Beste bezoeker,
Welkom op PC Helpforum!

Ben je op zoek naar GRATIS hulp voor je computerprobleem?

Word vandaag lid, plaats je vraag online en het PC Helpforum-team helpt je graag verder.
Je kan lid worden als je hier klikt. Meer dan 40.000 leden deden reeds beroep op onze expertise. PC HELPFORUM vzw HELPT JE GRATIS !

Bent u reeds lid, en u ziet dit bericht? Klik dan rechtsbovenaan op inloggen of klik hier indien u uw wachtwoord bent vergeten.

Discussie gesloten
Resultaten: 1 t/m 7 van 7

portaldosites.com/

Dit is een discussie over portaldosites.com/ in het forum Archief Windows , en maakt deel van de Windows categorie; wanneer ik Firefox of Internet explorer opstart kom ik niet op Google maar op Portaldosites.com ik heb al met malwarebytes ...

  1. #1
    Lid
    Geregistreerd
    16 maart 2012
    Berichten
    25

    Standaard portaldosites.com/

    wanneer ik Firefox of Internet explorer opstart kom ik niet op Google maar op Portaldosites.com
    ik heb al met malwarebytes anti-Malware gescand deze geef geen malware dan heb ik met SuperAntiSpyware free Edition deze geeft 38 malwares van Yontoo deze zijn hopenlijk verwijderd die
    Yontoo kon ik niet uit mijn progammas verwijderen als ook Desk 365 niet
    wat staat er mij te doen ?
    beste dank al
    arlet

    zie hier mijn Hijackthi

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:00:15, on 20/04/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Hotkey Utility\tray.exe
    C:\Program Files\Launch Pad\LaunchPad.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\Belgium Identity Card\beid35gui.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Users\winston\AppData\Roaming\Yontoo\YontooDesktop.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
    C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\system32\conime.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\winston\Downloads\progammas\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Portaldosites.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Portaldosites.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Portaldosites.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Portaldosites.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Portaldosites.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Portaldosites.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Portaldosites.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Portaldosites.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
    O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
    O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
    O4 - HKLM\..\Run: [LaunchPad] "C:\Program Files\Launch Pad\LaunchPad.exe"
    O4 - HKLM\..\Run: [PowerManager] "C:\Program Files\Power Manager\PM.exe"
    O4 - HKLM\..\Run: [FSCRecovery] "c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe"
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [Desk 365] "C:\Program Files\Desk 365\desk365.exe" /autorun
    O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\winston\AppData\Roaming\Yontoo\YontooDesktop.exe"
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Dropbox.lnk = C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Desk 365 service (desksvc) - 337 Technology Limited. - C:\Program Files\Desk 365\deskSvc.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updateservice (gupdate1c9b622bce72db9) (gupdate1c9b622bce72db9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 10614 bytes

  2. #2
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    37.601

    Standaard

    Ga naar Start - Alle Programma's - Bureau-accessoires - Opdrachtprompt
    Windows Vista/7 gebruikers dienen de opdrachtprompt Als Administrator uit te voeren via het rechtsklik menu.
    Tik in: sc stop desksvc gevolgd door Enter.
    Tik in: sc delete desksvc gevolgd door Enter.
    Tik in: Exit om het venster te sluiten.

    Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie en laat ons weten welke foutmelding je kreeg.

    Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Portaldosites.com
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Portaldosites.com
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Portaldosites.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Portaldosites.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Portaldosites.com
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Portaldosites.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = Portaldosites.com
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = Portaldosites.com
    O4 - HKCU\..\Run: [Desk 365] "C:\Program Files\Desk 365\desk365.exe" /autorun
    O4 - HKCU\..\Run: [Yontoo Desktop] "C:\Users\winston\AppData\Roaming\Yontoo\YontooDesktop.exe"

    Klik op 'Fix checked' om de items te verwijderen.

    Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\\Program Files\\Trend Micro\\HiJackThis of C:\\Program Files (x86)\\Trend Micro\\HiJackThis.

    Download AdwCleaner by Xplode naar je bureaublad.



    Sluit alle openstaande vensters.
    • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
    • Voor XP: Gewoon dubbelklikken op AdwCleaner.
    • Klik vervolgens op Verwijderen.
    • Klik bij AdwCleaner – Informatie op OK
    • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK

    Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht, samen met het nieuwe logje van HijackThis.




  3. #3
    Lid
    Geregistreerd
    16 maart 2012
    Berichten
    25

    Standaard

    zie hier de log van AdwCleaner
    # AdwCleaner v2.200 - Verslag gemaakt op 21/04/2013 om 09:50:02
    # Geactualiseerd op 02/04/2013 door Xplode
    # Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (32 bits)
    # Gebruiker : winston - PC_VAN_WINSTON
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\winston\Desktop\adwcleaner.exe
    # Optie [Verwijderen]


    ***** [Diensten] *****

    Gestopt & Verwijdert : desksvc
    Gestopt & Verwijdert : Yontoo Desktop Updater

    ***** [Files / Mappen] *****

    File Verwijdert : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\searchplugins\SearchResul ts.xml
    Map Verwijdert : C:\Program Files\Common Files\337
    Map Verwijdert : C:\Program Files\Conduit
    Map Verwijdert : C:\Program Files\Desk 365
    Map Verwijdert : C:\Program Files\Mozilla Firefox\Extensions\quickstores@quickstores.de
    Map Verwijdert : C:\Program Files\Windows iLivid Toolbar
    Map Verwijdert : C:\Program Files\Yontoo
    Map Verwijdert : C:\ProgramData\~0
    Map Verwijdert : C:\ProgramData\eSafe
    Map Verwijdert : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desk 365
    Map Verwijdert : C:\ProgramData\Tarma Installer
    Map Verwijdert : C:\Users\winston\AppData\Local\Conduit
    Map Verwijdert : C:\Users\winston\AppData\Local\Ilivid Player
    Map Verwijdert : C:\Users\winston\AppData\Local\PackageAware
    Map Verwijdert : C:\Users\winston\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\winston\AppData\Roaming\Desk 365
    Map Verwijdert : C:\Users\winston\AppData\Roaming\eIntaller
    Map Verwijdert : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\ConduitCommon
    Map Verwijdert : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}
    Map Verwijdert : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\extensions\plugin@yontoo. com
    Map Verwijdert : C:\Users\winston\AppData\Roaming\Yontoo
    Map Verwijdert : C:\Windows\assembly\GAC_MSIL\QuickStoresToolbar

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\APN PIP
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\AskToolbar
    Sleutel Verwijdert : HKCU\Software\Ask.com
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Sleutel Verwijdert : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Sleutel Verwijdert : HKCU\Software\PIP
    Sleutel Verwijdert : HKCU\Software\Softonic
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\Desksvc
    Sleutel Verwijdert : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\063A857434EDED11A893800002C0A966
    Sleutel Verwijdert : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Desk 365
    Sleutel Verwijdert : HKLM\Software\PIP
    Sleutel Verwijdert : HKLM\Software\Tarma Installer
    Sleutel Verwijdert : HKLM\Software\V9

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16476

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v4.0.1 (nl)

    File : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608\prefs.js

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    File : C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\prefs.js

    C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\user.js ... Verwijdert !

