - F:\Roll\imm034_32.jpg

C:\Users\Brigitte\Desktop\werk\imm035_33 - Snelkoppeling.lnk - F:\Roll\imm035_33.jpg

C:\Users\Brigitte\Desktop\werk\imm036_34 - Snelkoppeling.lnk - F:\Roll\imm036_34.jpg

C:\Users\Brigitte\Desktop\werk\imm037_35 - Snelkoppeling.lnk - F:\Roll\imm037_35.jpg

C:\Users\Brigitte\Desktop\werk\imm038_36 - Snelkoppeling.lnk - F:\Roll\imm038_36.jpg

C:\Users\Brigitte\Desktop\werk\imm039_37 - Snelkoppeling.lnk - F:\Roll\imm039_37.jpg

==== shortcuts on All Users Desktop ======================

C:\Users\Public\Desktop\EZDownloader.lnk - C:\Program Files\EZDownloader\EZDownloader.exe

C:\Users\Public\Desktop\Golden Palace Poker.lnk - C:\GoldenPalace\StartGoldenPalace.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe

C:\Users\Public\Desktop\Off-linediensten van Home'Bank.lnk - C:\Program Files\ING\Off-line\HomeBank.exe

C:\Users\Public\Desktop\Second Life Viewer.lnk - C:\Program Files\SecondLifeViewer\SecondLife.exe --set InstallLanguage en

C:\Users\Public\Desktop\Talk Now.lnk -

C:\Users\Public\Desktop\VLC media player.lnk - C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Users\Public\Desktop\µTorrent.lnk -

==== shortcuts in Users Start Menu ======================

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

==== shortcuts in All Users Start Menu ======================

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now - Full Screen.lnk -

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now.lnk -

==== shortcuts in Quick Launch ======================

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Golden Palace Poker.lnk - C:\GoldenPalace\StartGoldenPalace.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe PortalDoSites

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk - C:\Users\Brigitte\AppData\Local\iLivid\iLivid.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Microsoft Outlook.lnk - C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE /recycle

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\µTorrent.lnk -

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\7e4dca80246863e3\pinned.lnk - C:\windows\system32\control.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Calculator.lnk - C:\windows\system32\calc.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\ING Home'Bank.lnk - C:\Program Files\ING\Off-line\HomeBank.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Publisher 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Second Life Viewer.lnk - C:\Program Files\SecondLifeViewer\SecondLife.exe --set InstallLanguage en

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Skype.lnk - C:\windows\Installer\{1845470B-EB14-4ABC-835B-E36C693DC07D}\SkypeIcon.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\StartMenu\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe PortalDoSites

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Excel 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\xlicons.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Outlook 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\outicon.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft PowerPoint 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pptico.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Publisher 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\pubs.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Microsoft Word 2010.lnk - C:\windows\Installer\{90140000-0012-0000-0000-0000000FF1CE}\wordicon.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mobogenie.lnk - C:\Program Files\Mobogenie\Mobogenie.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Torch.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Explorer.lnk - C:\windows\explorer.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Windows Media Player.lnk - C:\Program Files\Windows Media Player\wmplayer.exe /prefetch:1

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\Default User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk -

C:\Users\LogMeInRemoteUser\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk -

==== shortcuts After Repair ======================

C:\Users\Brigitte\Desktop\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Brigitte\Desktop\Youtube.lnk - C:\Users\Brigitte\AppData\Local\Torch\Application\torch.exe

C:\Users\Public\Desktop\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk - C:\Program Files\Google\Chrome\Application\chrome.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer (2).lnk - C:\Program Files\Internet Explorer\iexplore.exe

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe

==== C:\zoek_backup content ======================

C:\zoek_backup (files=3482 folders=231 205526675 bytes)

==== After Reboot ======================

==== Deleting Files / Folders ======================

"C:\Program Files\glindorus" not found

==== EOF on Sat 18/01/2014 at 19:29:41,92 ======================

Link naar reactie
Delen op andere sites

Chrome ziet er al heel wat beter uit.... maar merk dat ik toch nog af en toe een pop-up krijg.
Dat klopt helemaal, want we zijn nog maar net begonnen ;-)

Dubbelklik op Zoek.exe om de tool te starten.


  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Kopieer nu onderstaande code en plak die in het grote invulvenster:
  • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkaardig probleem.

  C:\Users\Brigitte\AppData\Local\Mobogenie;fs
 C:\Users\Brigitte\AppData\Local\genienext;fs
 C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie;fs
 C:\Users\Brigitte\AppData\Locallow\DataMngr;fs
 C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha;fs
 C:\Users\Brigitte\AppData\Locallow\ilividmoviestoolbarha;fs
 C:\Users\Brigitte\daemonprocess.txt;f

  • Klik op de knop "Options" en vink nu de onderstaande opties aan.
  • Do a Quick Scan

  • Auto Clean
  • De optie "Scan All Users" staat standaard aangevinkt.
  • Klik nu op de knop "Run script".
  • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
  • Mocht er geen logje verschijnen, start zoek.exe dan opnieuw en klik op de knop zoek-results.log, de log verschijnt dan alsnog.
  • Post het geopende logje in het volgende bericht.

Link naar reactie
Delen op andere sites

OK... ik was dus wat te snel....

hieronder het volgende logje!

Greetz

Steven

Zoek.exe v5.0.0.0 Updated 18-Januari-2014

Tool run by Brigitte on Sat 18/01/2014 at 21:09:29,22.

Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x86

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Brigitte\Desktop\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== Older Logs ======================

C:\zoek-results2014-01-18-182941.log 48291 bytes

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== FireFox Fix ======================

ProfilePath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default

---- Lines CT2724386 removed from prefs.js ----

user_pref("CT2724386..clientLogIsEnabled", true);

user_pref("CT2724386..clientLogServiceUrl", "http://clientlog.users.conduit.com/ClientDiagnostics.asmx/ReportDiagnosticsEvent");

user_pref("CT2724386..uninstallLogServiceUrl", "http://uninstall.users.conduit.com/Uninstall.asmx/RegisterToolbarUninstallation");

user_pref("CT2724386.ALLOW_SHOWING_HIDDEN_TOOLBAR", false);

user_pref("CT2724386.AboutPrivacyUrl", "http://www.conduit.com/privacy/Default.aspx");

user_pref("CT2724386.BrowserCompStateIsOpen_129464706887642629", true);

user_pref("CT2724386.BrowserCompStateIsOpen_129851871904280954", true);

user_pref("CT2724386.BrowserCompStateIsOpen_129904362604336829", true);

user_pref("CT2724386.CTID", "CT2724386");

user_pref("CT2724386.CurrentServerDate", "25-11-2012");

user_pref("CT2724386.DSInstall", false);

user_pref("CT2724386.DialogsAlignMode", "LTR");

user_pref("CT2724386.DialogsGetterLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.DownloadReferralCookieData", "");

user_pref("CT2724386.FirstServerDate", "25-11-2012");

user_pref("CT2724386.FirstTime", true);

user_pref("CT2724386.FirstTimeFF3", true);

user_pref("CT2724386.FirstTimeHiddenVer", true);

user_pref("CT2724386.FixPageNotFoundErrors", false);

user_pref("CT2724386.GroupingServerCheckInterval", 1440);

user_pref("CT2724386.GroupingServiceUrl", "http://grouping.services.conduit.com/");

user_pref("CT2724386.HPInstall", false);

user_pref("CT2724386.HasUserGlobalKeys", true);

user_pref("CT2724386.Initialize", true);

user_pref("CT2724386.InitializeCommonPrefs", true);

user_pref("CT2724386.InstallationAndCookieDataSentCount", 1);

user_pref("CT2724386.InstallationId", "ConduitNSISIntegration");

user_pref("CT2724386.InstallationType", "ConduitNSISIntegration");

user_pref("CT2724386.InstalledDate", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.InvalidateCache", false);

user_pref("CT2724386.IsGrouping", false);

user_pref("CT2724386.IsInitSetupIni", true);

user_pref("CT2724386.IsOpenThankYouPage", false);

user_pref("CT2724386.IsOpenUninstallPage", true);

user_pref("CT2724386.LanguagePackLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.LanguagePackReloadIntervalMM", 1440);

user_pref("CT2724386.LanguagePackServiceUrl", "http://translation.users.conduit.com/Translation.ashx");

user_pref("CT2724386.LastLogin_3.12.2.3", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.LatestVersion", "3.16.0.3");

user_pref("CT2724386.Locale", "en");

user_pref("CT2724386.MCDetectTooltipHeight", "83");

user_pref("CT2724386.MCDetectTooltipUrl", "http://@EB_INSTALL_LINK@/rank/tooltip/?version=1");

user_pref("CT2724386.MCDetectTooltipWidth", "295");

user_pref("CT2724386.MyStuffEnabledAtInstallation", true);

user_pref("CT2724386.OriginalFirstVersion", "3.12.2.3");

user_pref("CT2724386.RadioIsPodcast", false);

user_pref("CT2724386.RadioLastCheckTime", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.RadioLastUpdateIPServer", "3");

user_pref("CT2724386.RadioLastUpdateServer", "129249036863500000");

user_pref("CT2724386.RadioMediaID", "21080102");

user_pref("CT2724386.RadioMediaType", "Media Player");

user_pref("CT2724386.RadioMenuSelectedID", "EBRadioMenu_CT272438621080102");

user_pref("CT2724386.RadioShrinkedFromSetup", false);

user_pref("CT2724386.RadioStationName", "Mix%201620%20Am");

user_pref("CT2724386.RadioStationURL", "http://69.115.65.9:8000");

user_pref("CT2724386.SearchCaption", "IncrediMail MediaBar 2 Customized Web Search");

user_pref("CT2724386.SearchFromAddressBarIsInit", true);

user_pref("CT2724386.SearchFromAddressBarUrl", "http://search.conduit.com/ResultsExt.aspx?ctid=CT2724386&q=");

user_pref("CT2724386.SearchInNewTabEnabled", true);

user_pref("CT2724386.SearchInNewTabIntervalMM", 1440);

user_pref("CT2724386.SearchInNewTabLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.SearchInNewTabServiceUrl", "http://newtab.conduit-hosting.com/newtab/?ctid=EB_TOOLBAR_ID");

user_pref("CT2724386.SendProtectorDataViaLogin", true);

user_pref("CT2724386.ServiceMapLastCheckTime", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.SettingsLastCheckTime", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.SettingsLastUpdate", "1352142245");

user_pref("CT2724386.TBHomePageUrl", "http://search.conduit.com/?ctid=CT2724386&SearchSource=13");

user_pref("CT2724386.ThirdPartyComponentsInterval", 504);

user_pref("CT2724386.ThirdPartyComponentsLastCheck", "Sun Nov 25 2012 21:07:57 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.ThirdPartyComponentsLastUpdate", "1331805997");

user_pref("CT2724386.ToolbarShrinkedFromSetup", false);

user_pref("CT2724386.TrusteLinkUrl", "http://trust.conduit.com/CT2724386");

user_pref("CT2724386.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,client.conduit-storage.com,OurToolbar.com,CommunityTool

user_pref("CT2724386.UserID", "UN34769622826360073");

user_pref("CT2724386.WeatherNetwork", "");

user_pref("CT2724386.WeatherPollDate", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.WeatherUnit", "C");

user_pref("CT2724386.alertChannelId", "1116652");

user_pref("CT2724386.autoDisableScopes", -1);

user_pref("CT2724386.backendstorage./9b+7e+x305", "247E27413334363379453A3D2A722C797A7E7A3128333B474953462D584D503D263F2D2E3135443B464E4F5B565E695B426

user_pref("CT2724386.backendstorage./9b+7e,x305", "247E28412F3F3E3779453A3D2A722C797B787D3128333C4748402C574C4F3C253E2C2E2B2F433A454E59505B57676A66426

user_pref("CT2724386.backendstorage./9b+7e-x305", "247E2936303C363679453A3D2A722C797A207B3128333D462B554A4D4B4749594D33535D4F432C45333439344A414C565B5

user_pref("CT2724386.backendstorage./9b+7e.:2z527", "2423");

user_pref("CT2724386.backendstorage./9b+7e06cg5el8:", "6E6D6C6F6B6D71766E72");

user_pref("CT2724386.backendstorage./9b+7e06cg5el;8i:k", "247E2D2F226A747372757173777C7478242F4B49474F42357D5D5C3D");

user_pref("CT2724386.backendstorage./9b+7e4x305", "247E302C407642373A276F29777B74762E2530413E4F494A522B55553A233C2B2F282941384354515E5D56615F56685C426

user_pref("CT2724386.backendstorage./9b+7ebe3g=;d9n9=d", "372C2D326975762E3A3C7B3A39434A494841434B265146492965504656496571734D334B57");

user_pref("CT2724386.backendstorage./9b-0?3g>d", "6C6A3D41414172417A4572467920794A7820257D2220232A7E232455265757282C5C2F2C");

user_pref("CT2724386.backendstorage./9b-0?3g@6:5;", "");

user_pref("CT2724386.backendstorage./9b-3=3eccja=f>", "247E333D2C452F4135276F297B7E7D21202F26313E4249357D37382F3A494D5D513F283338435D6554695B65546D576

user_pref("CT2724386.backendstorage./9b/>01=9a6k6<im;krie@pdawm", "6A696B7273747576");

user_pref("CT2724386.backendstorage./9b3=>@44i48?", "372C2D326975763342363341484777213F3E484F4E4D4648502B564B4E2E5959595F4C564F3764535750");

user_pref("CT2724386.backendstorage./9b5ba==9cjag", "6F6B6E3D3F3F6C737A73767345464C787B4F207C51");

user_pref("CT2724386.backendstorage./9b6b11g4c56b>f;p;anr@p", "6E6D6C6F6B6D71766E73737473");

user_pref("CT2724386.backendstorage./9b9643g3/9e", "6A");

user_pref("CT2724386.backendstorage./9b;45>:bi9i7ie", "2B2E2C3D");

user_pref("CT2724386.backendstorage./9b<:222h64<", "393F352F3E");

user_pref("CT2724386.backendstorage./9b<:222h64<l8daj", "6D7070707673747975732A787B727D7675207B");

user_pref("CT2724386.backendstorage./9b=+03eh8h8j?:", "4443");

user_pref("CT2724386.backendstorage./9b?+e2a52d8", "372C2D326975762E3A3C7B3A39434A494841434B2651464929655046566470727951555E5E52");

user_pref("CT2724386.backendstorage./9b?b0d:8aj62<h", "6D");

user_pref("CT2724386.backendstorage./9ba@0<0bi6a7gn:6@l?", "6E6B");

user_pref("CT2724386.backendstorage.cbfirsttime", "53756E204E6F7620323520323031322032313A30383A313420474D542B303130302028526F6D616E636520287374616E646

user_pref("CT2724386.backendstorage.http://api28_thetrafficstat_net.pid2", "32303762646130383238653664623337");

user_pref("CT2724386.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.conduit.com;apps.conduit.com;services.apps.conduit.

user_pref("CT2724386.globalFirstTimeInfoLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.homepageProtectorEnableByLogin", true);

user_pref("CT2724386.initDone", true);

user_pref("CT2724386.isAppTrackingManagerOn", true);

user_pref("CT2724386.isFirstRadioInstallation", false);

user_pref("CT2724386.myStuffEnabled", true);

user_pref("CT2724386.myStuffPublihserMinWidth", 400);

user_pref("CT2724386.myStuffSearchUrl", "http://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOrigin=29&ctid=EB_TOOLBAR_ID&octid=EB_ORIGINAL_CTID"

user_pref("CT2724386.myStuffServiceIntervalMM", 1440);

user_pref("CT2724386.myStuffServiceUrl", "http://mystuff.conduit-services.com/MyStuffService.ashx?ComponentId=EB_MY_STUFF_INSTANCE_GUID&lut=EB_MY_STUF

user_pref("CT2724386.navigateToUrlOnSearch", false);

user_pref("CT2724386.revertSettingsEnabled", true);

user_pref("CT2724386.searchProtectorDialogDelayInSec", 10);

user_pref("CT2724386.searchProtectorEnableByLogin", true);

user_pref("CT2724386.testingCtid", "");

user_pref("CT2724386.toolbarAppMetaDataLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))");

user_pref("CT2724386.toolbarContextMenuLastCheckTime", "Sun Nov 25 2012 21:08:11 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.ETag.http://Settings.toolbar.search.conduit.com/root/CT2724386/CT2724386", "\"9de81c057480df7103489501191bfde63\"");

user_pref("CommunityToolbar.ETag.http://appsmetadata.toolbar.conduit-services.com/?ctid=CT2724386", "\"1340713590\"");

user_pref("CommunityToolbar.ETag.http://servicemap.conduit-services.com/Toolbar/?ownerId=CT2724386", "\"f1c77625c0e9bd1c80a2fd6901845fa9\"");

user_pref("CommunityToolbar.ToolbarsList", "CT2724386");

user_pref("CommunityToolbar.ToolbarsList2", "CT2724386");

user_pref("CommunityToolbar.ToolbarsList4", "CT2724386");

