Discussie gesloten
Pagina 1 van 3 123 LaatsteLaatste
Resultaten: 1 t/m 10 van 21
Overzicht bedankjes1Bedankjes

search.conduit.com verwijderen

Dit is een discussie over search.conduit.com verwijderen in het forum Archief Bestrijding malware & virussen , en maakt deel van de Bestrijding malware & virussen categorie; Hallo Vandaag search.conduit.com binnen gekregen hoe moet ik het verwijderen. mvg Paul...

  1. #1
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard search.conduit.com verwijderen

    Hallo
    Vandaag search.conduit.com binnen gekregen hoe moet ik het verwijderen.

    mvg Paul

  2. #2
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard

    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 21:58:23, on 8/01/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [UpdateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKCU\..\Run: [SearchProtect] C:\Users\Paul\AppData\Roaming\SearchProtect\cltmng.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O20 - AppInit_DLLs: c:\progra~2\saveas\sprote~1.dll
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.e xe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11972 bytes

  3. #3
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.974

    Standaard

    Ga naar Start - Alle programma's - Bureauaccesoires.
    Zoek het icoon van het opdrachtprompt en klik er op met de rechter muisknop en kies dan in het lijstje voor “uitvoeren als administrator” om het opdrachtprompt te openen.
    Tik in: sc stop CltMngSvc en druk op Enter.
    Tik in: sc delete CltMngSvc en druk op Enter.
    Tik in exit en druk Enter.
    Als je op een van deze instructies een foutmelding krijgt, ga dan gewoon door met de volgende instructie.

    Start Hijackthis op. Selecteer “Scan”. Selecteer alleen de items die hieronder zijn genoemd:

    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
    O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
    O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    O4 - HKCU\..\Run: [SearchProtect] C:\Users\Paul\AppData\Roaming\SearchProtect\cltmng.exe
    O4 - Global Startup: FancyStart daemon.lnk = ?
    O20 - AppInit_DLLs: c:\progra~2\saveas\sprote~1.dll

    Klik op 'Fix checked' om de items te verwijderen.

    Let op : Windows Vista & 7 gebruikers dienen HijackThis als “administrator” uit te voeren via rechtermuisknop “als administrator uitvoeren". Indien dit via de snelkoppeling niet lukt voer je HijackThis als administrator uit in de volgende map : C:\Program Files\Trend Micro\HiJackThis of C:\Program Files (x86)\Trend Micro\HiJackThis.

    Download MBAM (Malwarebytes Anti-Malware)

    Dubbelklik op mbam-setup.exe om het programma te installeren.

    Zorg ervoor dat er een vinkje geplaatst is voor Update Malwarebytes' Anti-Malware en Start Malwarebytes' Anti-Malware, Klik daarna op "Voltooien".
    Indien een update gevonden werd, zal die gedownload en geïnstalleerd worden.
    Wanneer het programma volledig up to date is, selecteer dan in het tabblad Scanner : "Snelle Scan", daarna klik op Scan.
    Het scannen kan een tijdje duren, dus wees geduldig.
    Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    Zorg ervoor dat daar alles aangevinkt is, daarna klik op: Verwijder geselecteerde.
    Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten. (Zie verder).

    Indien er de rootkit (TDSS) aanwezig is, zal MBAM vragen te herstarten. Doe dit dan ook.
    MBAM zal na de herstart opnieuw scannen en de rootkit verwijderen.


    Het log wordt automatisch bewaard door MBAM en kan je terugvinden door op de "Logs" tab te klikken in het programma.

    Indien MBAM moeilijkheden heeft met het verwijderen van bepaalde bestanden zal het enkele meldingen geven waar je OK moet klikken. Daarna zal het vragen om de computer opnieuw op te starten... dus sta toe dat MBAM de computer opnieuw opstart.

    Plak de inhoud van het logje in je volgende bericht, samen met een nieuw logje van HijackThis.



  4. #4
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard

    Malwarebytes Anti-Malware (PRO) 1.65.1.1000
    Malwarebytes : Free anti-malware download

    Databaseversie: v2012.12.11.12

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Paul :: PAUL-LPT [administrator]

    Realtime bescherming: Ingeschakeld

    11/12/2012 23:33:41
    mbam-log-2012-12-11 (23-33-41).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 210861
    Verstreken tijd: 4 minuut/minuten, 49 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 2
    C:\Users\Paul\Downloads\installer_winzip(1).exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen.
    C:\Users\Paul\Downloads\installer_winzip.exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen.