    Verwijdert : user_pref("CT2865317..clientLogIsEnabled", true);
    Verwijdert : user_pref("CT2865317..clientLogServiceUrl", "hxxp://clientlog.users.conduit.com/ClientDiagnostics.as[...]
    Verwijdert : user_pref("CT2865317..uninstallLogServiceUrl", "hxxp://uninstall.users.conduit.com/Uninstall.asmx/Re[...]
    Verwijdert : user_pref("CT2865317.AboutPrivacyUrl", "hxxp://www.conduit.com/privacy/Default.aspx");
    Verwijdert : user_pref("CT2865317.CTID", "CT2865317");
    Verwijdert : user_pref("CT2865317.CurrentServerDate", "8-11-2011");
    Verwijdert : user_pref("CT2865317.DSChangedManually", true);
    Verwijdert : user_pref("CT2865317.DSInstall", true);
    Verwijdert : user_pref("CT2865317.DialogsAlignMode", "LTR");
    Verwijdert : user_pref("CT2865317.DialogsGetterLastCheckTime", "Mon Nov 07 2011 17:34:27 GMT+0100");
    Verwijdert : user_pref("CT2865317.DownloadReferralCookieData", "");
    Verwijdert : user_pref("CT2865317.EMailNotifierCheckInterval", "5");
    Verwijdert : user_pref("CT2865317.EMailNotifierLabelLength", 6);
    Verwijdert : user_pref("CT2865317.EMailNotifierPollDate", "Tue Nov 08 2011 14:27:15 GMT+0100");
    Verwijdert : user_pref("CT2865317.EMailNotifierSound", "NONE");
    Verwijdert : user_pref("CT2865317.FeedLastCount5397019970362056034", 78);
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156812186649977", "Mon Nov 07 2011 17:34:06 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813040823546", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813130095866", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813224203613", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813230837251", "Mon Nov 07 2011 17:34:06 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813454291735", "Mon Nov 07 2011 17:34:06 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813729834876", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156813860870021", "Mon Nov 07 2011 17:34:06 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156814264681793", "Mon Nov 07 2011 17:34:06 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156814863075366", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedPollDate2429156815257761081", "Mon Nov 07 2011 17:34:05 GMT+0100");
    Verwijdert : user_pref("CT2865317.FeedTTL2429156813130095866", 10);
    Verwijdert : user_pref("CT2865317.FeedTTL2429156814264681793", 5);
    Verwijdert : user_pref("CT2865317.FirstServerDate", "7-11-2011");
    Verwijdert : user_pref("CT2865317.FirstTime", true);
    Verwijdert : user_pref("CT2865317.FirstTimeFF3", true);
    Verwijdert : user_pref("CT2865317.FixPageNotFoundErrors", false);
    Verwijdert : user_pref("CT2865317.GroupingServerCheckInterval", 1440);
    Verwijdert : user_pref("CT2865317.GroupingServiceUrl", "hxxp://grouping.services.conduit.com/");
    Verwijdert : user_pref("CT2865317.HPInstall", false);
    Verwijdert : user_pref("CT2865317.HasUserGlobalKeys", true);
    Verwijdert : user_pref("CT2865317.HomePageProtectorEnabled", false);
    Verwijdert : user_pref("CT2865317.HomepageBeforeUnload", "hxxp://www.google.be/");
    Verwijdert : user_pref("CT2865317.Initialize", true);
    Verwijdert : user_pref("CT2865317.InitializeCommonPrefs", true);
    Verwijdert : user_pref("CT2865317.InstallationAndCookieDataSentCount", 3);
    Verwijdert : user_pref("CT2865317.InstallationType", "UnknownIntegration");
    Verwijdert : user_pref("CT2865317.InstalledDate", "Mon Nov 07 2011 17:34:01 GMT+0100");
    Verwijdert : user_pref("CT2865317.IsAlertDBUpdated", true);
    Verwijdert : user_pref("CT2865317.IsGrouping", false);
    Verwijdert : user_pref("CT2865317.IsInitSetupIni", true);
    Verwijdert : user_pref("CT2865317.IsMulticommunity", false);
    Verwijdert : user_pref("CT2865317.IsOpenThankYouPage", true);
    Verwijdert : user_pref("CT2865317.IsOpenUninstallPage", false);
    Verwijdert : user_pref("CT2865317.IsProtectorsInit", true);
    Verwijdert : user_pref("CT2865317.LanguagePackLastCheckTime", "Tue Nov 08 2011 17:34:31 GMT+0100");
    Verwijdert : user_pref("CT2865317.LanguagePackReloadIntervalMM", 1440);
    Verwijdert : user_pref("CT2865317.LanguagePackServiceUrl", "hxxp://translation.users.conduit.com/Translation.ashx[...]
    Verwijdert : user_pref("CT2865317.LastLogin_3.7.0.6", "Tue Nov 08 2011 17:33:52 GMT+0100");
    Verwijdert : user_pref("CT2865317.LatestVersion", "3.8.0.8");
    Verwijdert : user_pref("CT2865317.Locale", "nl");
    Verwijdert : user_pref("CT2865317.MCDetectTooltipHeight", "83");
    Verwijdert : user_pref("CT2865317.MCDetectTooltipShow", false);
    Verwijdert : user_pref("CT2865317.MCDetectTooltipUrl", "hxxp://@EB_INSTALL_LINK@/rank/tooltip/?version=1");
    Verwijdert : user_pref("CT2865317.MCDetectTooltipWidth", "295");
    Verwijdert : user_pref("CT2865317.MyStuffEnabledAtInstallation", true);
    Verwijdert : user_pref("CT2865317.OriginalFirstVersion", "3.7.0.6");
    Verwijdert : user_pref("CT2865317.SavedHomepage", "hxxp://www.google.be/");
    Verwijdert : user_pref("CT2865317.SearchCaption", "uTorrentBar_NL Customized Web Search");
    Verwijdert : user_pref("CT2865317.SearchEngineBeforeUnload", "Bing");
    Verwijdert : user_pref("CT2865317.SearchFromAddressBarIsInit", true);
    Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
    Verwijdert : user_pref("CT2865317.SearchInNewTabEnabled", true);
    Verwijdert : user_pref("CT2865317.SearchInNewTabIntervalMM", 1440);
    Verwijdert : user_pref("CT2865317.SearchInNewTabLastCheckTime", "Tue Nov 08 2011 17:34:34 GMT+0100");
    Verwijdert : user_pref("CT2865317.SearchInNewTabServiceUrl", "hxxp://newtab.conduit-hosting.com/newtab/?ctid=EB_T[...]
    Verwijdert : user_pref("CT2865317.SearchInNewTabUsageUrl", "hxxp://usage.hosting.toolbar.conduit-services.com/usa[...]
    Verwijdert : user_pref("CT2865317.SearchProtectorEnabled", false);
    Verwijdert : user_pref("CT2865317.SearchProtectorToolbarDisabled", false);
    Verwijdert : user_pref("CT2865317.SendProtectorDataViaLogin", true);
    Verwijdert : user_pref("CT2865317.ServiceMapLastCheckTime", "Tue Nov 08 2011 17:33:52 GMT+0100");
    Verwijdert : user_pref("CT2865317.SettingsLastCheckTime", "Tue Nov 08 2011 17:33:52 GMT+0100");
    Verwijdert : user_pref("CT2865317.SettingsLastUpdate", "1313478222");
    Verwijdert : user_pref("CT2865317.TBHomePageUrl", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13");
    Verwijdert : user_pref("CT2865317.ThirdPartyComponentsInterval", 504);
    Verwijdert : user_pref("CT2865317.ThirdPartyComponentsLastCheck", "Mon Nov 07 2011 17:33:52 GMT+0100");
    Verwijdert : user_pref("CT2865317.ThirdPartyComponentsLastUpdate", "1256026239");
    Verwijdert : user_pref("CT2865317.ToolbarShrinkedFromSetup", false);
    Verwijdert : user_pref("CT2865317.TrusteLinkUrl", "hxxp://trust.conduit.com/CT2865317");
    Verwijdert : user_pref("CT2865317.TrustedApiDomains", "conduit.com,conduit-hosting.com,conduit-services.com,clien[...]
    Verwijdert : user_pref("CT2865317.UserID", "UN49884697431332390");
    Verwijdert : user_pref("CT2865317.ValidationData_Toolbar", 2);
    Verwijdert : user_pref("CT2865317.WeatherNetwork", "");
