andromeda

Alles is terug in orde Heel erg bedankt aan de mensen die dit mogelijk maken. mvg Paul

De snelheid is terug normaal heel erg bedankt voor de hulp.Moet ik verder nog iets doen? mvg Paul

Het gevraagde logje # AdwCleaner v2.301 - Verslag gemaakt op 29/05/2013 om 15:48:12 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Paul - PAUL-LPT # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner.exe # Optie [Zoeken] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Aanwezig : C:\ProgramData\InstallMate Map Aanwezig : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Map Aanwezig : C:\Users\Paul\AppData\Local\PackageAware Map Aanwezig : C:\Users\Paul\AppData\LocalLow\Conduit Map Aanwezig : C:\Users\Paul\AppData\Roaming\ParetoLogic ***** [Register] ***** Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 Sleutel Aanwezig : HKU\S-1-5-21-1413030965-2881553199-1589250565-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v21.0 (nl) File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R3].txt - [2265 octets] - [29/05/2013 15:48:12] ########## EOF - C:\AdwCleaner[R3].txt - [2325 octets] ########## mvg Paul - - - Updated - - - Sorry het juiste logje # AdwCleaner v2.301 - Verslag gemaakt op 29/05/2013 om 15:50:33 # Geactualiseerd op 16/05/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Paul - PAUL-LPT # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner.exe # Optie [Verwijderen] ***** [Diensten] ***** ***** [Files / Mappen] ***** Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Map Verwijdert : C:\Users\Paul\AppData\Local\PackageAware Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Paul\AppData\Roaming\ParetoLogic ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32 Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 ***** [browsers] ***** -\\ Internet Explorer v10.0.9200.16576 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v21.0 (nl) File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js [OK] De file bevat geen enkele ongeoorloofde invoer. -\\ Google Chrome v [Onmogelijk de versie te verkrijgen] File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Preferences [OK] De file bevat geen enkele ongeoorloofde invoer. ************************* AdwCleaner[R3].txt - [2390 octets] - [29/05/2013 15:48:12] AdwCleaner[s3].txt - [2198 octets] - [29/05/2013 15:50:33] ########## EOF - C:\AdwCleaner[s3].txt - [2258 octets] ########## mvg Paul

Hallo, 2 dagen geleden een virus binnen gehad is verwijderd met MALWARE PRO maar computer blijft traag.Heb reeds een Hijack logje gemaakt. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 13:28:00, on 29/05/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) Boot mode: Normal Running processes: C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer! R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 9935 bytes mvg Paul

Hallo, Waarom kan ik wanneer ik naar een filmpje van youtupe wil kijken alleen maar de kleine versie bekijken en wanneer ik het volledig scherm selekteer ik alleen maar geluid heb en geen beeld. mvg Paul

maar verlies ik dan niet veel data als ik werk met andere formaten dan RAW. mvg Paul

Hallo, Heb vandaag photoshop CS2 de versie die adobe nu gratis ter beschikking stelt gedownleod op mijn laptop met windows 7 64 ik kan wel jpg bestanden open doen en bewerken maar RAW bestanden doet hij niet open ook heb ik de compatibilty mode verzet naar "Windows XP Service Pack 3 en dan run als administrator laten lopen maar nog wil hij geen RAW bestanden openen en bij een vriend van mij werkt het wel met windows 7. mvg Paul

hallo De laptop zou enkel worden gebruikt voor photoshop en meer specifiek voor astrofotos daar ik een astro amateur ben en de prijs doet er niet toe als ik maar zeker ben dat alles werkt. mvg Paul

Met zeer veel dank voor alle hulp. mvg Paul

Dank u vriendelijk voor de informatie. mvg Paul

niets van alles wat je hebt voorgesteld werkt en bedoel dan adwaeclaener kan ik niet vinden en combofix staat in mijn taak balk en als ik er op klik begint hij direkt te sannen is een exe bestand mvg Paul

nee Kape ik heb het er gisteren niet op mijn buroblad gekregen maar wel gebruikt mvg Paul

Hallo ik kan nergens adwcleanern niet vinden. mvg Paul

en de virus scanner zegt niets meer mvg Paul

Wie weet het laatste logje? Malwarebytes Anti-Malware (PRO) 1.70.0.1100 Malwarebytes : Free anti-malware download Databaseversie: v2013.01.09.07 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Paul :: PAUL-LPT [administrator] Bescherming: Uitgeschakeld 9/01/2013 19:55:34 mbam-log-2013-01-09 (19-55-34).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 215581 Verstreken tijd: 3 minuut/minuten, 56 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) Kape heelerg bedankt voor al uw moeite mvg Paul