    (einde)
    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 10:58:40, on 9/01/2013
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v9.00 (9.00.8112.16457)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
    C:\ProgramData\DatacardService\DCSHelper.exe
    C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
    C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
    C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
    C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
    C:\Windows\AsScrPro.exe
    C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
    C:\Program Files (x86)\uTorrent\uTorrent.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
    C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O4 - HKLM\..\Run: [UpdateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
    O4 - HKLM\..\Run: [Boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
    O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
    O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
    O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
    O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
    O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
    O4 - HKLM\..\Run: [SearchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
    O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
    O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
    O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
    O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
    O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
    O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
    O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
    O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
    O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.e xe
    O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11178 bytes

  5. #5
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.974

    Standaard

    Bij Malwarebytes heb je niet gekozen om de aangeduide items te verwijderen. "Geen actie ondernomen" wijst alvast in die richting. Wil je dit nog eens herhalen en dan wél kiezen voor verwijderen.

    Download AdwCleaner by Xplode naar je bureaublad.




    • Sluit alle openstaande vensters.
    • Vista en Windows 7 gebruikers: Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren...
    • Voor XP: Gewoon dubbelklikken op AdwCleaner.
    • Klik vervolgens op Verwijderen.
    • Klik bij AdwCleaner – Informatie op OK
    • Klik bij AdwCleaner – Herstarten Noodzakelijk op OK


    Dat tijdens de actie de snelkoppelingen verdwijnen, is normaal. Nadat de PC opnieuw is opgestart, opent een logfile. Post de inhoud van dit log in je volgende bericht.



  6. #6
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard

    Heel erg bedankt om te helpen.logbestand antivirus volgt
    # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
    # Geactualiseerd op 08/01/2013 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Paul - PAUL-LPT
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
    # Optie [Verwijderen]


    ***** [Diensten] *****

    Gestopt & Verwijdert : CltMngSvc

    ***** [Files / Mappen] *****

    File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
    Map Verwijdert : C:\Program Files (x86)\Conduit
    Map Verwijdert : C:\Program Files (x86)\SaveAs
    Map Verwijdert : C:\Program Files (x86)\SearchProtect
    Map Verwijdert : C:\ProgramData\Ask
    Map Verwijdert : C:\ProgramData\InstallMate
    Map Verwijdert : C:\ProgramData\Partner
    Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
    Verwijdert bij het opstarten : C:\ProgramData\Premium

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\InstallCore
    Sleutel Verwijdert : HKCU\Software\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\SearchProtect
    Sleutel Verwijdert : HKLM\Software\SP Global
    Sleutel Verwijdert : HKLM\Software\SProtector
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v17.0.1 (nl)

    File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js

    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
    Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
    Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
    Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
    Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
    Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
    Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
    Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
    Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT2865317.FirstTime", "true");
    Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
    Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
    Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
    Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
    Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
    Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
    Verwijdert : user_pref("CT2865317.defaultSearch", "true");
    Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT2865317.enableAlerts", "always");
    Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT2865317.fixUrls", true);
    Verwijdert : user_pref("CT2865317.installType", "xpe");
    Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
    Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.keyword", true);
    Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
    Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
    Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
    Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
    Verwijdert : user_pref("CT2865317.search.searchCount", "0");
    Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
    Verwijdert : user_pref("CT2865317.settingsINI", true);
    Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
    Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
    Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
    Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
    Verwijdert : user_pref("CT2865317.startPage", "userChanged");
    Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
    Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
    Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
    Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
    Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT3272810.FirstTime", "true");
    Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
    Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
    Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
    Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
    Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
    Verwijdert : user_pref("CT3272810.defaultSearch", "true");
    Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT3272810.enableAlerts", "always");
    Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT3272810.fixUrls", true);
    Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.installId", "9818");
    Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
    Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
    Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT3272810.keyword", true);
    Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
    Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
    Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
    Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
    Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
    Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
    Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
    Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
    Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
    Verwijdert : user_pref("CT3272810.search.searchCount", "0");
    Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
    Verwijdert : user_pref("CT3272810.settingsINI", true);
    Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
    Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
    Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
    Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
    Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
    Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
    Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
    Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
    Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
    Verwijdert : user_pref("aol_toolbar.default.search.check", false);
    Verwijdert : user_pref("browser.search.order.1", "Ask.com");
    Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
    Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
    Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
    Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
    Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
    Verwijdert : user_pref("smartbar.originalSearchEngine", false);
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
    Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");