    Verwijdert : user_pref("CT2865317.WeatherPollDate", "Tue Nov 08 2011 14:07:16 GMT+0100");
    Verwijdert : user_pref("CT2865317.WeatherUnit", "C");
    Verwijdert : user_pref("CT2865317.alertChannelId", "1257316");
    Verwijdert : user_pref("CT2865317.approveUntrustedApps", false);
    Verwijdert : user_pref("CT2865317.backendstorage.cbfirsttime", "4D6F6E204E6F7620303720323031312031373A33343A35312[...]
    Verwijdert : user_pref("CT2865317.backendstorage.pairingkey", "32423246443443393230413430444545373944314439314230[...]
    Verwijdert : user_pref("CT2865317.components.129363015615494356", false);
    Verwijdert : user_pref("CT2865317.components.129363015617994372", false);
    Verwijdert : user_pref("CT2865317.components.129363015617994373", false);
    Verwijdert : user_pref("CT2865317.components.129416029873125873", false);
    Verwijdert : user_pref("CT2865317.components.129544682758064198", false);
    Verwijdert : user_pref("CT2865317.components.5397019970362056034", false);
    Verwijdert : user_pref("CT2865317.generalConfigFromLogin", "{\"ApiMaxAlerts\":\"12\",\"SocialDomains\":\"social.c[...]
    Verwijdert : user_pref("CT2865317.globalFirstTimeInfoLastCheckTime", "Tue Nov 08 2011 16:01:27 GMT+0100");
    Verwijdert : user_pref("CT2865317.homepageProtectorEnableByLogin", true);
    Verwijdert : user_pref("CT2865317.initDone", true);
    Verwijdert : user_pref("CT2865317.isAppTrackingManagerOn", true);
    Verwijdert : user_pref("CT2865317.myStuffEnabled", true);
    Verwijdert : user_pref("CT2865317.myStuffPublihserMinWidth", 400);
    Verwijdert : user_pref("CT2865317.myStuffSearchUrl", "hxxp://Apps.conduit.com/search?q=SEARCH_TERM&SearchSourceOr[...]
    Verwijdert : user_pref("CT2865317.myStuffServiceIntervalMM", 1440);
    Verwijdert : user_pref("CT2865317.myStuffServiceUrl", "hxxp://mystuff.conduit-services.com/MyStuffService.ashx?Co[...]
    Verwijdert : user_pref("CT2865317.oldAppsList", "129363015615025603,129363015615338104,111,1000234,12936301561549[...]
    Verwijdert : user_pref("CT2865317.revertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.searchProtectorDialogDelayInSec", 10);
    Verwijdert : user_pref("CT2865317.searchProtectorEnableByLogin", true);
    Verwijdert : user_pref("CT2865317.testingCtid", "");
    Verwijdert : user_pref("CT2865317.toolbarAppMetaDataLastCheckTime", "Tue Nov 08 2011 17:34:27 GMT+0100");
    Verwijdert : user_pref("CT2865317.toolbarContextMenuLastCheckTime", "Mon Nov 07 2011 17:34:31 GMT+0100");
    Verwijdert : user_pref("CT2865317.usagesFlag", 2);
    Verwijdert : user_pref("CommunityToolbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT2865317&Search[...]
    Verwijdert : user_pref("CommunityToolbar.ConduitSearchList", "uTorrentBar_NL Customized Web Search");
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://alerts.conduit-services.com/root/1257316/1252989/BE", "\"0\"[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://appsmetadata.toolbar.conduit-services.com/?ctid=CT2865317", [...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=GottenApps&lo[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=OtherApps&loc[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=SharedApps&lo[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://contextmenu.toolbar.conduit-services.com/?name=Toolbar&local[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.alert.conduit-services.com/alert/dlg.pkg", "\[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://dynamicdialogs.toolbar.conduit-services.com/DLG.pkg?ver=3.7.[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://servicemap.conduit-services.com/Toolbar/?ownerId=CT2865317",[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://settings.toolbar.conduit-services.com/?ctid=CT2865317&octid=[...]
    Verwijdert : user_pref("CommunityToolbar.ETag.hxxp://translation.toolbar.conduit-services.com/?locale=nl", "\"1ec[...]
    Verwijdert : user_pref("CommunityToolbar.LatestLibsPath", "file:///C:\\Users\\winston\\AppData\\Roaming\\Mozilla\[...]
    Verwijdert : user_pref("CommunityToolbar.LatestToolbarVersionInstalled", "3.7.0.6");
    Verwijdert : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://listen.grooveshark.com/ ", "800x599");
    Verwijdert : user_pref("CommunityToolbar.MiniIPageGadgetSize.hxxp://youtube.conduitapps.com/v115/gadget.php?appMo[...]
    Verwijdert : user_pref("CommunityToolbar.SearchFromAddressBarSavedUrl", "hxxp://search.bearshare.com/web?src=ffb&[...]
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList", "CT2865317");
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList2", "CT2865317");
    Verwijdert : user_pref("CommunityToolbar.ToolbarsList4", "CT2865317");
    Verwijdert : user_pref("CommunityToolbar.facebook.settingsLastCheckTime", "Mon Nov 07 2011 17:34:34 GMT+0100");
    Verwijdert : user_pref("CommunityToolbar.globalUserId", "ec28c625-a35e-407e-8d7c-7ce6c3c4deb5");
    Verwijdert : user_pref("CommunityToolbar.isAlertUrlAddedToFeedItemTable", true);
    Verwijdert : user_pref("CommunityToolbar.isClickActionAddedToFeedItemTable", true);
    Verwijdert : user_pref("CommunityToolbar.keywordURLSelectedCTID", "CT2865317");
    Verwijdert : user_pref("CommunityToolbar.notifications.alertDialogsGetterLastCheckTime", "Mon Nov 07 2011 17:34:2[...]
    Verwijdert : user_pref("CommunityToolbar.notifications.alertInfoInterval", 1440);
    Verwijdert : user_pref("CommunityToolbar.notifications.alertInfoLastCheckTime", "Mon Nov 07 2011 18:34:39 GMT+010[...]
    Verwijdert : user_pref("CommunityToolbar.notifications.clientsServerUrl", "hxxp://alert.client.conduit.com");
    Verwijdert : user_pref("CommunityToolbar.notifications.locale", "en");
    Verwijdert : user_pref("CommunityToolbar.notifications.loginIntervalMin", 1440);
    Verwijdert : user_pref("CommunityToolbar.notifications.loginLastCheckTime", "Tue Nov 08 2011 17:33:51 GMT+0100");
    Verwijdert : user_pref("CommunityToolbar.notifications.loginLastUpdateTime", "1313487611");
    Verwijdert : user_pref("CommunityToolbar.notifications.messageShowTimeSec", 20);
    Verwijdert : user_pref("CommunityToolbar.notifications.servicesServerUrl", "hxxp://alert.services.conduit.com");
    Verwijdert : user_pref("CommunityToolbar.notifications.showTrayIcon", false);
    Verwijdert : user_pref("CommunityToolbar.notifications.userCloseIntervalMin", 300);
    Verwijdert : user_pref("CommunityToolbar.notifications.userId", "8e036024-62a0-4226-b983-063fedbc4987");
    Verwijdert : user_pref("CommunityToolbar.originalHomepage", "hxxp://www.google.be/");
    Verwijdert : user_pref("CommunityToolbar.originalSearchEngine", "Bing");
    Verwijdert : user_pref("browser.search.defaultengine", "Ask.com");
    Verwijdert : user_pref("browser.search.defaultthis.engineName", "uTorrentBar_NL Customized Web Search");
    Verwijdert : user_pref("extensions.quickstores@quickstores.de.install-event-fired", true);
    Verwijdert : user_pref("quickstores.toolbar.affid", "2006");
    Verwijdert : user_pref("quickstores.toolbar.guid", "{695613C3-85E7-9BA5-6D34-65B4A229C172}");