Hallo Het gevraagde logje. ComboFix 13-01-08.01 - Paul 09/01/2013 19:17:03.2.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1879 [GMT 1:00] Gestart vanuit: c:\users\Paul\Downloads\ComboFix.exe gebruikte Opdracht switches :: c:\users\Paul\Desktop\cfscript AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\Optimizer Pro c:\programdata\Premium c:\programdata\Premium\OptimizerPro\OptimizerPro.exe c:\programdata\Premium\OptimizerPro\profile.ini c:\programdata\Premium\OptimizerPro\run2413.tmp c:\programdata\Premium\OptimizerPro\run2A8A.tmp c:\programdata\Premium\OptimizerPro\runB398.tmp c:\programdata\Premium\OptimizerPro\runD450.tmp c:\programdata\Premium\OptimizerPro\runDF09.tmp c:\programdata\Premium\SaveAs\profile.ini c:\programdata\Premium\SaveAs\run2FC7.tmp c:\programdata\Premium\SaveAs\runA7D2.tmp c:\programdata\Premium\SaveAs\runE61A.tmp c:\programdata\Premium\SaveAs\SaveAs.exe c:\programdata\WoW Worldwide Software LTD . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-09 to 2013-01-09 )))))))))))))))))))))))))))))) . . 2013-01-09 18:21 . 2013-01-09 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-09 15:42 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll 2013-01-09 15:42 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll 2013-01-09 15:42 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll 2013-01-09 15:42 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll 2013-01-09 15:42 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll 2013-01-09 15:42 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll 2013-01-09 15:42 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll 2013-01-09 15:42 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll 2013-01-09 15:42 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys 2013-01-09 15:42 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe 2013-01-09 13:59 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AEB5DF5-7D11-47F2-816C-DFDED349AA7C}\mpengine.dll 2013-01-08 20:51 . 2013-01-08 20:51 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-01-08 20:51 . 2013-01-08 20:51 -------- d-----w- c:\program files (x86)\Trend Micro 2013-01-08 18:25 . 2013-01-08 18:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2013-01-08 18:24 . 2013-01-08 18:24 -------- d-----w- c:\program files\Adobe 2013-01-08 18:22 . 2013-01-08 18:25 -------- d-----w- c:\program files\Common Files\Adobe 2013-01-08 18:21 . 2013-01-08 18:21 -------- d-----w- c:\program files (x86)\Adobe Media Player 2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\users\Paul\AppData\Local\CRE 2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\program files (x86)\uTorrent 2013-01-08 17:12 . 2013-01-09 18:19 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent 2013-01-08 16:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-01-08 11:50 . 2013-01-08 11:50 -------- d-----w- c:\program files\Stellarium 2013-01-03 20:02 . 2013-01-03 20:03 -------- d-----w- c:\users\Paul\AppData\Roaming\HpUpdate 2013-01-03 20:02 . 2013-01-03 20:02 -------- d-----w- c:\windows\Hewlett-Packard 2013-01-02 09:20 . 2013-01-02 09:20 -------- d-----w- c:\users\Paul\AppData\Local\Google 2012-12-28 13:37 . 2012-12-28 13:37 -------- d-----w- c:\users\Paul\AppData\Local\Programs 2012-12-26 08:03 . 2012-12-26 16:50 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird 2012-12-25 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-25 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-25 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-25 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-25 16:49 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-25 16:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-25 16:48 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-25 16:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-12-25 16:45 . 2012-12-25 16:46 -------- d-----w- C:\24099cdff77651f2cd798f0041 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-01-09 15:43 . 2012-10-09 16:38 67599240 ----a-w- c:\windows\system32\MRT.exe 2012-12-14 15:49 . 2012-10-09 13:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-11 19:05 . 2012-10-09 16:10 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-11 19:05 . 2012-10-09 16:10 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-10 12:08 . 2012-12-10 12:08 73216 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys 2012-12-10 12:08 . 2012-12-10 12:08 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys 2012-12-10 12:08 . 2012-12-10 12:08 224768 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys 2012-12-10 12:08 . 2012-12-10 12:08 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys 2012-12-10 12:08 . 2012-12-10 12:08 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys 2012-12-10 12:08 . 2012-12-10 12:08 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys 2012-12-10 12:08 . 2012-12-10 12:08 436224 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys 2012-12-10 12:08 . 2012-12-10 12:08 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2012-12-10 12:08 . 2012-12-10 12:08 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-12-10 12:08 . 2012-12-10 12:08 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys 2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll 2012-12-10 12:08 . 2012-12-10 12:08 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys 2012-12-10 12:08 . 2012-12-10 12:08 104448 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys 2012-11-28 18:22 . 2012-11-28 18:22 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88DE1E05-0533-4730-B39E-A6BB90DD7F08}\gapaengine.dll 2012-11-21 10:21 . 2012-11-21 10:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-21 10:21 . 2012-11-21 10:21 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-11-21 10:21 . 2012-11-21 10:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll 2012-10-18 12:22 . 2012-10-20 13:13 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-16 08:38 . 2012-12-03 10:47 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-12-03 10:47 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-12-03 10:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-12 07:19 . 2012-10-18 12:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE407C5-C5CB-4604-8360-2ABEB59356C3}\mpengine.dll . . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of C:\24099cdff77651f2cd798f0041 ---- . . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-08 969104] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-30 2429] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 LlamaYA movil. RunOuc;LlamaYA movil. OUC;c:\program files (x86)\LlamaYA movil\UpdateDog\ouc.exe [2012-12-10 655712] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-10 117248] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-12-10 104448] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 QHY5II_A;QHY5II_A;c:\windows\system32\DRIVERS\QHY5II_A.sys [2012-08-08 24000] R3 QHY5II_B;QHY5II_B;c:\windows\system32\DRIVERS\QHY5II_B.sys [2012-08-08 55232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-10 1255736] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-10 90112] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 19:05] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440] "ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584] "Setwallpaper"="c:\programdata\SetWallpaper.cmd" [bU] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\ FF - prefs.js: browser.search.defaulturl - FF - ExtSQL: !HIDDEN! 2012-10-09 17:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-<NO NAME> - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) AddRemove-SP_156f8a5f - c:\program files (x86)\SaveAs\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-01-09 19:24:07 ComboFix-quarantined-files.txt 2013-01-09 18:24 ComboFix2.txt 2013-01-09 13:57 . Pre-Run: 435.769.282.560 bytes beschikbaar Post-Run: 435.738.574.848 bytes beschikbaar . - - End Of File - - 1FB8D0E49C40A776CCC093882B7CBCB8 Mvg Paul