    *************************

    AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
    AdwCleaner[S2].txt - [19743 octets] - [09/01/2013 11:36:29]

    ########## EOF - C:\AdwCleaner[S2].txt - [19804 octets] ##########
    # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
    # Geactualiseerd op 08/01/2013 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Paul - PAUL-LPT
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
    # Optie [Verwijderen]


    ***** [Diensten] *****

    Gestopt & Verwijdert : CltMngSvc

    ***** [Files / Mappen] *****

    File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
    Map Verwijdert : C:\Program Files (x86)\Conduit
    Map Verwijdert : C:\Program Files (x86)\SaveAs
    Map Verwijdert : C:\Program Files (x86)\SearchProtect
    Map Verwijdert : C:\ProgramData\Ask
    Map Verwijdert : C:\ProgramData\InstallMate
    Map Verwijdert : C:\ProgramData\Partner
    Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
    Verwijdert bij het opstarten : C:\ProgramData\Premium

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\InstallCore
    Sleutel Verwijdert : HKCU\Software\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\SearchProtect
    Sleutel Verwijdert : HKLM\Software\SP Global
    Sleutel Verwijdert : HKLM\Software\SProtector
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v17.0.1 (nl)

    File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js

    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
    Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
    Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
    Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
    Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
    Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
    Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
    Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
    Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT2865317.FirstTime", "true");
    Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
    Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
    Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
    Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
    Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
    Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
    Verwijdert : user_pref("CT2865317.defaultSearch", "true");
    Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT2865317.enableAlerts", "always");
    Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT2865317.fixUrls", true);
    Verwijdert : user_pref("CT2865317.installType", "xpe");
    Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
    Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.keyword", true);
    Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
    Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
    Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
    Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
    Verwijdert : user_pref("CT2865317.search.searchCount", "0");
    Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
    Verwijdert : user_pref("CT2865317.settingsINI", true);
    Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
    Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
    Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
    Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
    Verwijdert : user_pref("CT2865317.startPage", "userChanged");
    Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
    Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
    Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
    Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
    Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT3272810.FirstTime", "true");
    Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
    Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
    Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
    Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
    Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
    Verwijdert : user_pref("CT3272810.defaultSearch", "true");
    Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT3272810.enableAlerts", "always");
    Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT3272810.fixUrls", true);
    Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.installId", "9818");
    Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
    Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
    Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT3272810.keyword", true);
    Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
    Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
    Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
    Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
    Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
    Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
    Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
    Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
    Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
    Verwijdert : user_pref("CT3272810.search.searchCount", "0");
    Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
    Verwijdert : user_pref("CT3272810.settingsINI", true);
    Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
    Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
    Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
    Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
    Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
    Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
    Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
    Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
    Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
    Verwijdert : user_pref("aol_toolbar.default.search.check", false);
    Verwijdert : user_pref("browser.search.order.1", "Ask.com");
    Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
    Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
    Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
    Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
    Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
    Verwijdert : user_pref("smartbar.originalSearchEngine", false);
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
    Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");

    *************************

    AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
    AdwCleaner[S2].txt - [19743 octets] - [09/01/2013 11:36:29]

    ########## EOF - C:\AdwCleaner[S2].txt - [19804 octets] ##########
    # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
    # Geactualiseerd op 08/01/2013 door Xplode
    # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Gebruiker : Paul - PAUL-LPT
    # Opstarten Modus : Normale modus
    # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
    # Optie [Verwijderen]


    ***** [Diensten] *****

    Gestopt & Verwijdert : CltMngSvc

    ***** [Files / Mappen] *****

    File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
    Map Verwijdert : C:\Program Files (x86)\Conduit
    Map Verwijdert : C:\Program Files (x86)\SaveAs
    Map Verwijdert : C:\Program Files (x86)\SearchProtect
    Map Verwijdert : C:\ProgramData\Ask
    Map Verwijdert : C:\ProgramData\InstallMate
    Map Verwijdert : C:\ProgramData\Partner
    Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
    Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
    Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
    Verwijdert bij het opstarten : C:\ProgramData\Premium

    ***** [Register] *****

    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
    Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
    Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
    Sleutel Verwijdert : HKCU\Software\Conduit
    Sleutel Verwijdert : HKCU\Software\InstallCore
    Sleutel Verwijdert : HKCU\Software\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Sleutel Verwijdert : HKLM\Software\Conduit
    Sleutel Verwijdert : HKLM\Software\SearchProtect
    Sleutel Verwijdert : HKLM\Software\SP Global
    Sleutel Verwijdert : HKLM\Software\SProtector
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
    Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

    ***** [Browsers] *****

    -\\ Internet Explorer v9.0.8112.16457

    [OK] Het register bevat geen enkele ongeoorloofde invoer.

    -\\ Mozilla Firefox v17.0.1 (nl)

    File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js

    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
    Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
    Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
    Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
    Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
    Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
    Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
    Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
    Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
    Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT2865317.FirstTime", "true");
    Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
    Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
    Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
    Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
    Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
    Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
    Verwijdert : user_pref("CT2865317.defaultSearch", "true");
    Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT2865317.enableAlerts", "always");
    Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT2865317.fixUrls", true);
    Verwijdert : user_pref("CT2865317.installType", "xpe");
    Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
    Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.keyword", true);
    Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
    Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
    Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
    Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
    Verwijdert : user_pref("CT2865317.search.searchCount", "0");
    Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
    Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
    Verwijdert : user_pref("CT2865317.settingsINI", true);
    Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
    Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
    Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
    Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
    Verwijdert : user_pref("CT2865317.startPage", "userChanged");
    Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
    Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
    Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
    Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
    Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
    Verwijdert : user_pref("CT3272810.FirstTime", "true");
    Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
    Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
    Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
    Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
    Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
    Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
    Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
    Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
    Verwijdert : user_pref("CT3272810.defaultSearch", "true");
    Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
    Verwijdert : user_pref("CT3272810.enableAlerts", "always");
    Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
    Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
    Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
    Verwijdert : user_pref("CT3272810.fixUrls", true);
    Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
    Verwijdert : user_pref("CT3272810.installId", "9818");
    Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
    Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
    Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
    Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
    Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
    Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
    Verwijdert : user_pref("CT3272810.keyword", true);
    Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
    Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
    Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
    Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
    Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
    Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
    Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
    Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
    Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
    Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
    Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
    Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
    Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
    Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
    Verwijdert : user_pref("CT3272810.search.searchCount", "0");
    Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
    Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
    Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
    Verwijdert : user_pref("CT3272810.settingsINI", true);
    Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
    Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
    Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
    Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
    Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
    Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
    Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
    Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
    Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
    Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
    Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
    Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
    Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
    Verwijdert : user_pref("aol_toolbar.default.search.check", false);
    Verwijdert : user_pref("browser.search.order.1", "Ask.com");
    Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
    Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
    Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
    Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
    Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
    Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
    Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
    Verwijdert : user_pref("smartbar.originalSearchEngine", false);
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
    Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
    Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
    Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");

    *************************

    AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
    AdwCleaner[S2].txt - [19743 octets] - [09/01/2013 11:36:29]

    ########## EOF - C:\AdwCleaner[S2].txt - [19804 octets] ##########

    - - - Updated - - -

    Het log bestand van het antivirus dat is het enige dat ik u kan toesturen ik kan ook geen resultaten zijn en het enige dat ik kan verwijderen is het logbestand.
    Malwarebytes Anti-Malware (PRO) 1.70.0.1100
    www.malwarebytes.org

    Databaseversie: v2013.01.09.03

    Windows 7 Service Pack 1 x64 NTFS
    Internet Explorer 9.0.8112.16421
    Paul :: PAUL-LPT [administrator]

    Bescherming: Ingeschakeld

    9/01/2013 11:57:34
    mbam-log-2013-01-09 (11-57-34).txt

    Scan type: Snelle scan
    Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scan opties: P2P
    Objecten gescand: 215031
    Verstreken tijd: 2 minuut/minuten, 19 seconde(n)

    Geheugenprocessen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerwaarden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Bestanden gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    (einde)
    mvg Paul

  7. #7
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard

    Hallo Kapa
    dit geeft mijn mbam ook regelmatig sinds gisteren:toegang tot een kwaadaardige website is succesvol geblokkeerd 85.234.175.51 type:uitgaande verbinding poort:50446 proces:utorrent.exe

    mvg Paul

  8. #8
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.974

    Standaard

    AdwCleaner heeft een berg rotzooi van de PC gehaald en logje Malwarebytes ziet er nu goed uit.