    -\\ Google Chrome v [Onmogelijk de versie te verkrijgen]

    File : C:\Users\winston\AppData\Local\Google\Chrome\User Data\Default\Preferences

    [OK] De file bevat geen enkele ongeoorloofde invoer.

    *************************

    AdwCleaner[S1].txt - [19689 octets] - [21/04/2013 09:50:02]

    ########## EOF - C:\AdwCleaner[S1].txt - [19750 octets] ##########


    en deze van HijackThis

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:12:25, on 21/04/2013
    Platform: Windows Vista SP2 (WinNT 6.00.1906)
    MSIE: Internet Explorer v9.00 (9.00.8112.16476)
    Boot mode: Normal

    Running processes:
    C:\Windows\system32\taskeng.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\Dwm.exe
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragMonitorService.exe
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragActivityMonitor.exe
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Apoint2K\Apoint.exe
    C:\Program Files\Hotkey Utility\tray.exe
    C:\Program Files\Launch Pad\LaunchPad.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe
    C:\Program Files\Alwil Software\Avast5\AvastUI.exe
    C:\Program Files\Belgium Identity Card\beid35gui.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Windows\System32\igfxpers.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Windows Sidebar\sidebar.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\uTorrent\uTorrent.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Windows\system32\igfxsrvc.exe
    C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
    C:\Program Files\Apoint2K\ApMsgFwd.exe
    C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe
    C:\Windows\system32\NOTEPAD.EXE
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Apoint2K\Apntex.exe
    C:\Windows\ehome\ehmsas.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\winston\Downloads\progammas\HijackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://search.yahoo.com/search?fr=mcafee&p=%s
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.313\McAfeeMSS_IE.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O2 - BHO: Aanmeldhulp voor Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
    O4 - HKLM\..\Run: [RtHDVCpl] "RtHDVCpl.exe"
    O4 - HKLM\..\Run: [Apoint] "C:\Program Files\Apoint2K\Apoint.exe"
    O4 - HKLM\..\Run: [FIC HotKey] C:\Program Files\Hotkey Utility\tray.exe
    O4 - HKLM\..\Run: [LaunchPad] "C:\Program Files\Launch Pad\LaunchPad.exe"
    O4 - HKLM\..\Run: [PowerManager] "C:\Program Files\Power Manager\PM.exe"
    O4 - HKLM\..\Run: [FSCRecovery] "c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe"
    O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
    O4 - HKLM\..\Run: [DefragTaskBar] "C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
    O4 - HKLM\..\Run: [beid] "C:\Program Files\Belgium Identity Card\beid35gui.exe" /startup
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
    O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
    O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
    O4 - HKCU\..\Run: [Sidebar] "C:\Program Files\Windows Sidebar\sidebar.exe" /autoRun
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: Dropbox.lnk = C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe
    O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.313\SSScheduler.exe
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: Ashampoo Defrag Service (AshampooDefragService) - - C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\aDefragService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
    O23 - Service: Bonjour-service (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Firebird Server - MAGIX Instance (FirebirdServerMAGIXInstance) - MAGIX® - C:\Program Files\MAGIX\Common\Database\bin\fbserver.exe
    O23 - Service: Google Updateservice (gupdate1c9b622bce72db9) (gupdate1c9b622bce72db9) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
    O23 - Service: iPod-service (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
    O23 - Service: Fujitsu Diagnostic Testhandler (TestHandler) - Fujitsu Technology Solutions - C:\Program Files\Fujitsu\SystemDiagnostics\OnlineDiagnostic\TestManager\TestHandler.exe
    O23 - Service: UPnPService - Magix AG - C:\Program Files\Common Files\MAGIX Shared\UPnPService\UPnPService.exe

    --
    End of file - 8680 bytes

    alvast dank

    - - - Updated - - -

    ik heb firefox gesloten en terug geopend en het is nog steeds portaldosites.com die open in plaats van google via internet explorer
    is het in orde

  4. #4
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    37.601

    Standaard

    Er is al behoorlijk wat rommel verwijderd, maar dan kijken we nog even verder:

    Download zoek.exe naar het bureaublad.