Het logbestand ComboFix 13-01-08.01 - Paul 09/01/2013 14:50:44.1.4 - x64 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1764 [GMT 1:00] Gestart vanuit: c:\users\Paul\Downloads\ComboFix.exe AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C} SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Nieuw herstelpunt werd aangemaakt . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\FullRemove.exe c:\windows\msvcr71.dll . . (((((((((((((((((((( Bestanden Gemaakt van 2012-12-09 to 2013-01-09 )))))))))))))))))))))))))))))) . . 2013-01-09 13:55 . 2013-01-09 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp 2013-01-08 21:47 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF41AE59-81C4-46FA-BDBA-463C9A3A14A8}\mpengine.dll 2013-01-08 20:51 . 2013-01-08 20:51 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2013-01-08 20:51 . 2013-01-08 20:51 -------- d-----w- c:\program files (x86)\Trend Micro 2013-01-08 18:43 . 2013-01-08 18:43 -------- d-----w- c:\programdata\WoW Worldwide Software LTD 2013-01-08 18:42 . 2013-01-08 18:50 -------- d-----w- c:\program files (x86)\Optimizer Pro 2013-01-08 18:42 . 2013-01-08 18:43 -------- d-----w- c:\programdata\Premium 2013-01-08 18:25 . 2013-01-08 18:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe 2013-01-08 18:24 . 2013-01-08 18:24 -------- d-----w- c:\program files\Adobe 2013-01-08 18:22 . 2013-01-08 18:25 -------- d-----w- c:\program files\Common Files\Adobe 2013-01-08 18:21 . 2013-01-08 18:21 -------- d-----w- c:\program files (x86)\Adobe Media Player 2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\users\Paul\AppData\Local\CRE 2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\program files (x86)\uTorrent 2013-01-08 17:12 . 2013-01-09 13:52 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent 2013-01-08 16:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll 2013-01-08 11:50 . 2013-01-08 11:50 -------- d-----w- c:\program files\Stellarium 2013-01-03 20:02 . 2013-01-03 20:03 -------- d-----w- c:\users\Paul\AppData\Roaming\HpUpdate 2013-01-03 20:02 . 2013-01-03 20:02 -------- d-----w- c:\windows\Hewlett-Packard 2013-01-02 09:20 . 2013-01-02 09:20 -------- d-----w- c:\users\Paul\AppData\Local\Google 2012-12-28 13:37 . 2012-12-28 13:37 -------- d-----w- c:\users\Paul\AppData\Local\Programs 2012-12-26 08:03 . 2012-12-26 16:50 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird 2012-12-25 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll 2012-12-25 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll 2012-12-25 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll 2012-12-25 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll 2012-12-25 16:49 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll 2012-12-25 16:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll 2012-12-25 16:48 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll 2012-12-25 16:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll 2012-12-25 16:45 . 2012-12-25 16:46 -------- d-----w- C:\24099cdff77651f2cd798f0041 . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-12-20 22:24 . 2012-10-09 16:38 67413224 ----a-w- c:\windows\system32\MRT.exe 2012-12-14 15:49 . 2012-10-09 13:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-12-11 19:05 . 2012-10-09 16:10 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2012-12-11 19:05 . 2012-10-09 16:10 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2012-12-10 12:08 . 2012-12-10 12:08 73216 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys 2012-12-10 12:08 . 2012-12-10 12:08 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys 2012-12-10 12:08 . 2012-12-10 12:08 224768 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys 2012-12-10 12:08 . 2012-12-10 12:08 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys 2012-12-10 12:08 . 2012-12-10 12:08 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys 2012-12-10 12:08 . 2012-12-10 12:08 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys 2012-12-10 12:08 . 2012-12-10 12:08 436224 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys 2012-12-10 12:08 . 2012-12-10 12:08 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys 2012-12-10 12:08 . 2012-12-10 12:08 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys 2012-12-10 12:08 . 2012-12-10 12:08 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys 2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll 2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll 2012-12-10 12:08 . 2012-12-10 12:08 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys 2012-12-10 12:08 . 2012-12-10 12:08 104448 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys 2012-11-28 18:22 . 2012-11-28 18:22 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88DE1E05-0533-4730-B39E-A6BB90DD7F08}\gapaengine.dll 2012-11-21 10:21 . 2012-11-21 10:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2012-11-21 10:21 . 2012-11-21 10:21 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll 2012-11-21 10:21 . 