    Download ComboFix van één van deze locaties:

    Link 1
    Link 2

    * BELANGRIJK !!! Sla ComboFix.exe op je Bureaublad op

    1. Schakel alle antivirus- en antispywareprogramma's uit, want anders kunnen ze misschien conflicteren met ComboFix. Hier is een handleiding over hoe je ze kan uitschakelen:
    Klik hier

    2. Het kan voorkomen dat de computer meerdere malen opnieuw gestart moet worden, dit is normaal.
    3. Dubbelklik op "Combofix.exe" om de tool te starten.
    4. Klik niet in het scherm van Combofix als deze actief is, hierdoor kan de 'tool' vastlopen.

    Noot !!! Als er een error wordt getoond met de melding "Illegal operation attempted on a registery key that has been marked for deletion", herstart dan de computer.

    5. Wanneer ComboFix klaar is, zal het het een logbestand voor je maken. Post de inhoud van dit logbestand (te vinden als C:\ComboFix.txt) in je volgende bericht.



  9. #9
    Lid
    Geregistreerd
    17 september 2012
    Berichten
    28

    Standaard

    Het logbestand
    ComboFix 13-01-08.01 - Paul 09/01/2013 14:50:44.1.4 - x64
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1764 [GMT 1:00]
    Gestart vanuit: c:\users\Paul\Downloads\ComboFix.exe
    AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
    SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    c:\programdata\FullRemove.exe
    c:\windows\msvcr71.dll
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-12-09 to 2013-01-09 ))))))))))))))))))))))))))))))
    .
    .
    2013-01-09 13:55 . 2013-01-09 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
    2013-01-08 21:47 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF41AE59-81C4-46FA-BDBA-463C9A3A14A8}\mpengine.dll
    2013-01-08 20:51 . 2013-01-08 20:51 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
    2013-01-08 20:51 . 2013-01-08 20:51 -------- d-----w- c:\program files (x86)\Trend Micro
    2013-01-08 18:43 . 2013-01-08 18:43 -------- d-----w- c:\programdata\WoW Worldwide Software LTD
    2013-01-08 18:42 . 2013-01-08 18:50 -------- d-----w- c:\program files (x86)\Optimizer Pro
    2013-01-08 18:42 . 2013-01-08 18:43 -------- d-----w- c:\programdata\Premium
    2013-01-08 18:25 . 2013-01-08 18:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
    2013-01-08 18:24 . 2013-01-08 18:24 -------- d-----w- c:\program files\Adobe
    2013-01-08 18:22 . 2013-01-08 18:25 -------- d-----w- c:\program files\Common Files\Adobe
    2013-01-08 18:21 . 2013-01-08 18:21 -------- d-----w- c:\program files (x86)\Adobe Media Player
    2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\users\Paul\AppData\Local\CRE
    2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\program files (x86)\uTorrent
    2013-01-08 17:12 . 2013-01-09 13:52 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent
    2013-01-08 16:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
    2013-01-08 11:50 . 2013-01-08 11:50 -------- d-----w- c:\program files\Stellarium
    2013-01-03 20:02 . 2013-01-03 20:03 -------- d-----w- c:\users\Paul\AppData\Roaming\HpUpdate
    2013-01-03 20:02 . 2013-01-03 20:02 -------- d-----w- c:\windows\Hewlett-Packard
    2013-01-02 09:20 . 2013-01-02 09:20 -------- d-----w- c:\users\Paul\AppData\Local\Google
    2012-12-28 13:37 . 2012-12-28 13:37 -------- d-----w- c:\users\Paul\AppData\Local\Programs
    2012-12-26 08:03 . 2012-12-26 16:50 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
    2012-12-25 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
    2012-12-25 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
    2012-12-25 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
    2012-12-25 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
    2012-12-25 16:49 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
    2012-12-25 16:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
    2012-12-25 16:48 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
    2012-12-25 16:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
    2012-12-25 16:45 . 2012-12-25 16:46 -------- d-----w- C:\24099cdff77651f2cd798f0041
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-12-20 22:24 . 2012-10-09 16:38 67413224 ----a-w- c:\windows\system32\MRT.exe
    2012-12-14 15:49 . 2012-10-09 13:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
    2012-12-11 19:05 . 2012-10-09 16:10 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
    2012-12-11 19:05 . 2012-10-09 16:10 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
    2012-12-10 12:08 . 2012-12-10 12:08 73216 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
    2012-12-10 12:08 . 2012-12-10 12:08 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
    2012-12-10 12:08 . 2012-12-10 12:08 224768 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
    2012-12-10 12:08 . 2012-12-10 12:08 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
    2012-12-10 12:08 . 2012-12-10 12:08 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys
    2012-12-10 12:08 . 2012-12-10 12:08 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
    2012-12-10 12:08 . 2012-12-10 12:08 436224 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
    2012-12-10 12:08 . 2012-12-10 12:08 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
    2012-12-10 12:08 . 2012-12-10 12:08 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
    2012-12-10 12:08 . 2012-12-10 12:08 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
    2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
    2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
    2012-12-10 12:08 . 2012-12-10 12:08 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
    2012-12-10 12:08 . 2012-12-10 12:08 104448 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
    2012-11-28 18:22 . 2012-11-28 18:22 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88DE1E05-0533-4730-B39E-A6BB90DD7F08}\gapaengine.dll
    2012-11-21 10:21 . 2012-11-21 10:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
    2012-11-21 10:21 . 2012-11-21 10:21 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
    2012-11-21 10:21 . 2012-11-21 10:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
    2012-10-18 12:22 . 2012-10-20 13:13 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
    2012-10-16 08:38 . 2012-12-03 10:47 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
    2012-10-16 08:38 . 2012-12-03 10:47 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
    2012-10-16 07:39 . 2012-12-03 10:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
    2012-10-12 07:19 . 2012-10-18 12:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE407C5-C5CB-4604-8360-2ABEB59356C3}\mpengine.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-08 969104]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
    "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
    "Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-30 2429]
    "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
    "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
    "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
    "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
    "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
    "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
    "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
    "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
    "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
    "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
    "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
    "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
    "LoadAppInit_DLLs"=1 (0x1)
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
    "mixer"=wdmaud.drv
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
    @="Service"
    .
    R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
    R2 LlamaYA movil. RunOuc;LlamaYA movil. OUC;c:\program files (x86)\LlamaYA movil\UpdateDog\ouc.exe [2012-12-10 655712]
    R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
    R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-10 117248]
    R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-12-10 104448]
    R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
    R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
    R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
    R3 QHY5II_A;QHY5II_A;c:\windows\system32\DRIVERS\QHY5II_A.sys [2012-08-08 24000]
    R3 QHY5II_B;QHY5II_B;c:\windows\system32\DRIVERS\QHY5II_B.sys [2012-08-08 55232]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
    R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
    R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-10 1255736]
    S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
    S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752]
    S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
    S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
    S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
    S2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
    S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
    S3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
    S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-10 90112]
    S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
    .
    .
    --- Andere Services/Drivers In Geheugen ---
    .
    *NewlyCreated* - WS2IFSL
    .
    [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 19:05]
    .
    2013-01-09 c:\windows\Tasks\OptimizerProUpdaterTask{3090683D-1EDB-41CF-B730-65A80BD4B2D0}.job
    - c:\programdata\Premium\OptimizerPro\OptimizerPro.exe [2013-01-08 14:50]
    .
    2013-01-09 c:\windows\Tasks\SaveAsUpdaterTask{3DA8E909-D07A-4F1D-9BBB-FC719F927D86}.job
    - c:\programdata\Premium\SaveAs\SaveAs.exe [2013-01-08 14:50]
    .
    .
    --------- X64 Entries -----------
    .
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_B]
    @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
    [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
    2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\As usWSShellExt_O]
    @="{64174815-8D98-4CE6-8646-4C039977D808}"
    [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
    2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
    "ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
    "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
    "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
    "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
    "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
    .
    ------- Bijkomende Scan -------
    .
    uLocal Page = c:\windows\system32\blank.htm
    uDefault_Search_URL = hxxp://www.google.com/ie
    mLocal Page = c:\windows\SysWOW64\blank.htm
    uSearchAssistant = hxxp://www.google.com/ie
    uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    TCP: DhcpNameServer = 195.130.131.132 195.130.130.4
    FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\
    FF - prefs.js: browser.search.defaulturl -
    FF - ExtSQL: !HIDDEN! 2012-10-09 17:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    Toolbar-Locked - (no file)
    Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
    Wow6432Node-HKLM-Run-<NO NAME> - (no file)
    Toolbar-Locked - (no file)
    WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
    HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
    AddRemove-SP_156f8a5f - c:\program files (x86)\SaveAs\uninstall.exe
    .
    .
    .
    --------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
    @Denied: (A 2) (Everyone)
    @="FlashBroker"
    "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
    "Enabled"=dword:00000001
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Shockwave Flash Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
    @="0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
    @="ShockwaveFlash.ShockwaveFlash.10"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="ShockwaveFlash.ShockwaveFlash"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
    @Denied: (A 2) (Everyone)
    @="Macromedia Flash Factory Object"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
    "ThreadingModel"="Apartment"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
    @="FlashFactory.FlashFactory.1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
    @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
    @="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
    @="1.0"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
    @="FlashFactory.FlashFactory"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
    @Denied: (A 2) (Everyone)
    @="IFlashBroker3"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
    @="{00020424-0000-0000-C000-000000000046}"
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
    @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
    "Version"="1.0"
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
    @Denied: (A) (Users)
    @Denied: (A) (Everyone)
    @Allowed: (B 1 2 3 4 5) (S-1-5-20)
    "BlindDial"=dword:00000000
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    Voltooingstijd: 2013-01-09 14:57:01
    ComboFix-quarantined-files.txt 2013-01-09 13:57
    .
    Pre-Run: 434.248.638.464 bytes beschikbaar
    Post-Run: 435.724.361.728 bytes beschikbaar
    .
    - - End Of File - - C2D0301EC909DE97550D7CB6231DA1A6
    mvg Paul