    • Schakel je antivirus- en antispywareprogramma's uit, mogelijk kunnen ze conflicteren met zoek.exe
      (hier of hier) kan je lezen hoe je dat doet.
    • Dubbelklik op Zoek.exe om de tool te starten.
    • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
    • Kopieer nu onderstaande code en plak die in het grote invulvenster:
    • Note: Dit script is speciaal bedoeld voor deze PC, gebruik dit dan ook niet op andere PC's met een gelijkwaardig probleem.

    Code:
     
    startupall; 
    filesrcm;
    • Klik op de knop "Options" en vink nu de onderstaande opties aan.
      • Firefox Look
      • Chrome Look
      • Firefox Defaults
      • Reset Chrome
      • Reset IE proxy
      • Empty Temp Folders
      • Shortcut Fix
      • IE Defaults
      • Auto Clean

    • Klik daarna op de knop "Run script".
    • Wacht nu geduldig af tot er een logje opent (dit kan na een herstart zijn als deze benodigd is).
    • Mocht na de herstart geen logje verschijnen, start zoek.exe dan opnieuw, de log verschijnt dan alsnog.
    • Post nu de inhoud van het geopende logje in het volgende bericht.




  5. #5
    Lid
    Geregistreerd
    16 maart 2012
    Berichten
    25

    Standaard

    zie hier het logje van zoek.exe


    Zoek.exe Version 4.0.0.2 Updated 17-April-2013
    Tool run by winston on zo 21/04/2013 at 11:11:00,96.
    Microsoft® Windows Vista™ Home Premium 6.0.6002 Service Pack 2 x86
    Running in: Normal Mode Internet Access Detected

    ==== Deleting CLSID Registry Keys ======================

    HKEY_USERS\S-1-5-21-225639665-913216918-3013696451-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2A69} deleted successfully

    ==== Deleting CLSID Registry Values ======================


    ==== FireFox Fix ======================

    Deleted from C:\Users\Arlette\AppData\Roaming\Mozilla\Firefox\Profiles\j2oa866v.default\prefs.js:

    Added to C:\Users\Arlette\AppData\Roaming\Mozilla\Firefox\Profiles\j2oa866v.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    Deleted from C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.be/");
    user_pref("searchreset.backup.browser.startup.homepage", "http://www.google.be/");
    user_pref("browser.search.suggest.enabled", false);

    Added to C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    Deleted from C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.portaldosites.com/?utm_source=b&utm_medium=slbnew&from=slbnew&uid=FUJITSUXMHZ2500BTXG1_K701T8A26NFMT8A26NFMX&ts=136627 8531");
    user_pref("browser.search.defaultenginename", "portaldosites");
    user_pref("browser.search.selectedEngine", "portaldosites");
    user_pref("browser.search.order.1", "portaldosites");
    user_pref("keyword.URL", "http://search.bearshare.com/web?src=ffb&systemid=2&q=");
    user_pref("browser.search.useDBForOrder", true);

    Added to C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\prefs.js:
    user_pref("browser.startup.homepage", "http://www.google.com");
    user_pref("browser.search.defaulturl", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.newtab.url", "http://www.google.com/");
    user_pref("browser.search.defaultengine", "Google");
    user_pref("browser.search.defaultenginename", "Google");
    user_pref("browser.search.selectedEngine", "Google");
    user_pref("browser.search.order.1", "Google");
    user_pref("keyword.URL", "http://www.google.com/search?btnG=Google+Search&q=");
    user_pref("browser.search.suggest.enabled", true);
    user_pref("browser.search.useDBForOrder", true);

    ProfilePath: C:\Users\Arlette\AppData\Roaming\Mozilla\Firefox\Profiles\j2oa866v.default

    user.js not found
    ---- Lines CT2865317 removed from prefs.js ----


    ---- Lines CT2865317 modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----


    ---- Lines ask.com modified from prefs.js ----


    ---- Lines portaldosites removed from prefs.js ----


    ---- Lines portaldosites modified from prefs.js ----


    ---- Lines Search-Results removed from prefs.js ----


    ---- Lines Search-Results modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----


    ProfilePath: C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608

    user.js not found
    ---- Lines CT2865317 removed from prefs.js ----


    ---- Lines CT2865317 modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----


    ---- Lines ask.com modified from prefs.js ----


    ---- Lines portaldosites removed from prefs.js ----


    ---- Lines portaldosites modified from prefs.js ----


    ---- Lines Search-Results removed from prefs.js ----


    ---- Lines Search-Results modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_20132104_1116_.backup

    ProfilePath: C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default

    user.js not found
    ---- Lines CT2865317 removed from prefs.js ----


    ---- Lines CT2865317 modified from prefs.js ----


    ---- Lines ask.com removed from prefs.js ----

    user_pref("extensions.wrc.SearchRules.ask.com.style", ".WRCN {display:none} #yui-main .tsrc_vnru .title + .WRCN, #yui-main #teoma-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");
    user_pref("extensions.wrc.SearchRules.ask.com.url", "^http(s)?\\:\\/\\/(.+\\.)?ask\\.com\\/.*");

    ---- Lines ask.com modified from prefs.js ----


    ---- Lines portaldosites removed from prefs.js ----


    ---- Lines portaldosites modified from prefs.js ----


    ---- Lines Search-Results removed from prefs.js ----

    user_pref("extensions.wrc.SearchRules.rambler.ru.style", ".WRCN {display:none} .search-results .title + .WRCN {display:inline !important; background: url(\"IMAGE\") right no-repeat}");

    ---- Lines Search-Results modified from prefs.js ----


    ---- FireFox user.js and prefs.js backups ----

    prefs_20132104_1116_.backup

    ==== Deleting Files \ Folders ======================

    "C:\Program Files\Mozilla Firefox\searchplugins\portaldosites.xml" deleted
    "C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\CT2865317" deleted
    "C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default\CT2865317" deleted