---- Lines conduit removed from prefs.js ----

user_pref("CommunityToolbar.ETag.http://alerts.conduit-services.com/root/1116652/1112356/BE", "\"0\"");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=GottenApps&locale=en", "C5ZJe6gL80JBW5CuLy+wkg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=OtherApps&locale=en", "2E1/v7EfCEDbv3VaBQMELg==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=SharedApps&locale=en", "k9un27OkAvkwB2ZmvXxTnA==");

user_pref("CommunityToolbar.ETag.http://contextmenu.toolbar.conduit-services.com/?name=Toolbar&locale=en", "4BgM4MhF/sOgPsDNmIs3Yw==");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\"8076e3ce381dcd1:0\"");

user_pref("CommunityToolbar.ETag.http://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.12.2.3", "\"0343677cfb1cd1:0\"");

user_pref("CommunityToolbar.ETag.http://translation.toolbar.conduit-services.com/?locale=en", "\"e20848adcc9f63369aac91b7a8f5f90e\"");

user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\Brigitte\\AppData\\Roaming\\Mozilla\\Firefox\\Profiles\\98uikema.default\\conduitComm

user_pref("CommunityToolbar.notifications.clientsServerUrl", "http://alert.client.conduit.com");

user_pref("CommunityToolbar.notifications.servicesServerUrl", "http://alert.services.conduit.com");

---- Lines WebSearch removed from prefs.js ----

user_pref("browser.search.defaultenginename,S", "WebSearch");

user_pref("browser.search.defaulturl", "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q=

user_pref("browser.search.order.1", "WebSearch");

user_pref("browser.search.order.1,S", "WebSearch");

user_pref("browser.search.selectedEngine,S", "WebSearch");

user_pref("keyword.URL", "http://websearch.the-searcheng.info/?pid=1376&r=2013/09/14&hid=7941770573850309448&lg=EN&cc=BE&unqvl=35&l=1&q=");

---- Lines search.com removed from prefs.js ----

user_pref("CommunityToolbar.originalHomepage", "http://search.protectedsearch.com?si=41570&home=true&tid=3026");

user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "http://search.protectedsearch.com?si=41570&home=true&tid=3026&q=");

---- Lines Web Search removed from prefs.js ----

user_pref("browser.search.defaultengine", "Web Search");

user_pref("CommunityToolbar.originalSearchEngine", "Web Search");

---- Lines CommunityToolbar removed from prefs.js ----

user_pref("CommunityToolbar.globalUserId", "1a1e4e88-0a31-48bb-8509-0160f6b35c12");

user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);

user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);

user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.12.2.3");

user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Sun Nov 25 2012 21:07:59 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.notifications.alertEnabled", true);

user_pref("CommunityToolbar.notifications.alertInfoInterval", 60);

user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Sun Nov 25 2012 21:08:10 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.notifications.locale", "en");

user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);

user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Sun Nov 25 2012 21:07:58 GMT+0100 (Romance (standaardtijd))");

user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");

user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);

user_pref("CommunityToolbar.notifications.showTrayIcon", false);

user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);

user_pref("CommunityToolbar.notifications.userId", "c24d9db5-ed9b-49c0-9130-8ba38b9f9339");

---- Lines dosearches removed from prefs.js ----

user_pref("browser.newtab.url", "http://www.dosearches.com/newtab/?utm_source=b&utm_medium=slbnew&utm_campaign=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&

user_pref("browser.search.defaultenginename", "dosearches");

user_pref("browser.search.selectedEngine", "dosearches");

user_pref("browser.startup.homepage", "http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIB

---- Lines browser.startup.page removed from prefs.js ----

user_pref("browser.startup.page", 3);

---- FireFox user.js and prefs.js backups ----

user_20141801_2118_.backup

prefs_20141801_2118_.backup

==== Registry Fix Code ======================

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command]

@="C:\\Program Files\\Mozilla Firefox\\firefox.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command]

@="C:\\Program Files\\Internet Explorer\\iexplore.exe"

==== Deleting Files \ Folders ======================

C:\Users\Brigitte\AppData\Local\Mobogenie deleted

C:\Users\Brigitte\AppData\Local\genienext deleted

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie deleted

C:\Users\Brigitte\AppData\Locallow\DataMngr deleted

C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha deleted

C:\Users\Brigitte\AppData\Locallow\ilividmoviestoolbarha deleted

C:\Program Files\Mozilla Firefox deleted

C:\Program Files\ViewPassword deleted

C:\windows\Tasks\ViewPassword update.job deleted

C:\windows\system32\Tasks\ViewPassword update deleted

C:\Users\Brigitte\daemonprocess.txt deleted

C:\Users\Brigitte\.android deleted

C:\Program Files\EZDownloader deleted

C:\Program Files\ss helper deleted

C:\Program Files\Protected Search deleted

C:\Program Files\WebSearch deleted

C:\Program Files\The Sea App (Internet Explorer) deleted

C:\Program Files\Conduit deleted

C:\Users\Brigitte\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk deleted

C:\Users\Brigitte\AppData\Roaming\UpdaterEX deleted

C:\Users\Brigitte\AppData\Roaming\DealPly deleted

C:\ProgramData\eSafe deleted

C:\ProgramData\saaVEnshAre deleted

C:\ProgramData\SearchNewTab deleted

C:\ProgramData\InstallMate deleted

C:\Users\Brigitte\AppData\Local\SearchProtect deleted

C:\Users\Brigitte\AppData\Local\cache deleted

C:\Users\Brigitte\AppData\Local\Conduit deleted

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EZDownloader deleted

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Protected Search deleted

C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk deleted

C:\windows\System32\Tasks\DealPly deleted

C:\Users\Brigitte\Downloads\iLividSetup-r1040-n-bi.exe deleted

C:\Users\Brigitte\Downloads\iLividSetup-r120-n-bi.exe deleted

C:\Users\Brigitte\Downloads\SoftonicDownloader_voor_avg-antivirus-free-2014.exe deleted

C:\Users\Brigitte\AppData\LocalLow\uTorrentControl_v2 deleted

C:\Users\Brigitte\AppData\LocalLow\SimplyTech deleted

C:\Users\Brigitte\AppData\LocalLow\PriceGong deleted

C:\Users\Brigitte\AppData\LocalLow\Conduit deleted

C:\windows\system32\tasks\ProtectedSearch deleted

C:\windows\system32\tasks\UpdaterEX deleted

C:\windows\tasks\UpdaterEX.job deleted

C:\windows\Launcher.exe deleted

C:\windows\System32\SearchProtect deleted

C:\Users\Brigitte\Documents\Optimizer Pro deleted

C:\Users\Brigitte\Documents\Mobogenie deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\firefox@glindorus.net.xpi deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\ilividmoviestoolbarha deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\staged deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\CT2724386 deleted

C:\Users\Public\Desktop\EZDownloader.lnk deleted

C:\Users\Brigitte\Desktop\iLivid.lnk deleted

C:\Users\Brigitte\Desktop\Mobogenie.lnk deleted

C:\Users\Brigitte\Desktop\avg_free_stb_all_2014_4158_softonic.exe deleted

C:\Users\Brigitte\Desktop\werk\avg_free_stb_all_2014_4158_softonic[1].exe deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6} deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{83ac1a2f-92fc-4314-bc93-c5782d0ba7be} deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\extensions\{d40b90b4-d3b1-4d6b-a5d7-dc041c1b76c0} deleted

C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\conduitCommon deleted

==== Files Recently Created / Modified ======================

====== C:\windows ====

====== C:\Users\Brigitte\AppData\Local\Temp ====

2014-01-14 12:17:46 282791611C9DBA51A4425DE58CC8DF27 7710720 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\01141317-00001f48-wxm4arvyf7\WLXSuite.msi

2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe

2014-01-05 13:34:59 984CC93BB0EF86A0B4825269D8379D81 774424 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\GoogleUpdateSetup.exe

2014-01-05 13:34:59 4C8C0B0340C6234649C7F91FB5E89A54 571272 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\CRX_DF399A9B283A\ChromeRecovery.exe

====== Java Cache =====

====== C:\windows\system32 =====

2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\windows\System32\win32k.sys

2014-01-14 12:17:25 8A4CEBF34370D689E198E6673C1F2C40 74072 ----a-w- C:\windows\System32\XAPOFX1_5.dll

2014-01-14 12:17:25 81DFDDFB401D663BA7E6AD1C80364216 527192 ----a-w- C:\windows\System32\XAudio2_7.dll

2014-01-14 12:17:25 1C9B45E87528B8BB8CFA884EA0099A85 2106216 ----a-w- C:\windows\System32\D3DCompiler_43.dll

2014-01-14 12:17:24 8E0BB968FF41D80E5F2C747C04DB79AE 248672 ----a-w- C:\windows\System32\d3dx11_43.dll

2014-01-14 12:17:24 501AC862517C5445742BEE8A2B88414E 453456 ----a-w- C:\windows\System32\d3dx10_42.dll

====== C:\windows\system32\drivers =====

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\windows\System32\drivers\usbhub.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\windows\System32\drivers\usbport.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\windows\System32\drivers\usbehci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\windows\System32\drivers\usbohci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\windows\System32\drivers\usbuhci.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\windows\System32\drivers\usbd.sys

2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\windows\System32\drivers\netio.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\windows\System32\drivers\usbccgp.sys

====== C:\windows\Tasks ======

====== C:\windows\Temp ======

======= C:\Program Files =====

2014-01-18 16:36:23 -------- d-----w- C:\Program Files\trend micro

2014-01-18 13:16:45 -------- d-----w- C:\Program Files\Lavasoft

2014-01-16 17:46:09 -------- d-----w- C:\Program Files\EuroTalk Interactive

======= C: =====

====== C:\Users\Brigitte\AppData\Roaming ======

2014-01-18 13:20:37 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\LavasoftStatistics

2014-01-16 17:46:14 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\EuroTalk

2014-01-15 12:28:52 978ABE7248592A3665A5D9B5BEEFD3EE 288 ----a-w- C:\Users\Brigitte\AppData\Roaming\.backup.dm

2014-01-01 12:16:56 -------- d-----w- C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch

2014-01-01 12:16:31 -------- d-----w- C:\Users\Brigitte\AppData\Local\Torch

====== C:\Users\Brigitte ======

2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe

2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe

2014-01-18 14:36:20 -------- d-----w- C:\ProgramData\BitDefender

2014-01-18 13:15:46 -------- d-----w- C:\ProgramData\Lavasoft

2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe

2014-01-16 17:46:09 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EuroTalk Talk Now!

2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe

2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe

2014-01-01 12:17:06 -------- d-----w- C:\ProgramData\TorchCrashHandler

2013-12-28 20:22:51 -------- d-----w- C:\ProgramData\AVG 1213b Campaign

====== C: exe-files ==

2014-01-18 17:04:08 E2282FC6D371FE1D91FBBFA9C3C9D3B8 1009952 ----a-w- C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda\10.26.0.540_0\nativeMessaging\TBMessagingHost.exe

2014-01-18 16:38:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Desktop\RSIT (1).exe

2014-01-18 16:36:23 9A2347903D6EDB84C10F288BC0578C1C 388608 ----a-w- C:\Program Files\trend micro\Brigitte.exe

2014-01-18 16:35:59 69CA82A7482A00D8EE063D2B97FC4338 781383 ----a-w- C:\Users\Brigitte\Downloads\RSIT.exe

2014-01-18 13:14:44 37809BC5943630EC0109C60D7DF3E144 1725064 ----a-w- C:\Users\Brigitte\Downloads\Adaware_Installer.exe

2014-01-14 12:16:45 F5443547CAAC20AA334A88817579270F 525656 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7d35043c1cf112204\DXSETUP.exe

2014-01-14 12:16:43 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7c33ef9e1cf112203\DXSETUP.exe

2014-01-14 12:16:42 DDCE338BB173B32024679D61FB4F2BA6 537432 ----a-w- C:\Program Files\Common Files\Windows Live\.cache\7bbcead01cf112202\DXSETUP.exe

2014-01-14 12:14:40 F63BDFE7E5FD13DB94BE233F9A539A87 1239976 ----a-w- C:\Users\Brigitte\Desktop\wlsetup-web.exe

2014-01-14 12:14:40 8DD7D50F925BFC217BDA7BD1B0B79C19 20240944 ----a-w- C:\Users\Brigitte\AppData\Local\Temp\Mobogenie_Setup_2-1-37_587.exe

2014-01-14 12:02:59 48C539D4436F0CA806D9F0CE614E6C9B 17660184 ----a-w- C:\Users\Brigitte\Downloads\picasa39-setup.exe

=== C: other files ==

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbhub.sys

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbhub.sys

2014-01-15 07:05:44 EDF2DF71C4F1E13A6AC75F5224DE655A 258560 ----a-w- C:\Windows\System32\drivers\usbhub.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbport.sys

2014-01-15 07:05:44 EC2C5AF37B76D7B58C642CB74423DB7A 284672 ----a-w- C:\Windows\System32\drivers\usbport.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbehci.sys

2014-01-15 07:05:44 D40855F89B69305140BBD7E9A3BA2DA6 43520 ----a-w- C:\Windows\System32\drivers\usbehci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbohci.sys

2014-01-15 07:05:44 9828C8D14CC2676421778F0DE638CF97 20480 ----a-w- C:\Windows\System32\drivers\usbohci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbuhci.sys

2014-01-15 07:05:44 800AABFD625EEFF899F7E5496BDE37AB 24064 ----a-w- C:\Windows\System32\drivers\usbuhci.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usbport.inf_x86_neutral_d53c05ca022d95f2\usbd.sys

2014-01-15 07:05:44 74F805AB12EB0E3E49E469F19FF02640 6016 ----a-w- C:\Windows\System32\drivers\usbd.sys

2014-01-15 07:05:44 5DBD4F73E2A52FEED61DBAB3752E329C 240576 ----a-w- C:\Windows\System32\drivers\netio.sys

2014-01-15 07:05:44 1E882889A4314D6DF5DED4F6EC994E72 2349056 ----a-w- C:\Windows\System32\win32k.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\DriverStore\FileRepository\usb.inf_x86_neutral_4232097e28daf017\usbccgp.sys

2014-01-15 07:05:44 0803FBA9FE829D61AE26EC0BCC910C46 76288 ----a-w- C:\Windows\System32\drivers\usbccgp.sys

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run]

"Sidebar"="%ProgramFiles%\Windows\Sidebar.exe /autoRun"

[HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

[HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"mctadmin"="C:\Windows\System32\mctadmin.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"QLBController"="C:\Program Files\Hewlett-Packard\HP HotKey Support\QLBController.exe /start"

"IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"

"WirelessAssistant"="C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe"

"IgfxTray"="C:\windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\windows\system32\hkcmd.exe"

"Persistence"="C:\windows\system32\igfxpers.exe"

"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

"APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"

"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

"McAfeeUpdaterUI"="C:\Program Files\McAfee\Common Framework\udaterui.exe /StartedFromRunKey"

"LogMeIn GUI"="c:\Program Files\LogMeIn\x86\LogMeInSystray.exe"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray.exe"

"Windows Mobile Device Center"="%windir%\WindowsMobile\wmdc.exe "

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"LightScribe Control Panel"="C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden"

"Skype"="C:\Program Files\Skype\Phone\Skype.exe /minimized /regrun"

"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe /background"

"DAEMON Tools Lite"="C:\Program Files\DAEMON Tools Lite\DTLite.exe -autorun"

"Facebook Update"="C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

"uTorrent"="C:\Users\Brigitte\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

==== Startup Folders ======================

2012-04-03 17:32:12 848 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

==== Task Scheduler Jobs ======================

C:\windows\tasks\Adobe Flash Player Updater.job --a------ C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [06/01/2014 21:28]

C:\windows\tasks\AVG_SYS_TASK.job --a------ C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe [05/12/2013 19:06]

C:\windows\tasks\AVG_SYS_TASK_DELETE.job --a------ [undetermined Task]

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core.job --a------ [undetermined Task]

C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA.job --a------ C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe [13/07/2012 21:46]

C:\windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48]

C:\windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [18/07/2012 20:48]

==== Other Scheduled Tasks ======================

"C:\windows\system32\tasks\Adobe Flash Player Updater" [C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe]

"C:\windows\system32\tasks\AVG_SYS_TASK" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe]

"C:\windows\system32\tasks\AVG_SYS_TASK_DELETE" [C:\ProgramData\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe]

"C:\windows\system32\tasks\CreateChoiceProcessTask" [C:\Windows\System32\browserchoice.exe]

"C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001Core" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\windows\system32\tasks\FacebookUpdateTaskUserS-1-5-21-3337975368-1422288616-4262930686-1001UA" [C:\Users\Brigitte\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files\Google\Update\GoogleUpdate.exe]

"C:\windows\system32\tasks\{C850CDCE-2B72-458E-8CFF-58F265C69A33}" ["c:\program files\internet explorer\iexplore.exe" ]Download Skype op uw computer ? Mac, Windows, Linux ? Skype

"C:\windows\system32\tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask" [%systemroot%\system32\sc.exe start osppsvc]

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]

"{0b67060e-62bf-4fc6-a316-c327841d0451}"="C:\Program Files\ViewPassword\150.xpi" []

==== Firefox Extensions ======================

==== Firefox Plugins ======================

Profilepath: C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default

FF0D6F82A0EC13952E83B9439100E45D - C:\Users\Brigitte\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll - Facebook Video Calling Plugin

5B92CB0A3EEE50F6B9AE036B4F9B0F0C - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin

6209F3BD43FDA86699EEF01B9CF5F0CF - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.1

D72CC3C02764E28C691DBA9751FF8A86 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.1

BC405F582CAAC78AEDE4488E8A259FA1 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.1

C560D8A34A372EE10235938FD2D34CC3 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.1

AF28C98E0897F0475833D02D3CCFFF77 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.1

CABA1A399C7C7471DEBA73CB3BA5AADB - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.1

1D10BD2720963F6B6DB25ACB1F5CF8E9 - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.1

34E3709244736B8976820F730E5A8815 - C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll - Java Platform SE 6 U31

A878453A1714870EAADA83E6434BDB77 - C:\Program Files\Java\jre6\bin\plugin2\npdeployJava1.dll - Java Deployment Toolkit 6.0.310.5

A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin

8D43DE6F1385057B8AD2857547B7B828 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector

4676A8E1EE37E71486717ECD1E61C17B - C:\windows\system32\Adobe\Director\np32dsw.dll - Shockwave for Director / Shockwave for Director

8082F66DC9C8167FF1AA548736F58457 - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat

53FE2D34B143EFDB80685281E751B91C - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

aaaaabcbmongicmdegkmmfgdickgnnob - C:\Users\Brigitte\AppData\Local\ilividmoviestoolbarha\GC\toolbar.crx[]

ammjbfijeglcdlnlnhlkdhgjnlgmpehe - C:\Program Files\glindorus\ammjbfijeglcdlnlnhlkdhgjnlgmpehe.crx[]

ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[]

ifohbjbgfchkkfhphahclmkpgejiplfo - C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx[]

jmojojliiicbbihpjmiepllaiflnjobc - C:\Program Files\ViewPassword\150.crx[]

kjlkjjohncghchjiniokhljcgmlajgpb - C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx[25/10/2012 08:47]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions

ejpbbhjlbipncjklfjjaedaieimbmdda - C:\Users\Brigitte\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx[]

Movies Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

safeorWeb - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk

uTorrentControl_v2 - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda

Select City - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo

ViewPassword - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Protected Toolbar - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb

Google Wallet - Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Movies Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob

Ask Toolbar - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne

glindorus - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe

safeorWeb - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk

DropToS - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\cipmepknanmbbaneimacddfemfbfgpgo

Torch Games - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\elnodfjhjgpnmdhklbfeijeaehcgffnp

Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gcjbdjlojcomlphfchhihkigepfabcad

FaceLift - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\gimjmfipknpppbpmkdenjjpfhobiiojk

ViewPassword - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc

Torch Helper - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\lecpjhggilhbceadobnggaagnpfpafhg

Torch Torrent - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\mpdmibcjecdaibcnlilhiopefjgegjjc

Google Wallet - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Torch Music - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ohimbkoaphfnmekmfppijeblmkncneed

Hola - Brigitte\AppData\Local\Torch\User Data\Default\Extensions\pdehmppfilefbolgganhfihpbmjlgebh

==== Chrome Fix ======================

C:\Program Files\ProtectedToolbar\chrome\ProtectedToolbar.crx deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_app.mam.conduit.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_bing.conduit-services.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.conduit.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.the-searcheng.info_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_websearch.the-searcheng.info_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_f.dealply.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_f.dealply.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_h.dealply.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_h.dealply.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dosearches.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.dosearches.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vertalen.babylon.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_vertalen.babylon.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\http_nederlands.babylon.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_nl.softonic.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_b.scorecardresearch.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.protectedsearch.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.protectedsearch.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure.tlbsearch.com_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_secure.tlbsearch.com_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_ejpbbhjlbipncjklfjjaedaieimbmdda_0 deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ifohbjbgfchkkfhphahclmkpgejiplfo_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kjlkjjohncghchjiniokhljcgmlajgpb_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_kjlkjjohncghchjiniokhljcgmlajgpb_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\aaaalejpmnocmhmlbmlkjemekckoagne deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Extensions\bedpealjapilfepimonhfkclkafkeehk deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage-journal deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage deleted successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Local Storage\chrome-extension_bedpealjapilfepimonhfkclkafkeehk_0.localstorage-journal deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.conduit.com/?ctid=CT3312375&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=2&UP=SPC8117077-769C-4E32-B8B5-2D6088E47052&SSPV="

"Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}"

"Default_Page_URL"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307"

"Start Page"="http://www.dosearches.com/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=hp&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307"

"Search Page"="http://search.dosearches.com/web/?utm_source=b&utm_medium=slbnew&utm_campaign=rg&utm_content=ds&from=slbnew&uid=TOSHIBAXMK3256GSY_60BKF7GFSXX60BKF7GFS&ts=1383241307&type=default&q={searchTerms}"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.protectedsearch.com?si=41570&bs=true&tid=3026&q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Start Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Start Default_Page_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026"

"Default_Search_URL"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Bar"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

"Search Page"="http://search.protectedsearch.com?si=41570&home=true&tid=3026&q="

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}] not found

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://www.google.com"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchUrl]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchURI]

"(Default)"="http://search.msn.com/results.asp?q=%s"

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Search]

"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Bar"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"

"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

"Start Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]

"DefaultScope"="{6A1806CD-94D4-4689-BA73-E35EA1EA9990}"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE11SR"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully

HKEY_CLASSES_ROOT\CLSID\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e76da439-a1f1-4cfd-88c1-1fb8bac7e620} deleted successfully

==== Deleting CLSID Registry Values ======================

HKEY_USERS\S-1-5-21-3337975368-1422288616-4262930686-1001\Software\Mozilla\Firefox\Extensions\{0b67060e-62bf-4fc6-a316-c327841d0451} deleted successfully

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ammjbfijeglcdlnlnhlkdhgjnlgmpehe deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\jmojojliiicbbihpjmiepllaiflnjobc deleted successfully

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\kjlkjjohncghchjiniokhljcgmlajgpb deleted successfully

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{0F44DC3A-6E62-4961-A14B-95323C512F9B}_is1 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\iLivid deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\e9737a78-b8c6-4465-9feb-7e2a4f782ad9 deleted successfully

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\DealPly deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Mobogenie deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{62D82EC1-0D3A-DF54-8E3E-07E1337A5311} deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaCR deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbarhaIE deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\WsysControl deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\The Sea App deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\SP_b0285714 deleted successfully

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\Protected Search_is1 deleted successfully

==== Empty IE Cache ======================

C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Brigitte\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Users\Brigitte\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\LogMeInRemoteUser\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Brigitte\AppData\Local\Mozilla\Firefox\Profiles\98uikema.default\Cache emptied successfully

==== Empty Chrome Cache ======================

C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

C:\Users\Brigitte\AppData\Local\Torch\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=6210 folders=908 373562616 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Users\LogMeInRemoteUser\AppData\Local\Temp emptied successfully

C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Brigitte\AppData\Local\Temp will be emptied at reboot

C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied

C:\Users\Brigitte\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on Sat 18/01/2014 at 21:26:17,15 ======================

Link naar reactie
Delen op andere sites

Weer een massale opruiming achter de rug. Nu de volgende stap:

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

Voila,

dat is ook weer gebeurd... het ziet er al behoorlijk goed uit! Ik merk toch niets meer van al die miserie!

Hieronder het logje

# AdwCleaner v3.017 - Report created 18/01/2014 at 22:33:03

# Updated 12/01/2014 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (32 bits)

# Username : Brigitte - BRIGITTE-HP

# Running from : C:\Users\Brigitte\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : torchcrashhandler

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\torchcrashhandler

Folder Deleted : C:\Users\Brigitte\AppData\Local\torch

Folder Deleted : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch

File Deleted : C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\user.js

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk

Shortcut Disinfected : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk

Shortcut Disinfected : C:\Users\Brigitte\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk

***** [ Registry ] *****

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B5DC0358-0324-4424-BB0C-006A8AE1D91E}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5DC0358-0324-4424-BB0C-006A8AE1D91E}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E6C46FD7-4730-4F92-8927-0335A097B129}

Key Deleted : HKCU\Software\Classes\iLivid.torrent

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\conduit.com

Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab

Key Deleted : HKLM\SOFTWARE\Classes\SearchNewTab.SearchNewTab.1.0

Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard

Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1

Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band

Key Deleted : HKLM\SOFTWARE\Classes\wtb.Band.1

Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource

Key Deleted : HKLM\SOFTWARE\Classes\wtb.NotificationSource.1

Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl

Key Deleted : HKLM\SOFTWARE\Classes\wtb.SourceSinkImpl.1

Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo

Key Deleted : HKLM\SOFTWARE\Classes\wtb.ToolbarInfo.1

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\Mobogenie.exe

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe

Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]

Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]

Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]

Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SP_360582d7

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT2724386

Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3220468

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3FC27B34-0C19-49DA-875E-1875DDD4A6B2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A928E66C-F501-4E66-9953-855C712F93B2}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DA8B89E-0C65-403B-8231-AB22ECFA0687}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A928E66C-F501-4E66-9953-855C712F93B2}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0E28FA0-DF07-44B6-95CE-48BE26DB9266}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E6B4EE8F-C38E-4994-BE28-229A3F92262C}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FCA8936E-403A-4487-A966-70F80F1D5A6A}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{537F4F0B-3542-4C7D-A3E5-CF121482696C}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CFD485F0-96BD-47CD-BB6D-CD7DDA95F102}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0CB473D1-AE5F-4E82-8BFE-A7613A79DDFB}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D40F3125-FEDE-4A62-BDFA-1A0F9544B564}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}

Key Deleted : HKCU\Software\APN DTX

Key Deleted : HKCU\Software\Conduit

Key Deleted : HKCU\Software\DataMngr

Key Deleted : HKCU\Software\glindorus

Key Deleted : HKCU\Software\ilivid

Key Deleted : HKCU\Software\IM

Key Deleted : HKCU\Software\ImInstaller

Key Deleted : HKCU\Software\InstallCore

Key Deleted : HKCU\Software\ProtectedSearch

Key Deleted : HKCU\Software\simplytech

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKCU\Software\torch

Key Deleted : HKCU\Software\UpdaterEX

Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKCU\Software\AppDataLow\SProtector

Key Deleted : HKCU\Software\AppDataLow\Toolbar

Key Deleted : HKCU\Software\AppDataLow\Software\Conduit

Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes

Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong

Key Deleted : HKCU\Software\AppDataLow\Software\simplytech

Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar

Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentControl_v2

Key Deleted : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}

Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}

Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\DataMngr

Key Deleted : HKLM\Software\dosearchessoftware

Key Deleted : HKLM\Software\eSafeSecControl

Key Deleted : HKLM\Software\glindorus

Key Deleted : HKLM\Software\ImInstaller

Key Deleted : HKLM\Software\SearchProtect

Key Deleted : HKLM\Software\SP Global

Key Deleted : HKLM\Software\SProtector

Key Deleted : HKLM\Software\torch

Key Deleted : HKLM\Software\uTorrentControl_v2

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\UpdaterEX

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\dosearches Browser Protecter

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\glindorus

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentControl_v2 Toolbar

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v11.0 (nl)

[ File : C:\Users\Brigitte\AppData\Roaming\Mozilla\Firefox\Profiles\98uikema.default\prefs.js ]

Line Deleted : user_pref("CT3220468.autoDisableScopes", -1);

-\\ Google Chrome v31.0.1650.63

[ File : C:\Users\Brigitte\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage

Deleted : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [9563 octets] - [18/01/2014 22:32:25]

AdwCleaner[s0].txt - [8714 octets] - [18/01/2014 22:33:03]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8774 octets] ##########

Link naar reactie
Delen op andere sites

We gaan inderdaad de goede kant uit ;-)

Download de junkware_removal_tool.pngJunkware Removal Tool by Thisisu naar je bureaublad.

Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met JRT

(hier of hier) kan je lezen hoe je de gebruikte beveiligingssoftware kunt uitschakelen.

  • Dubbelklik op JRT.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • De tool zal vervolgens het systeem scannen.
  • De scan kan afhankelijk van je systeemspecificaties soms vrij lang duren, wacht geduldig af.
  • Als de scan gereed is zal er een logje (JRT.txt) op het bureaublad opgeslagen worden en automatisch worden geopend.
  • Post de inhoud van deze log in je volgende bericht als bijlage.

Link naar reactie
Delen op andere sites

Het volgende logje.... :-)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.0 (01.07.2014:1)

OS: Windows 7 Professional x86

Ran by Brigitte on Sun 19/01/2014 at 9:33:54,28

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\theseaapp

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\adawarebp

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\caphyon

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\Users\Brigitte\appdata\locallow\protectedtoolbar"

Successfully deleted: [Folder] "C:\Program Files\protectedtoolbar"

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on Sun 19/01/2014 at 9:36:13,71

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.