  10. #10
    Website Beheerder
    Geregistreerd
    23 december 2007
    Locatie
    Kapellen
    Berichten
    39.974

    Standaard

    Open een kladblokbestand.

    Kopieer en plak daarin de onderstaande vetgedrukte tekst.

    Folder::
    c:\programdata\WoW Worldwide Software LTD
    c:\program files (x86)\Optimizer Pro
    c:\programdata\Premium

    DirLook::
    C:\24099cdff77651f2cd798f0041

    Sla dit bestand op je bureaublad op als CFScript.
    Sleep CFScript.txt in de rode snelkoppeling van ComboFix.exe
    Dit zal ComboFix doen herstarten. Start opnieuw op als dat gevraagd wordt.

    Wil je dit uitgebreid in beeld bekijken, klik dan hier voor de handleiding.

    Post na herstart de inhoud van de Combofix.txt in je volgende bericht.



Discussie gesloten
Pagina 1 van 3 123 LaatsteLaatste

Soortgelijke discussies

  1. claro search verwijderen
    door webjah in forum Archief Bestrijding malware & virussen
    Reacties: 2
    Laatste bericht: 2 december 2012, 11:49
  2. BABYLON search verwijderen
    door Gwendolaline in forum Archief Windows
    Reacties: 1
    Laatste bericht: 20 april 2012, 10:23
  3. search.imesh.com verwijderen
    door Yesze in forum Archief Internet & Netwerk
    Reacties: 13
    Laatste bericht: 20 januari 2012, 21:19
  4. hoe babylon search verwijderen
    door apacheone1 in forum Archief Bestrijding malware & virussen
    Reacties: 5
    Laatste bericht: 4 november 2011, 05:53
  5. Malware TV BAR1.1 search.conduit verwijderen
    door MvBaren in forum Archief Bestrijding malware & virussen
    Reacties: 1
    Laatste bericht: 6 juli 2010, 13:10

Labels voor deze discussie

Regels voor berichten

  • Je mag geen nieuwe discussies starten
  • Je mag niet reageren op berichten
  • Je mag geen bijlagen versturen
  • Je mag niet je berichten bewerken
  •