    ==== Files Recently Created / Modified ======================

    ====== C:\Windows ====
    ====== C:\Users\winston\AppData\Local\Temp ====
    ====== C:\Windows\system32 =====
    2013-04-10 11:23:53 2E56BA5BC215B2AED2B790D42D8C1739 2382848 ----a-w- C:\Windows\System32\mshtml.tlb
    2013-04-10 11:23:52 507183B4FCB535A7A973427D1F367CA8 420864 ----a-w- C:\Windows\System32\vbscript.dll
    2013-04-10 11:23:52 40169F9AE27BB73F2CB8C7D11A7A2AC2 73216 ----a-w- C:\Windows\System32\mshtmled.dll
    2013-04-10 11:23:50 C720BD3BDE2C9A1BFC4476F6D3A4B64D 176640 ----a-w- C:\Windows\System32\ieui.dll
    2013-04-10 11:23:50 4BE468D2EE9CC59CB8F666949CD37CD5 65024 ----a-w- C:\Windows\System32\jsproxy.dll
    2013-04-10 11:23:49 FC5BBA40E667D20126D91BD6A790705B 142848 ----a-w- C:\Windows\System32\ieUnatt.exe
    2013-04-10 11:23:49 9DE04A790F697432871E88BB77EEBCF5 607744 ----a-w- C:\Windows\System32\msfeeds.dll
    2013-04-10 11:23:48 C5B6468422DB1C8AA36C32CBB0197E5E 1129472 ----a-w- C:\Windows\System32\wininet.dll
    2013-04-10 11:23:48 26DB6CB9BC434ABA1169B3051E6AB4F2 717824 ----a-w- C:\Windows\System32\jscript.dll
    2013-04-10 11:23:47 7E6052699CAF18ADEDD846D44ECCE81F 1800704 ----a-w- C:\Windows\System32\jscript9.dll
    2013-04-10 11:23:47 69EDE878C3891E7796D46B7E552330B1 231936 ----a-w- C:\Windows\System32\url.dll
    2013-04-10 11:23:46 9BDDA34DC4890169DE5BA21134B33EFB 1796096 ----a-w- C:\Windows\System32\iertutil.dll
    2013-04-10 11:23:44 4E7F83E1F6AEFA38E270EA7353D6911E 1104384 ----a-w- C:\Windows\System32\urlmon.dll
    2013-04-10 11:23:43 CA78BA218B423C7F22B14906308B8B02 1427968 ----a-w- C:\Windows\System32\inetcpl.cpl
    2013-04-10 11:23:41 658EBC74BD38D16805648C4775F7FA82 12324352 ----a-w- C:\Windows\System32\mshtml.dll
    2013-04-10 11:23:40 DFE118C95C6571B87D1923DAB3FA0A77 9738752 ----a-w- C:\Windows\System32\ieframe.dll
    2013-04-10 10:41:22 E31AE50AFB2A4AE804D016E02EE6BE10 3551080 ----a-w- C:\Windows\System32\ntoskrnl.exe
    2013-04-10 10:41:22 21870BAB9C9B802AC641DD644708BDE4 3603816 ----a-w- C:\Windows\System32\ntkrnlpa.exe
    2013-04-10 10:41:21 BE7480C91E89EB82FC080F772C220AE4 64000 ----a-w- C:\Windows\System32\smss.exe
    2013-04-10 10:41:21 33F84B64D4765BCDFA0AB8464122DA14 49152 ----a-w- C:\Windows\System32\csrsrv.dll
    2013-04-10 10:41:18 6A166182E32844369FD072057782A22B 2067968 ----a-w- C:\Windows\System32\mstscax.dll
    2013-04-10 10:41:16 A508314231C49AEE86987CEA3EAECAD1 376320 ----a-w- C:\Windows\System32\winsrv.dll
    2013-04-10 10:40:44 88FB35233A80BB42FF5B4E722705FEF4 2049024 ----a-w- C:\Windows\System32\win32k.sys
    ====== C:\Windows\system32\drivers =====
    2013-04-10 10:41:19 2C1121F2B87E9A6B12485DF53CD848C7 1082232 ----a-w- C:\Windows\System32\drivers\ntfs.sys
    ====== C:\Windows\Tasks ======
    ====== C:\Windows\Temp ======
    ======= C:\Program Files =====
    2013-04-20 18:19:10 -------- d-----w- C:\Program Files\SUPERAntiSpyware
    2013-04-18 09:58:37 -------- d-----w- C:\Program Files\MyFree Codec
    2013-04-16 17:05:19 -------- d-----w- C:\Program Files\Samsung
    ======= C: =====
    2013-04-21 07:50:02 F11653C0A6F17B526E5A14743ECBD42E 19820 ----a-w- C:\AdwCleaner[S1].txt
    ====== C:\Users\winston\AppData\Roaming ======
    2013-04-20 18:19:17 -------- d-----w- C:\users\winston\AppData\Roaming\SUPERAntiSpyware.com
    2013-04-16 17:13:08 -------- d-----w- C:\users\winston\AppData\Roaming\Samsung
    2013-04-16 17:04:01 -------- d-----w- C:\users\winston\AppData\Local\Downloaded Installations
    2013-04-08 15:29:29 -------- d-----w- C:\users\winston\AppData\Roaming\MusE
    2013-04-08 15:29:26 -------- d-----w- C:\users\winston\AppData\Local\MusE
    ====== C:\Users\winston ======
    2013-04-20 18:19:15 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2013-04-20 18:19:10 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com
    2013-04-16 17:05:19 -------- d-----w- C:\ProgramData\Samsung
    2013-04-01 16:33:53 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth

    ====== C: exe-files ==
    === C: other files ==
    2013-04-21 08:49:21 ACB22AC07CDA856A3E59F86DFF39F634 544 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-225639665-913216918-3013696451-1000\$IE2A6IU.zip
    2013-04-20 08:50:35 28F64D3E7293C8F13FD825E6CB59B82E 1811565201 ----a-w- C:\$RECYCLE.BIN\S-1-5-21-225639665-913216918-3013696451-1000\$RE2A6IU.zip

    ==== Startup Registry Enabled ======================

    [HKEY_USERS\S-1-5-21-225639665-913216918-3013696451-1000\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe"
    "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED"
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe"
    "Apoint"="C:\Program Files\Apoint2K\Apoint.exe"
    "FIC HotKey"="C:\Program Files\Hotkey Utility\tray.exe"
    "LaunchPad"="C:\Program Files\Launch Pad\LaunchPad.exe"
    "PowerManager"="C:\Program Files\Power Manager\PM.exe"
    "FSCRecovery"="c:\Program Files\Fujitsu Siemens Computers\Fujitsu Siemens Computers Recovery\FSCRecoveryReminder.exe"
    "IAAnotif"="C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe"
    "DefragTaskBar"="C:\Program Files\Ashampoo\Ashampoo Magical Defrag 2\bin\defragTaskBar.exe"
    "avast"="C:\Program Files\Alwil Software\Avast5\avastUI.exe /nogui"
    "beid"="C:\Program Files\Belgium Identity Card\beid35gui.exe /startup"
    "APSDaemon"="C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    "QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe -atboottime"
    "IgfxTray"="C:\Windows\system32\igfxtray.exe"
    "HotKeysCmds"="C:\Windows\system32\hkcmd.exe"
    "Persistence"="C:\Windows\system32\igfxpers.exe"
    "NvCplDaemon"="RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup"
    "Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    "iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Sidebar"="C:\Program Files\Windows Sidebar\sidebar.exe /autoRun"
    "ehTray.exe"="C:\Windows\ehome\ehTray.exe"
    "uTorrent"="C:\Program Files\uTorrent\uTorrent.exe /MINIMIZED"
    "WMPNSCFG"="C:\Program Files\Windows Media Player\WMPNSCFG.exe"
    "SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe"