2012-11-21 10:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll 2012-10-18 12:22 . 2012-10-20 13:13 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll 2012-10-16 08:38 . 2012-12-03 10:47 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll 2012-10-16 08:38 . 2012-12-03 10:47 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll 2012-10-16 07:39 . 2012-12-03 10:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll 2012-10-12 07:19 . 2012-10-18 12:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE407C5-C5CB-4604-8360-2ABEB59356C3}\mpengine.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-08 969104] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504] "Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-30 2429] "StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304] "ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656] "ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624] "HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008] "APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208] "SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096] "AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "LoadAppInit_DLLs"=1 (0x1) . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32] "mixer"=wdmaud.drv . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc] @="Service" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] R2 LlamaYA movil. RunOuc;LlamaYA movil. OUC;c:\program files (x86)\LlamaYA movil\UpdateDog\ouc.exe [2012-12-10 655712] R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344] R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-10 117248] R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-12-10 104448] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072] R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456] R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896] R3 QHY5II_A;QHY5II_A;c:\windows\system32\DRIVERS\QHY5II_A.sys [2012-08-08 24000] R3 QHY5II_B;QHY5II_B;c:\windows\system32\DRIVERS\QHY5II_B.sys [2012-08-08 55232] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456] R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832] R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856] R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-10 1255736] S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752] S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416] S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976] S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184] S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240] S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760] S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344] S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-10 90112] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176] . . --- Andere Services/Drivers In Geheugen --- . *NewlyCreated* - WS2IFSL . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . Inhoud van de 'Gedeelde Taken' map . 2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 19:05] . 2013-01-09 c:\windows\Tasks\OptimizerProUpdaterTask{3090683D-1EDB-41CF-B730-65A80BD4B2D0}.job - c:\programdata\Premium\OptimizerPro\OptimizerPro.exe [2013-01-08 14:50] . 2013-01-09 c:\windows\Tasks\SaveAsUpdaterTask{3DA8E909-D07A-4F1D-9BBB-FC719F927D86}.job - c:\programdata\Premium\SaveAs\SaveAs.exe [2013-01-08 14:50] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B] @="{6D4133E5-0742-4ADC-8A8C-9303440F7190}" [HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O] @="{64174815-8D98-4CE6-8646-4C039977D808}" [HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}] 2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440] "ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424] "AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584] "MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704] "AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208] . ------- Bijkomende Scan ------- . uLocal Page = c:\windows\system32\blank.htm uDefault_Search_URL = hxxp://www.google.com/ie mLocal Page = c:\windows\SysWOW64\blank.htm uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\ FF - prefs.js: browser.search.defaulturl - FF - ExtSQL: !HIDDEN! 2012-10-09 17:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 . - - - - ORPHANS VERWIJDERD - - - - . Toolbar-Locked - (no file) Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe Wow6432Node-HKLM-Run-<NO NAME> - (no file) Toolbar-Locked - (no file) WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file) HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd AddRemove-SP_156f8a5f - c:\program files (x86)\SaveAs\uninstall.exe . . . --------------------- VERGRENDELDE REGISTER SLEUTELS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Voltooingstijd: 2013-01-09 14:57:01 ComboFix-quarantined-files.txt 2013-01-09 13:57 . Pre-Run: 434.248.638.464 bytes beschikbaar Post-Run: 435.724.361.728 bytes beschikbaar . - - End Of File - - C2D0301EC909DE97550D7CB6231DA1A6 mvg Paul

Hallo Kapa dit geeft mijn mbam ook regelmatig sinds gisteren:toegang tot een kwaadaardige website is succesvol geblokkeerd 85.234.175.51 type:uitgaande verbinding poort:50446 proces:utorrent.exe mvg Paul

Hallo, ik ben van plan een nieuwe laptop te kopen maar er moet zeker photoshop cs6 op kunnen draaien en liefst 17 inch wat voor toestel raden jullie en wat gaat mij dat kosten? mvg Paul

Heel erg bedankt om te helpen.logbestand antivirus volgt # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29 # Geactualiseerd op 08/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Paul - PAUL-LPT # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : CltMngSvc ***** [Files / Mappen] ***** File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\SaveAs Map Verwijdert : C:\Program Files (x86)\SearchProtect Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect Verwijdert bij het opstarten : C:\ProgramData\Premium ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\SearchProtect Sleutel Verwijdert : HKLM\Software\SP Global Sleutel Verwijdert : HKLM\Software\SProtector Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (nl) File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS"); Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE"); Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206"); Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium"); Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT"); Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C"); Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh"); Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...] Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA=="); Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT2865317.FirstTime", "true"); Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true"); Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw=="); Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...] Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830"); Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.autoDisableScopes", -1); Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU="); Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw"); Verwijdert : user_pref("CT2865317.defaultSearch", "true"); Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT2865317.enableAlerts", "always"); Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT2865317.fixUrls", true); Verwijdert : user_pref("CT2865317.installType", "xpe"); Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT2865317.isNewTabEnabled", true); Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.keyword", true); Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true); Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT2865317.openThankYouPage", "true"); Verwijdert : user_pref("CT2865317.openUninstallPage", "false"); Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv"); Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104"); Verwijdert : user_pref("CT2865317.search.searchCount", "0"); Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918"); Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154"); Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880"); Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842"); Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120"); Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175"); Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930"); Verwijdert : user_pref("CT2865317.settingsINI", true); Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317"); Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT2865317.smartbar.homepage", true); Verwijdert : user_pref("CT2865317.smartbar.isHidden", true); Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL "); Verwijdert : user_pref("CT2865317.startPage", "userChanged"); Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...] Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...] Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true"); Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT3272810.FirstTime", "true"); Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true"); Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18"); Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...] Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797"); Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.autoDisableScopes", -1); Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw"); Verwijdert : user_pref("CT3272810.defaultSearch", "true"); Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT3272810.enableAlerts", "always"); Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT3272810.fixUrls", true); Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.installId", "9818"); Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration"); Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT3272810.isNewTabEnabled", true); Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT3272810.keyword", true); Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...] Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...] Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ=="); Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ=="); Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...] Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx"); Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...] Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true); Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT3272810.openThankYouPage", "false"); Verwijdert : user_pref("CT3272810.openUninstallPage", "false"); Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...] Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823"); Verwijdert : user_pref("CT3272810.search.searchCount", "0"); Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582"); Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238"); Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475"); Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516"); Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269"); Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618"); Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546"); Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250"); Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372"); Verwijdert : user_pref("CT3272810.settingsINI", true); Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810"); Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT3272810.smartbar.homepage", true); Verwijdert : user_pref("CT3272810.smartbar.isHidden", true); Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 "); Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...] Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...] Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810"); Verwijdert : user_pref("aol_toolbar.default.homepage.check", false); Verwijdert : user_pref("aol_toolbar.default.search.check", false); Verwijdert : user_pref("browser.search.order.1", "Ask.com"); Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...] Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...] Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...] Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Verwijdert : user_pref("smartbar.originalSearchAddressUrl", ""); Verwijdert : user_pref("smartbar.originalSearchEngine", false); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", ""); ************************* AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49] AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29] ########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ########## # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29 # Geactualiseerd op 08/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Paul - PAUL-LPT # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : CltMngSvc ***** [Files / Mappen] ***** File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\SaveAs Map Verwijdert : C:\Program Files (x86)\SearchProtect Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect Verwijdert bij het opstarten : C:\ProgramData\Premium ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\SearchProtect Sleutel Verwijdert : HKLM\Software\SP Global Sleutel Verwijdert : HKLM\Software\SProtector Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (nl) File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS"); Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE"); Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206"); Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium"); Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT"); Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C"); Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh"); Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...] Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA=="); Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT2865317.FirstTime", "true"); Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true"); Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw=="); Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...] Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830"); Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.autoDisableScopes", -1); Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU="); Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw"); Verwijdert : user_pref("CT2865317.defaultSearch", "true"); Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT2865317.enableAlerts", "always"); Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT2865317.fixUrls", true); Verwijdert : user_pref("CT2865317.installType", "xpe"); Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT2865317.isNewTabEnabled", true); Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.keyword", true); Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true); Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT2865317.openThankYouPage", "true"); Verwijdert : user_pref("CT2865317.openUninstallPage", "false"); Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv"); Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104"); Verwijdert : user_pref("CT2865317.search.searchCount", "0"); Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918"); Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154"); Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880"); Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842"); Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120"); Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175"); Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930"); Verwijdert : user_pref("CT2865317.settingsINI", true); Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317"); Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT2865317.smartbar.homepage", true); Verwijdert : user_pref("CT2865317.smartbar.isHidden", true); Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL "); Verwijdert : user_pref("CT2865317.startPage", "userChanged"); Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...] Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...] Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true"); Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT3272810.FirstTime", "true"); Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true"); Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18"); Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...] Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797"); Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.autoDisableScopes", -1); Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw"); Verwijdert : user_pref("CT3272810.defaultSearch", "true"); Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT3272810.enableAlerts", "always"); Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT3272810.fixUrls", true); Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.installId", "9818"); Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration"); Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT3272810.isNewTabEnabled", true); Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT3272810.keyword", true); Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...] Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...] Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ=="); Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ=="); Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...] Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx"); Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...] Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true); Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT3272810.openThankYouPage", "false"); Verwijdert : user_pref("CT3272810.openUninstallPage", "false"); Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...] Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823"); Verwijdert : user_pref("CT3272810.search.searchCount", "0"); Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582"); Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238"); Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475"); Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516"); Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269"); Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618"); Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546"); Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250"); Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372"); Verwijdert : user_pref("CT3272810.settingsINI", true); Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810"); Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT3272810.smartbar.homepage", true); Verwijdert : user_pref("CT3272810.smartbar.isHidden", true); Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 "); Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...] Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...] Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810"); Verwijdert : user_pref("aol_toolbar.default.homepage.check", false); Verwijdert : user_pref("aol_toolbar.default.search.check", false); Verwijdert : user_pref("browser.search.order.1", "Ask.com"); Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...] Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...] Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...] Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Verwijdert : user_pref("smartbar.originalSearchAddressUrl", ""); Verwijdert : user_pref("smartbar.originalSearchEngine", false); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", ""); ************************* AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49] AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29] ########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ########## # AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29 # Geactualiseerd op 08/01/2013 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruiker : Paul - PAUL-LPT # Opstarten Modus : Normale modus # Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe # Optie [Verwijderen] ***** [Diensten] ***** Gestopt & Verwijdert : CltMngSvc ***** [Files / Mappen] ***** File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe Map Verwijdert : C:\Program Files (x86)\Conduit Map Verwijdert : C:\Program Files (x86)\SaveAs Map Verwijdert : C:\Program Files (x86)\SearchProtect Map Verwijdert : C:\ProgramData\Ask Map Verwijdert : C:\ProgramData\InstallMate Map Verwijdert : C:\ProgramData\Partner Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect Verwijdert bij het opstarten : C:\ProgramData\Premium ***** [Register] ***** Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector Sleutel Verwijdert : HKCU\Software\Conduit Sleutel Verwijdert : HKCU\Software\InstallCore Sleutel Verwijdert : HKCU\Software\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317 Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8} Sleutel Verwijdert : HKLM\Software\Conduit Sleutel Verwijdert : HKLM\Software\SearchProtect Sleutel Verwijdert : HKLM\Software\SP Global Sleutel Verwijdert : HKLM\Software\SProtector Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC} Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67} Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll] ***** [browsers] ***** -\\ Internet Explorer v9.0.8112.16457 [OK] Het register bevat geen enkele ongeoorloofde invoer. -\\ Mozilla Firefox v17.0.1 (nl) File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS"); Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE"); Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206"); Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium"); Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT"); Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C"); Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh"); Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...] Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA=="); Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT2865317.FirstTime", "true"); Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true"); Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw=="); Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true); Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...] Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830"); Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.autoDisableScopes", -1); Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU="); Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw"); Verwijdert : user_pref("CT2865317.defaultSearch", "true"); Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT2865317.enableAlerts", "always"); Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT2865317.fixUrls", true); Verwijdert : user_pref("CT2865317.installType", "xpe"); Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT2865317.isNewTabEnabled", true); Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.keyword", true); Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true); Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT2865317.openThankYouPage", "true"); Verwijdert : user_pref("CT2865317.openUninstallPage", "false"); Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv"); Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104"); Verwijdert : user_pref("CT2865317.search.searchCount", "0"); Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474"); Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918"); Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154"); Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880"); Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842"); Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120"); Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211"); Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175"); Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930"); Verwijdert : user_pref("CT2865317.settingsINI", true); Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317"); Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT2865317.smartbar.homepage", true); Verwijdert : user_pref("CT2865317.smartbar.isHidden", true); Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL "); Verwijdert : user_pref("CT2865317.startPage", "userChanged"); Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...] Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...] Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true"); Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...] Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...] Verwijdert : user_pref("CT3272810.FirstTime", "true"); Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true"); Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18"); Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true); Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...] Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797"); Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.autoDisableScopes", -1); Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true); Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw"); Verwijdert : user_pref("CT3272810.defaultSearch", "true"); Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...] Verwijdert : user_pref("CT3272810.enableAlerts", "always"); Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true"); Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true"); Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true"); Verwijdert : user_pref("CT3272810.fixUrls", true); Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg=="); Verwijdert : user_pref("CT3272810.installId", "9818"); Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration"); Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true); Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false"); Verwijdert : user_pref("CT3272810.isNewTabEnabled", true); Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true"); Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}"); Verwijdert : user_pref("CT3272810.keyword", true); Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24="); Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...] Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...] Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ=="); Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ=="); Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...] Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx"); Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...] Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true); Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...] Verwijdert : user_pref("CT3272810.openThankYouPage", "false"); Verwijdert : user_pref("CT3272810.openUninstallPage", "false"); Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...] Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false"); Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823"); Verwijdert : user_pref("CT3272810.search.searchCount", "0"); Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true"); Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}"); Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...] Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...] Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582"); Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238"); Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475"); Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516"); Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269"); Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618"); Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515"); Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546"); Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250"); Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372"); Verwijdert : user_pref("CT3272810.settingsINI", true); Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false"); Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810"); Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0"); Verwijdert : user_pref("CT3272810.smartbar.homepage", true); Verwijdert : user_pref("CT3272810.smartbar.isHidden", true); Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 "); Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013"); Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...] Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...] Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...] Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...] Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810"); Verwijdert : user_pref("aol_toolbar.default.homepage.check", false); Verwijdert : user_pref("aol_toolbar.default.search.check", false); Verwijdert : user_pref("browser.search.order.1", "Ask.com"); Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search"); Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...] Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0); Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0); Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...] Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...] Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...] Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties"); Verwijdert : user_pref("smartbar.originalSearchAddressUrl", ""); Verwijdert : user_pref("smartbar.originalSearchEngine", false); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", ""); Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", ""); Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", ""); Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", ""); Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", ""); ************************* AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49] AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29] ########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ########## - - - Updated - - - Het log bestand van het antivirus dat is het enige dat ik u kan toesturen ik kan ook geen resultaten zijn en het enige dat ik kan verwijderen is het logbestand. Malwarebytes Anti-Malware (PRO) 1.70.0.1100 www.malwarebytes.org Databaseversie: v2013.01.09.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Paul :: PAUL-LPT [administrator] Bescherming: Ingeschakeld 9/01/2013 11:57:34 mbam-log-2013-01-09 (11-57-34).txt Scan type: Snelle scan Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scan opties: P2P Objecten gescand: 215031 Verstreken tijd: 2 minuut/minuten, 19 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) (einde) mvg Paul

Malwarebytes Anti-Malware (PRO) 1.65.1.1000 Malwarebytes : Free anti-malware download Databaseversie: v2012.12.11.12 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 Paul :: PAUL-LPT [administrator] Realtime bescherming: Ingeschakeld 11/12/2012 23:33:41 mbam-log-2012-12-11 (23-33-41).txt Scantype: Snelle scan Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM Uitgeschakelde scanopties: P2P Objecten gescand: 210861 Verstreken tijd: 4 minuut/minuten, 49 seconde(n) Geheugenprocessen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Geheugenmodulen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registersleutels gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerwaarden gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Registerdata gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Mappen gedetecteerd: 0 (Geen kwaadaardige objecten gedetecteerd) Bestanden gedetecteerd: 2 C:\Users\Paul\Downloads\installer_winzip(1).exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen. C:\Users\Paul\Downloads\installer_winzip.exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen. (einde) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 10:58:40, on 9/01/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\SearchProtect\bin\cltmng.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11178 bytes

Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:58:23, on 8/01/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16457) Boot mode: Normal Running processes: C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe C:\ProgramData\DatacardService\DCSHelper.exe C:\Windows\AsScrPro.exe C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe C:\Program Files (x86)\uTorrent\uTorrent.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe C:\Program Files (x86)\SearchProtect\bin\cltmng.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file) F2 - REG:system.ini: UserInit=userinit.exe, O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5" O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0" O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12 O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED O4 - HKCU\..\Run: [searchProtect] C:\Users\Paul\AppData\Roaming\SearchProtect\cltmng.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Global Startup: FancyStart daemon.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O20 - AppInit_DLLs: c:\progra~2\saveas\sprote~1.dll O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing) O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing) O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11972 bytes

Hallo Vandaag search.conduit.com binnen gekregen hoe moet ik het verwijderen. mvg Paul

hallo kape mag ik u hartelijk bedanken voor al uw help het is opgelost mvg paul

hallo,kape het gevraagde log ComboFix 12-09-27.03 - Paul 27/09/2012 19:49:25.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3007.2305 [GMT 2:00] Gestart vanuit: c:\documents and settings\Paul\Mijn documenten\Downloads\ComboFix.exe . . (((((((((((((((((((((((((((((((((( Andere Verwijderingen ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\Paul\Application Data\Toolbar4 c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\cache\44cc2ea552a0c51e9190430b66594e9a c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\favicon16.png c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\logo16.png c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\searchbut16.png c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\searchbut16on.png c:\program files\ChatZum Toolbar\tbunsz13.tmp\tbHElper.dll c:\windows\system32\URTTemp c:\windows\system32\URTTemp\fusion.dll c:\windows\system32\URTTemp\mscoree.dll c:\windows\system32\URTTemp\mscoree.dll.local c:\windows\system32\URTTemp\mscorsn.dll c:\windows\system32\URTTemp\mscorwks.dll c:\windows\system32\URTTemp\msvcr71.dll c:\windows\system32\URTTemp\regtlib.exe . . (((((((((((((((((((( Bestanden Gemaakt van 2012-08-27 to 2012-09-27 )))))))))))))))))))))))))))))) . . 2012-09-25 16:53 . 2012-09-25 16:53 -------- d-----w- C:\AMD 2012-09-24 19:01 . 2012-09-26 18:27 -------- d-----r- C:\Program Files . . . ((((((((((((((((((((((((((((((((((((((( Find3M Rapport )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-28 15:17 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll 2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll 2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl 2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec 2012-07-06 13:58 . 2008-04-15 12:00 78336 ----a-w- c:\windows\system32\browser.dll 2012-07-03 18:23 . 2008-04-15 12:00 1866240 ----a-w- c:\windows\system32\win32k.sys 2012-09-06 01:26 . 2012-09-25 16:29 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten ))))))))))))))))))))))))))))))))))))))))))))))))))) . . *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond REGEDIT4 . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-10-09 1036288] "JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304] . c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\ ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2012-9-25 987136] . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [24/09/2012 20:20 399432] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [24/09/2012 20:20 676936] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [25/09/2012 18:56 103040] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [24/09/2012 20:20 22856] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/09/2012 18:29 114144] S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [25/09/2012 18:27 176128] S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [25/09/2012 18:27 13532] . . ------- Bijkomende Scan ------- . TCP: DhcpNameServer = 195.130.131.132 195.130.130.4 FF - ProfilePath - c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\0ib4xqoo.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://utils.chatzum.com/?url= . - - - - ORPHANS VERWIJDERD - - - - . WebBrowser-{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - c:\program files\ChatZum Toolbar\tbunsz13.tmp\tbcore3.dll . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover Rootkit scan 2012-09-27 19:52 Windows 5.1.2600 Service Pack 3 NTFS . scannen van verborgen processen ... . scannen van verborgen autostart items ... . scannen van verborgen bestanden ... . Scan succesvol afgerond verborgen bestanden: 0 . ************************************************************************** . --------------------- DLLs Geladen Onder Lopende Processen --------------------- . - - - - - - - > 'winlogon.exe'(704) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . Voltooingstijd: 2012-09-27 19:53:52 ComboFix-quarantined-files.txt 2012-09-27 17:53 . Pre-Run: 45.213.786.112 bytes beschikbaar Post-Run: 45.403.557.888 bytes beschikbaar . WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 09259AEB648D3180B195C84A61E5ACE9 mvg paul