    ==== Startup Folders ======================

    2013-04-06 08:55:35 959 ----a-w- C:\users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
    2013-01-15 15:57:38 1917 ----a-w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk

    ==== Task Scheduler Jobs ======================

    C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/04/2009 21:14]
    C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a------ C:\Program Files\Google\Update\GoogleUpdate.exe [05/04/2009 21:14]

    ==== Firefox Extensions ======================

    ProfilePath: C:\Users\Arlette\AppData\Roaming\Mozilla\Firefox\Profiles\j2oa866v.default
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}

    ProfilePath: C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default
    - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium(201).be
    - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium(213).be
    - TVU Web Player - %ProfilePath%\extensions\firefox@tvunetworks.com
    - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
    - DownloadHelper - %ProfilePath%\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}(31)
    - Belgium eID - %ProfilePath%\extensions\belgiumeid@eid.belgium.be.xpi
    - Microsoft .NET Framework Assistant - %ProfilePath%\extensions\{20a82645-c095-46ed-80e3-08825760534b}.xpi
    - ImTranslator - %ProfilePath%\extensions\{9AA46F4F-4DC7-4c06-97AF-5035170634FE}.xpi

    AppDir: C:\Program Files\Mozilla Firefox
    - Undetermined - %AppDir%\extensions\belgiumeid@eid.belgium.be
    - Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
    - Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0025-ABCDEFFEDCBA}
    - Undetermined - %AppDir%\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}

    ==== Firefox Plugins ======================

    Profilepath: C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608
    F7E72D3A281F922BACEC1A71A826D4C2 - C:\Windows\system32\Macromed\Flash\NPSWF32_11_7_700_169.dll - Shockwave Flash
    E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
    F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
    2616B4D6D04F18C579B7861F02B0B592 - C:\Windows\system32\npDeployJava1.dll - Java Deployment Toolkit 7.0.130.20
    F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Adobe\Reader 10.0\Reader\browser\nppdf32.dll - Adobe Acrobat
    F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
    DB988B4550DB9BCE86F9199D961057FC - C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll - Adobe Acrobat
    E0FF893763BA82BAABB869A351F0C455 - C:\Program Files\Google\Update\1.3.21.135\npGoogleUpdate3.dll - Google Update
    A5C14075B571AF1C9592595BE724D9D2 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrl.dll - Silverlight Plug-In
    A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
    AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
    AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
    2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
    2034E977759F4EB2226914BFC58F2758 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
    B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
    B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
    3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
    3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
    C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
    C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
    45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
    45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
    9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
    9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
    9C9CE25B0BC71B4442DC17C651BF81AC - C:\Program Files\McAfee Security Scan\3.0.313\npMcAfeeMSS.dll - McAfee Security Scanner +
    3509063A268A4197CF8E713BD22B0978 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
    075394F75303286C2FA91908CB781609 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
    AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
    B9CB851B2E39B4336822AC879FDE218B - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll - Windows Genuine Advantage
    29B060079A9129553E3FA75EDB8243BB - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
    3D84A7E0CD7A1FC93EAB9F2D50E5BD9C - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
    99F97C9FE748C37528C338A423577FCB - C:\Users\winston\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
    99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
    2AA3703D87E1327A2290C9D416D89A28 - C:\Program Files\Microsoft Silverlight\5.1.20125.0\npctrlui.dll - Microsoft® Silverlight
    DFCAB29E8FD38F95650CC1E203E8D318 - C:\Windows\system32\npmproxy.dll - Microsoft® Windows® Operating System

    Profilepath: C:\Users\winston\AppData\Roaming\Mozilla\Firefox\Profiles\zhcbp7di.default
    AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
    2034E977759F4EB2226914BFC58F2758 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
    B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
    3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
    C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
    45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
    9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
    F00A0EF5835E1B96F783D617F1948704 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll - iTunes Application Detector
    F647D0BEA553C1D0C251CE07DA6A5511 - C:\Program Files\Mozilla Firefox\plugins\nppdf32.dll - Adobe Acrobat
    A843FC35574ECFD9E7A41C5505A9921B - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
    E971E06DDE68684CB3957C5D0E133CB0 - C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll - Google Earth Plugin
    3509063A268A4197CF8E713BD22B0978 - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll - Windows Live® Photo Gallery
    075394F75303286C2FA91908CB781609 - C:\Program Files\Microsoft\Office Live\npOLW.dll - Microsoft Office Live Plug-in for Firefox / Microsoft Office Live Plug-in for Firefox
    AB87EEFFD18F2BAAFC274E7075EA6C67 - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll - Windows Presentation Foundation / Windows Presentation Foundation
    B9CB851B2E39B4336822AC879FDE218B - C:\Program Files\Mozilla Firefox\plugins\npLegitCheckPlugin.dll - Windows Genuine Advantage
    29B060079A9129553E3FA75EDB8243BB - C:\Program Files\VistaCodecPack\rm\browser\plugins\nppl3260.dll - RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)
    3D84A7E0CD7A1FC93EAB9F2D50E5BD9C - C:\Program Files\VistaCodecPack\rm\browser\plugins\nprpjplug.dll - RealPlayer Version Plugin
    99F97C9FE748C37528C338A423577FCB - C:\Users\winston\AppData\Roaming\Mozilla\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin
    AF87C7A3D391F5F5534167546D7DDE30 - C:\Program Files\QuickTime\Plugins\npqtplugin7.dll - QuickTime Plug-in 7.7.3
    2034E977759F4EB2226914BFC58F2758 - C:\Program Files\QuickTime\Plugins\npqtplugin6.dll - QuickTime Plug-in 7.7.3
    B14417814FCA3A5D4AB170E1823D5484 - C:\Program Files\QuickTime\Plugins\npqtplugin5.dll - QuickTime Plug-in 7.7.3
    3EFF190EC0E333DFBD2F5499858044B6 - C:\Program Files\QuickTime\Plugins\npqtplugin4.dll - QuickTime Plug-in 7.7.3
    C4EB1B18B39BD2F76A64F75D01DEAB61 - C:\Program Files\QuickTime\Plugins\npqtplugin3.dll - QuickTime Plug-in 7.7.3
    45CC6EFE643FCB97D986BBE2D21E2491 - C:\Program Files\QuickTime\Plugins\npqtplugin2.dll - QuickTime Plug-in 7.7.3
    9FCA15CC38F2E2C6F5E722ED0E1A9E7A - C:\Program Files\QuickTime\Plugins\npqtplugin.dll - QuickTime Plug-in 7.7.3
    99F97C9FE748C37528C338A423577FCB - C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll - Microsoft® Windows Media Player Firefox Plugin


    ==== Chrome Look ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
    cjofdnhdkbflacojpfpkchgafjahijbb - C:\Users\winston\AppData\Local\Temp\crx7051.tmp[]
    icmlaeflemplmjndnaapfdbbnpncnbda - C:\Program Files\Alwil Software\Avast5\WebRep\Chrome\aswWebRepChrome.crx[31/10/2012 00:48]

    YouTube - winston - Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo
    Google Search - winston - Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf
    Gmail - winston - Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

    ==== Set IE to Default ======================

    Old Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.msn.com/"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    @="http://search.yahoo.com/search?fr=mcafee&p=%s"

    New Values:
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
    "Start Page"="http://www.msn.com/"
    [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchUrl]
    "(Default)"="http://search.msn.com/results.asp?q=%s"

    ==== All HKCU SearchScopes ======================

    HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
    "DefaultScope"="{E0B7D8C7-3B85-4B46-8648-43F8FFFBF5F6}"
    {0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
    {279540CE-1994-4F5B-B35C-E16172E822E8} Wikipedia (en) Url="http://en.wikipedia.org/w/index.php?title=Special:Search&search={searchTerms}"
    {443F0DD5-8053-4A4F-92C4-371197702A1C} Bing Url="http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}"
    {6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startInde x={startIndex?}&startPage={startPage}"
    {DECA3892-BA8F-44b8-A993-A466AD694AE4} Yahoo//search.yahoo.com/search?fr=mcafee&p={searchTerms}"
    {E0B7D8C7-3B85-4B46-8648-43F8FFFBF5F6} Google Url="http://www.google.be/{searchTerms}"

    ==== Reset Google Chrome ======================

    C:\users\winston\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
    C:\users\winston\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully

    ==== Deleting CLSID Registry Keys ======================


    ==== Deleting CLSID Registry Values ======================


    ==== shortcuts on Users Desktops ======================

    C:\Users\winston\Desktop\Dropbox.lnk - C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe /home

    ==== shortcuts on All Users Desktop ======================

    C:\Users\Public\Desktop\avast Free Antivirus.lnk -
    C:\Users\Public\Desktop\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
    C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk - C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Portaldosites.com
    C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==== shortcuts in Users Start Menu ======================

    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe Portaldosites.com
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe Portaldosites.com
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Dropbox.lnk - C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe /home
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox\Uninstall Dropbox.lnk - C:\Users\winston\AppData\Roaming\Dropbox\bin\DropboxUninstaller.exe
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk - C:\Users\winston\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup

    ==== shortcuts in All Users Start Menu ======================

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Portaldosites.com
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\avast Free Antivirus.lnk -
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in DirectX-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setDX
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth starten in OpenGL-modus.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe -setOGL
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth verwijderen.lnk - C:\Windows\System32\msiexec.exe /x {468D22C0-8080-11E2-B86E-B8AC6F98CCE3}
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth\Google Earth.lnk - C:\Program Files\Google\Google Earth\client\googleearth.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Alternate Start.lnk - C:\Program Files\SUPERAntiSpyware\RUNSAS.EXE
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Free Edition.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Help.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.chm
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware\SUPERAntiSpyware Registration-Activation.lnk - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe /register
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VistaCodecs\Common Tools\Make a Donation.lnk - C:\Program Files\Internet Explorer\iexplore.exe Portaldosites.com
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk - C:\Program Files\Internet Explorer\iexplore.exe Portaldosites.com

    ==== shortcuts in Quick Launch ======================

    C:\Users\winston\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe Portaldosites.com
    C:\Users\winston\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe Portaldosites.com

    ==== shortcuts After Repair ======================

    C:\Users\Public\Desktop\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk - C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\winston\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk - C:\Program Files\Internet Explorer\iexplore.exe -extoff
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VistaCodecs\Common Tools\Make a Donation.lnk - C:\Program Files\Internet Explorer\iexplore.exe
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VistaCodecs\Common Tools\VistaCodecs HomePage.lnk - C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\winston\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk - C:\Program Files\Internet Explorer\iexplore.exe
    C:\Users\winston\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk - C:\Program Files\Mozilla Firefox\firefox.exe

    ==== Reset IE Proxy ======================

    Value(s) before fix:
    "ProxyOverride"="*.local"
    "ProxyEnable"=dword:00000000

    Value(s) after fix:
    "ProxyEnable"=dword:00000000

    ==== Deleting Registry Keys ======================

    HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb deleted successfully

    ==== Empty IE Cache ======================

    C:\Windows\serviceprofiles\LocalService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\LocalService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\NetworkService\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\serviceprofiles\NetworkService\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
    C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

    ==== Empty FireFox Cache ======================

    C:\users\Arlette\AppData\Local\Mozilla\Firefox\Profiles\j2oa866v.default\Cache emptied successfully
    C:\users\winston\AppData\Local\Mozilla\Firefox\Profiles\55r9t9w8.default-1366478536608\Cache emptied successfully

    ==== Empty Chrome Cache ======================

    C:\users\winston\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

    ==== Empty All Flash Cache ======================

    Flash Cache Emptied Successfully

    ==== Empty All Java Cache ======================

    Java Cache cleared successfully

    After Reboot

    ==== Empty Temp Folders ======================

    C:\Windows\Temp successfully emptied
    C:\Users\winston\AppData\Local\Temp successfully emptied

    ==== Empty Recycle Bin ======================

    C:\$RECYCLE.BIN successfully emptied

    ==== Deleting Files / Folders ======================

    "C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat" not deleted



    bedank reeds voor de hulp

  6. #6
    Lid
    Geregistreerd
    16 maart 2012
    Berichten
    25

    Standaard

    na opstarten firefox en explorer is alles terug normaal

    groetjes en dank u wel

  7. #7
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    37.601

    Standaard

    Problemen van de baan, dan is het tijd voor de “grote schoonmaak” : verwijderen van gebruikte programma’s, een cleaning en het verwijderen van de besmette herstelpunten.

    Verwijder zoek.exe van bureaublad.

    Sluit alle openstaande vensters
    Start AdwCleaner en klik Deinstallatie.
    Klik op "Ja"



    AdwCleaner is nu verwijderd van je pc.

    Download CCleaner.
    Klik op “Download Latest Version” en dan start de download van CCleaner automatisch en gratis op.

    Installeer het en start CCleaner op. Klik in de linkse kolom op “Cleaner”. Klik achtereenvolgens op ‘Analyseren’ en 'Schoonmaken'. Soms is 1 analyse niet voldoende. Deze procedure mag je herhalen tot de analyse geen fouten meer aangeeft. Klik vervolgens in de linkse kolom op “Register” en klik op ‘Scan naar problemen”. Als er fouten gevonden worden klik je op ”Herstel geselecteerde problemen” en ”OK”. Dan krijg je de vraag om een back-up te maken. Klik op “JA”. Kies dan “Herstel alle geselecteerde fouten”. Sluit hierna CCleaner terug af.

    Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

    Het is aangewezen om de bestaande herstelpunten te verwijderen (daar zitten besmette herstelpunten tussen die je eventueel zou kunnen terugzetten). Hoe je de herstelpunten verwijdert lees je hier.

    Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.




Discussie gesloten

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •