andromeda
-
Items
28 -
Registratiedatum
-
Laatst bezocht
Inhoudstype
Profielen
Forums
Store
Berichten die geplaatst zijn door andromeda
-
-
De snelheid is terug normaal heel erg bedankt voor de hulp.Moet ik verder nog iets doen?
mvg Paul
-
Het gevraagde logje
# AdwCleaner v2.301 - Verslag gemaakt op 29/05/2013 om 15:48:12
# Geactualiseerd op 16/05/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Paul - PAUL-LPT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner.exe
# Optie [Zoeken]
***** [Diensten] *****
***** [Files / Mappen] *****
Map Aanwezig : C:\ProgramData\InstallMate
Map Aanwezig : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Map Aanwezig : C:\Users\Paul\AppData\Local\PackageAware
Map Aanwezig : C:\Users\Paul\AppData\LocalLow\Conduit
Map Aanwezig : C:\Users\Paul\AppData\Roaming\ParetoLogic
***** [Register] *****
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Aanwezig : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Aanwezig : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Sleutel Aanwezig : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Sleutel Aanwezig : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Sleutel Aanwezig : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Sleutel Aanwezig : HKU\S-1-5-21-1413030965-2881553199-1589250565-1001\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
***** [browsers] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v21.0 (nl)
File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js
[OK] De file bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]
File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[R3].txt - [2265 octets] - [29/05/2013 15:48:12]
########## EOF - C:\AdwCleaner[R3].txt - [2325 octets] ##########
mvg Paul
- - - Updated - - -
Sorry het juiste logje
# AdwCleaner v2.301 - Verslag gemaakt op 29/05/2013 om 15:50:33
# Geactualiseerd op 16/05/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Paul - PAUL-LPT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner.exe
# Optie [Verwijderen]
***** [Diensten] *****
***** [Files / Mappen] *****
Map Verwijdert : C:\ProgramData\InstallMate
Map Verwijdert : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Map Verwijdert : C:\Users\Paul\AppData\Local\PackageAware
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
Map Verwijdert : C:\Users\Paul\AppData\Roaming\ParetoLogic
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Sleutel Verwijdert : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASAPI32
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Tracing\ConduitInstaller_RASMANCS
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\cjofdnhdkbflacojpfpkchgafjahijbb
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}
Sleutel Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
***** [browsers] *****
-\\ Internet Explorer v10.0.9200.16576
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v21.0 (nl)
File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js
[OK] De file bevat geen enkele ongeoorloofde invoer.
-\\ Google Chrome v [Onmogelijk de versie te verkrijgen]
File : C:\Users\Paul\AppData\Local\Google\Chrome\User Data\Default\Preferences
[OK] De file bevat geen enkele ongeoorloofde invoer.
*************************
AdwCleaner[R3].txt - [2390 octets] - [29/05/2013 15:48:12]
AdwCleaner[s3].txt - [2198 octets] - [29/05/2013 15:50:33]
########## EOF - C:\AdwCleaner[s3].txt - [2258 octets] ##########
mvg Paul
-
Hallo,
2 dagen geleden een virus binnen gehad is verwijderd met MALWARE PRO maar computer blijft traag.Heb reeds een Hijack logje gemaakt.
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:28:00, on 29/05/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16576)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN NL: Hotmail, Outlook, Skype, Messenger, het laatste nieuws, entertainment en meer!
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9935 bytes
mvg Paul
-
Hallo,
Waarom kan ik wanneer ik naar een filmpje van youtupe wil kijken alleen maar de kleine versie bekijken en wanneer ik het volledig scherm selekteer ik alleen maar geluid heb en geen beeld.
mvg Paul
-
maar verlies ik dan niet veel data als ik werk met andere formaten dan RAW.
mvg Paul
-
Hallo,
Heb vandaag photoshop CS2 de versie die adobe nu gratis ter beschikking stelt gedownleod op mijn laptop met windows 7 64 ik kan wel jpg bestanden open doen en bewerken maar RAW bestanden doet hij niet open ook heb ik de compatibilty mode verzet naar "Windows XP Service Pack 3 en dan run als administrator laten lopen maar nog wil hij geen RAW bestanden openen en bij een vriend van mij werkt het wel met windows 7.
mvg Paul
-
hallo
De laptop zou enkel worden gebruikt voor photoshop en meer specifiek voor astrofotos daar ik een astro amateur ben en de prijs doet er niet toe als ik maar zeker ben dat alles werkt.
mvg Paul
-
Met zeer veel dank voor alle hulp.
mvg Paul
-
Dank u vriendelijk voor de informatie.
mvg Paul
-
niets van alles wat je hebt voorgesteld werkt en bedoel dan adwaeclaener kan ik niet vinden en combofix staat in mijn taak balk en als ik er op klik begint hij direkt te sannen is een exe bestand
mvg Paul
-
nee Kape ik heb het er gisteren niet op mijn buroblad gekregen maar wel gebruikt
mvg Paul
-
Hallo ik kan nergens adwcleanern niet vinden.
mvg Paul
-
en de virus scanner zegt niets meer
mvg Paul
-
Wie weet het laatste logje?
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
Malwarebytes : Free anti-malware download
Databaseversie: v2013.01.09.07
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paul :: PAUL-LPT [administrator]
Bescherming: Uitgeschakeld
9/01/2013 19:55:34
mbam-log-2013-01-09 (19-55-34).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 215581
Verstreken tijd: 3 minuut/minuten, 56 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
Kape heelerg bedankt voor al uw moeite
mvg Paul
-
Hallo
Het gevraagde logje.
ComboFix 13-01-08.01 - Paul 09/01/2013 19:17:03.2.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1879 [GMT 1:00]
Gestart vanuit: c:\users\Paul\Downloads\ComboFix.exe
gebruikte Opdracht switches :: c:\users\Paul\Desktop\cfscript
AV: Microsoft Security Essentials *Enabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Enabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Optimizer Pro
c:\programdata\Premium
c:\programdata\Premium\OptimizerPro\OptimizerPro.exe
c:\programdata\Premium\OptimizerPro\profile.ini
c:\programdata\Premium\OptimizerPro\run2413.tmp
c:\programdata\Premium\OptimizerPro\run2A8A.tmp
c:\programdata\Premium\OptimizerPro\runB398.tmp
c:\programdata\Premium\OptimizerPro\runD450.tmp
c:\programdata\Premium\OptimizerPro\runDF09.tmp
c:\programdata\Premium\SaveAs\profile.ini
c:\programdata\Premium\SaveAs\run2FC7.tmp
c:\programdata\Premium\SaveAs\runA7D2.tmp
c:\programdata\Premium\SaveAs\runE61A.tmp
c:\programdata\Premium\SaveAs\SaveAs.exe
c:\programdata\WoW Worldwide Software LTD
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-12-09 to 2013-01-09 ))))))))))))))))))))))))))))))
.
.
2013-01-09 18:21 . 2013-01-09 18:21 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-09 15:42 . 2012-11-20 05:48 307200 ----a-w- c:\windows\system32\ncrypt.dll
2013-01-09 15:42 . 2012-11-20 04:51 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2013-01-09 15:42 . 2012-11-01 05:43 2002432 ----a-w- c:\windows\system32\msxml6.dll
2013-01-09 15:42 . 2012-11-01 05:43 1882624 ----a-w- c:\windows\system32\msxml3.dll
2013-01-09 15:42 . 2012-11-01 04:47 1389568 ----a-w- c:\windows\SysWow64\msxml6.dll
2013-01-09 15:42 . 2012-11-01 04:47 1236992 ----a-w- c:\windows\SysWow64\msxml3.dll
2013-01-09 15:42 . 2012-11-09 05:45 750592 ----a-w- c:\windows\system32\win32spl.dll
2013-01-09 15:42 . 2012-11-09 04:43 492032 ----a-w- c:\windows\SysWow64\win32spl.dll
2013-01-09 15:42 . 2012-11-23 03:26 3149824 ----a-w- c:\windows\system32\win32k.sys
2013-01-09 15:42 . 2012-11-23 03:13 68608 ----a-w- c:\windows\system32\taskhost.exe
2013-01-09 13:59 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{7AEB5DF5-7D11-47F2-816C-DFDED349AA7C}\mpengine.dll
2013-01-08 20:51 . 2013-01-08 20:51 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-08 20:51 . 2013-01-08 20:51 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-08 18:25 . 2013-01-08 18:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-01-08 18:24 . 2013-01-08 18:24 -------- d-----w- c:\program files\Adobe
2013-01-08 18:22 . 2013-01-08 18:25 -------- d-----w- c:\program files\Common Files\Adobe
2013-01-08 18:21 . 2013-01-08 18:21 -------- d-----w- c:\program files (x86)\Adobe Media Player
2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\users\Paul\AppData\Local\CRE
2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-08 17:12 . 2013-01-09 18:19 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent
2013-01-08 16:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-08 11:50 . 2013-01-08 11:50 -------- d-----w- c:\program files\Stellarium
2013-01-03 20:02 . 2013-01-03 20:03 -------- d-----w- c:\users\Paul\AppData\Roaming\HpUpdate
2013-01-03 20:02 . 2013-01-03 20:02 -------- d-----w- c:\windows\Hewlett-Packard
2013-01-02 09:20 . 2013-01-02 09:20 -------- d-----w- c:\users\Paul\AppData\Local\Google
2012-12-28 13:37 . 2012-12-28 13:37 -------- d-----w- c:\users\Paul\AppData\Local\Programs
2012-12-26 08:03 . 2012-12-26 16:50 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-12-25 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-25 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-25 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-25 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-25 16:49 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-25 16:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-25 16:48 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-25 16:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-25 16:45 . 2012-12-25 16:46 -------- d-----w- C:\24099cdff77651f2cd798f0041
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-01-09 15:43 . 2012-10-09 16:38 67599240 ----a-w- c:\windows\system32\MRT.exe
2012-12-14 15:49 . 2012-10-09 13:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-11 19:05 . 2012-10-09 16:10 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 19:05 . 2012-10-09 16:10 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-10 12:08 . 2012-12-10 12:08 73216 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2012-12-10 12:08 . 2012-12-10 12:08 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-12-10 12:08 . 2012-12-10 12:08 224768 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2012-12-10 12:08 . 2012-12-10 12:08 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-12-10 12:08 . 2012-12-10 12:08 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-12-10 12:08 . 2012-12-10 12:08 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-12-10 12:08 . 2012-12-10 12:08 436224 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2012-12-10 12:08 . 2012-12-10 12:08 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-12-10 12:08 . 2012-12-10 12:08 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-12-10 12:08 . 2012-12-10 12:08 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-12-10 12:08 . 2012-12-10 12:08 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-12-10 12:08 . 2012-12-10 12:08 104448 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-11-28 18:22 . 2012-11-28 18:22 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88DE1E05-0533-4730-B39E-A6BB90DD7F08}\gapaengine.dll
2012-11-21 10:21 . 2012-11-21 10:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-21 10:21 . 2012-11-21 10:21 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-21 10:21 . 2012-11-21 10:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-11-08 10:29 . 2012-11-08 10:29 1402312 ----a-w- c:\windows\SysWow64\msxml4.dll
2012-10-18 12:22 . 2012-10-20 13:13 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-16 08:38 . 2012-12-03 10:47 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-03 10:47 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-03 10:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 07:19 . 2012-10-18 12:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE407C5-C5CB-4604-8360-2ABEB59356C3}\mpengine.dll
.
.
(((((((((((((((((((((((((((((((((((((((((((( Look )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of C:\24099cdff77651f2cd798f0041 ----
.
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-08 969104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-30 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 LlamaYA movil. RunOuc;LlamaYA movil. OUC;c:\program files (x86)\LlamaYA movil\UpdateDog\ouc.exe [2012-12-10 655712]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-10 117248]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-12-10 104448]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 QHY5II_A;QHY5II_A;c:\windows\system32\DRIVERS\QHY5II_A.sys [2012-08-08 24000]
R3 QHY5II_B;QHY5II_B;c:\windows\system32\DRIVERS\QHY5II_B.sys [2012-08-08 55232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-10 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-10 90112]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 19:05]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"Setwallpaper"="c:\programdata\SetWallpaper.cmd" [bU]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 195.130.131.132 195.130.130.4
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: !HIDDEN! 2012-10-09 17:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
AddRemove-SP_156f8a5f - c:\program files (x86)\SaveAs\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-01-09 19:24:07
ComboFix-quarantined-files.txt 2013-01-09 18:24
ComboFix2.txt 2013-01-09 13:57
.
Pre-Run: 435.769.282.560 bytes beschikbaar
Post-Run: 435.738.574.848 bytes beschikbaar
.
- - End Of File - - 1FB8D0E49C40A776CCC093882B7CBCB8
Mvg Paul
-
Het logbestand
ComboFix 13-01-08.01 - Paul 09/01/2013 14:50:44.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.32.1043.18.2989.1764 [GMT 1:00]
Gestart vanuit: c:\users\Paul\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {B140BF4E-23BB-4198-90AB-A51A4C60A69C}
SP: Microsoft Security Essentials *Disabled/Updated* {0A215EAA-0581-4E16-AA1B-9E6837E7EC21}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Nieuw herstelpunt werd aangemaakt
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\FullRemove.exe
c:\windows\msvcr71.dll
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-12-09 to 2013-01-09 ))))))))))))))))))))))))))))))
.
.
2013-01-09 13:55 . 2013-01-09 13:55 -------- d-----w- c:\users\Default\AppData\Local\temp
2013-01-08 21:47 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{DF41AE59-81C4-46FA-BDBA-463C9A3A14A8}\mpengine.dll
2013-01-08 20:51 . 2013-01-08 20:51 388096 ----a-r- c:\users\Paul\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2013-01-08 20:51 . 2013-01-08 20:51 -------- d-----w- c:\program files (x86)\Trend Micro
2013-01-08 18:43 . 2013-01-08 18:43 -------- d-----w- c:\programdata\WoW Worldwide Software LTD
2013-01-08 18:42 . 2013-01-08 18:50 -------- d-----w- c:\program files (x86)\Optimizer Pro
2013-01-08 18:42 . 2013-01-08 18:43 -------- d-----w- c:\programdata\Premium
2013-01-08 18:25 . 2013-01-08 18:25 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2013-01-08 18:24 . 2013-01-08 18:24 -------- d-----w- c:\program files\Adobe
2013-01-08 18:22 . 2013-01-08 18:25 -------- d-----w- c:\program files\Common Files\Adobe
2013-01-08 18:21 . 2013-01-08 18:21 -------- d-----w- c:\program files (x86)\Adobe Media Player
2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\users\Paul\AppData\Local\CRE
2013-01-08 17:13 . 2013-01-08 17:13 -------- d-----w- c:\program files (x86)\uTorrent
2013-01-08 17:12 . 2013-01-09 13:52 -------- d-----w- c:\users\Paul\AppData\Roaming\uTorrent
2013-01-08 16:35 . 2012-11-08 17:24 9125352 ----a-w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2013-01-08 11:50 . 2013-01-08 11:50 -------- d-----w- c:\program files\Stellarium
2013-01-03 20:02 . 2013-01-03 20:03 -------- d-----w- c:\users\Paul\AppData\Roaming\HpUpdate
2013-01-03 20:02 . 2013-01-03 20:02 -------- d-----w- c:\windows\Hewlett-Packard
2013-01-02 09:20 . 2013-01-02 09:20 -------- d-----w- c:\users\Paul\AppData\Local\Google
2012-12-28 13:37 . 2012-12-28 13:37 -------- d-----w- c:\users\Paul\AppData\Local\Programs
2012-12-26 08:03 . 2012-12-26 16:50 -------- d-----w- c:\program files (x86)\Mozilla Thunderbird
2012-12-25 22:40 . 2012-12-16 17:11 46080 ----a-w- c:\windows\system32\atmlib.dll
2012-12-25 22:40 . 2012-12-16 14:13 34304 ----a-w- c:\windows\SysWow64\atmlib.dll
2012-12-25 22:40 . 2012-12-16 14:45 367616 ----a-w- c:\windows\system32\atmfd.dll
2012-12-25 22:40 . 2012-12-16 14:13 295424 ----a-w- c:\windows\SysWow64\atmfd.dll
2012-12-25 16:49 . 2012-11-09 05:45 2048 ----a-w- c:\windows\system32\tzres.dll
2012-12-25 16:49 . 2012-11-09 04:42 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2012-12-25 16:48 . 2012-11-02 05:59 478208 ----a-w- c:\windows\system32\dpnet.dll
2012-12-25 16:48 . 2012-11-02 05:11 376832 ----a-w- c:\windows\SysWow64\dpnet.dll
2012-12-25 16:45 . 2012-12-25 16:46 -------- d-----w- C:\24099cdff77651f2cd798f0041
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-12-20 22:24 . 2012-10-09 16:38 67413224 ----a-w- c:\windows\system32\MRT.exe
2012-12-14 15:49 . 2012-10-09 13:48 24176 ----a-w- c:\windows\system32\drivers\mbam.sys
2012-12-11 19:05 . 2012-10-09 16:10 73656 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2012-12-11 19:05 . 2012-10-09 16:10 697272 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2012-12-10 12:08 . 2012-12-10 12:08 73216 ----a-w- c:\windows\system32\drivers\ew_jucdcecm.sys
2012-12-10 12:08 . 2012-12-10 12:08 30720 ----a-w- c:\windows\system32\drivers\ew_juextctrl.sys
2012-12-10 12:08 . 2012-12-10 12:08 224768 ----a-w- c:\windows\system32\drivers\ew_juwwanecm.sys
2012-12-10 12:08 . 2012-12-10 12:08 13952 ----a-w- c:\windows\system32\drivers\ew_usbenumfilter.sys
2012-12-10 12:08 . 2012-12-10 12:08 1001472 ----a-w- c:\windows\system32\drivers\mod7700.sys
2012-12-10 12:08 . 2012-12-10 12:08 90112 ----a-w- c:\windows\system32\drivers\ew_jubusenum.sys
2012-12-10 12:08 . 2012-12-10 12:08 436224 ----a-w- c:\windows\system32\drivers\ewusbwwan.sys
2012-12-10 12:08 . 2012-12-10 12:08 32768 ----a-w- c:\windows\system32\drivers\ewdcsc.sys
2012-12-10 12:08 . 2012-12-10 12:08 225920 ----a-w- c:\windows\system32\drivers\ewusbmdm.sys
2012-12-10 12:08 . 2012-12-10 12:08 22016 ----a-w- c:\windows\system32\drivers\ew_hwupgrade.sys
2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\WdfCoInstaller01007.dll
2012-12-10 12:08 . 2012-12-10 12:08 1490656 ----a-w- c:\windows\system32\drivers\WdfCoInstaller01007.dll
2012-12-10 12:08 . 2012-12-10 12:08 117248 ----a-w- c:\windows\system32\drivers\ew_hwusbdev.sys
2012-12-10 12:08 . 2012-12-10 12:08 104448 ----a-w- c:\windows\system32\drivers\ew_jucdcacm.sys
2012-11-28 18:22 . 2012-11-28 18:22 972264 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{88DE1E05-0533-4730-B39E-A6BB90DD7F08}\gapaengine.dll
2012-11-21 10:21 . 2012-11-21 10:21 95208 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2012-11-21 10:21 . 2012-11-21 10:21 821736 ----a-w- c:\windows\SysWow64\npDeployJava1.dll
2012-11-21 10:21 . 2012-11-21 10:21 746984 ----a-w- c:\windows\SysWow64\deployJava1.dll
2012-10-18 12:22 . 2012-10-20 13:13 972192 ------w- c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2012-10-16 08:38 . 2012-12-03 10:47 135168 ----a-w- c:\windows\apppatch\AppPatch64\AcXtrnal.dll
2012-10-16 08:38 . 2012-12-03 10:47 350208 ----a-w- c:\windows\apppatch\AppPatch64\AcLayers.dll
2012-10-16 07:39 . 2012-12-03 10:47 561664 ----a-w- c:\windows\apppatch\AcLayers.dll
2012-10-12 07:19 . 2012-10-18 12:19 9291768 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{0EE407C5-C5CB-4604-8360-2ABEB59356C3}\mpengine.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2013-01-08 969104]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"UpdateP2GoShortCut"="c:\program files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" [2009-05-20 222504]
"Boingo Wi-Fi"="c:\program files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk" [2010-09-30 2429]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2009-11-11 98304]
"ATKOSD2"="c:\program files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe" [2009-10-27 6998656]
"ATKMEDIA"="c:\program files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe" [2009-08-20 170624]
"HControlUser"="c:\program files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe" [2009-06-19 105016]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-07-27 919008]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-02-20 59240]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2012-04-18 421888]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-05-10 49208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-02-22 406992]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576]
R2 LlamaYA movil. RunOuc;LlamaYA movil. OUC;c:\program files (x86)\LlamaYA movil\UpdateDog\ouc.exe [2012-12-10 655712]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-12-14 682344]
R3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;c:\windows\system32\DRIVERS\ew_hwusbdev.sys [2012-12-10 117248]
R3 huawei_cdcacm;huawei_cdcacm;c:\windows\system32\DRIVERS\ew_jucdcacm.sys [2012-12-10 104448]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\L1C62x64.sys [2009-11-13 67072]
R3 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys [2012-08-30 128456]
R3 NisSrv;Microsoft Netwerkinspectie;c:\program files\Microsoft Security Client\NisSrv.exe [2012-09-12 368896]
R3 QHY5II_A;QHY5II_A;c:\windows\system32\DRIVERS\QHY5II_A.sys [2012-08-08 24000]
R3 QHY5II_B;QHY5II_B;c:\windows\system32\DRIVERS\QHY5II_B.sys [2012-08-08 55232]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 19456]
R3 SiSGbeLH;SiS191/SiS190 Ethernet Device NDIS 6.0 Driver;c:\windows\system32\DRIVERS\SiSG664.sys [2009-06-10 56832]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2012-08-23 57856]
R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [2012-10-10 1255736]
S2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2009-12-07 379520]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-11 202752]
S2 ASMMAP64;ASMMAP64;c:\program files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys [2009-07-03 15416]
S2 HWDeviceService64.exe;HWDeviceService64.exe;c:\programdata\DatacardService\HWDeviceService64.exe [2011-03-14 346976]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-12-14 398184]
S2 UNS;Intel® Management & Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2009-10-01 2314240]
S3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\DRIVERS\ETD.sys [2009-10-15 117760]
S3 HECIx64;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECIx64.sys [2009-09-17 56344]
S3 huawei_enumerator;huawei_enumerator;c:\windows\system32\DRIVERS\ew_jubusenum.sys [2012-12-10 90112]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-12-14 24176]
.
.
--- Andere Services/Drivers In Geheugen ---
.
*NewlyCreated* - WS2IFSL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
Inhoud van de 'Gedeelde Taken' map
.
2013-01-09 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-09 19:05]
.
2013-01-09 c:\windows\Tasks\OptimizerProUpdaterTask{3090683D-1EDB-41CF-B730-65A80BD4B2D0}.job
- c:\programdata\Premium\OptimizerPro\OptimizerPro.exe [2013-01-08 14:50]
.
2013-01-09 c:\windows\Tasks\SaveAsUpdaterTask{3DA8E909-D07A-4F1D-9BBB-FC719F927D86}.job
- c:\programdata\Premium\SaveAs\SaveAs.exe [2013-01-08 14:50]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_B]
@="{6D4133E5-0742-4ADC-8A8C-9303440F7190}"
[HKEY_CLASSES_ROOT\CLSID\{6D4133E5-0742-4ADC-8A8C-9303440F7190}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\AsusWSShellExt_O]
@="{64174815-8D98-4CE6-8646-4C039977D808}"
[HKEY_CLASSES_ROOT\CLSID\{64174815-8D98-4CE6-8646-4C039977D808}]
2009-11-26 05:49 70656 ----a-w- c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSShellExt64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"="c:\program files\Elantech\ETDCtrl.exe" [2009-09-30 621440]
"ASUS WebStorage"="c:\program files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe" [2010-03-16 1754448]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2009-11-27 487424]
"AmIcoSinglun64"="c:\program files (x86)\AmIcoSingLun\AmIcoSinglun64.exe" [2009-09-01 323584]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2012-09-12 1289704]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Bijkomende Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uDefault_Search_URL = hxxp://www.google.com/ie
mLocal Page = c:\windows\SysWOW64\blank.htm
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 195.130.131.132 195.130.130.4
FF - ProfilePath - c:\users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\
FF - prefs.js: browser.search.defaulturl -
FF - ExtSQL: !HIDDEN! 2012-10-09 17:41; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS VERWIJDERD - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKLM-Run-ROC_roc_ssl_v12 - c:\program files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
Toolbar-Locked - (no file)
WebBrowser-{87775FDB-6972-41F9-AE51-8326E38CB206} - (no file)
HKLM-Run-Setwallpaper - c:\programdata\SetWallpaper.cmd
AddRemove-SP_156f8a5f - c:\program files (x86)\SaveAs\uninstall.exe
.
.
.
--------------------- VERGRENDELDE REGISTER SLEUTELS ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10d.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10d.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.10"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10d.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}]
@Denied: (A 2) (Everyone)
@="IFlashBroker3"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Voltooingstijd: 2013-01-09 14:57:01
ComboFix-quarantined-files.txt 2013-01-09 13:57
.
Pre-Run: 434.248.638.464 bytes beschikbaar
Post-Run: 435.724.361.728 bytes beschikbaar
.
- - End Of File - - C2D0301EC909DE97550D7CB6231DA1A6
mvg Paul
-
Hallo Kapa
dit geeft mijn mbam ook regelmatig sinds gisteren:toegang tot een kwaadaardige website is succesvol geblokkeerd 85.234.175.51 type:uitgaande verbinding poort:50446 proces:utorrent.exe
mvg Paul
-
Hallo,
ik ben van plan een nieuwe laptop te kopen maar er moet zeker photoshop cs6 op kunnen draaien en liefst 17 inch
wat voor toestel raden jullie en wat gaat mij dat kosten?
mvg Paul
-
Heel erg bedankt om te helpen.logbestand antivirus volgt
# AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
# Geactualiseerd op 08/01/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Paul - PAUL-LPT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
# Optie [Verwijderen]
***** [Diensten] *****
Gestopt & Verwijdert : CltMngSvc
***** [Files / Mappen] *****
File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
Map Verwijdert : C:\Program Files (x86)\Conduit
Map Verwijdert : C:\Program Files (x86)\SaveAs
Map Verwijdert : C:\Program Files (x86)\SearchProtect
Map Verwijdert : C:\ProgramData\Ask
Map Verwijdert : C:\ProgramData\InstallMate
Map Verwijdert : C:\ProgramData\Partner
Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
Verwijdert bij het opstarten : C:\ProgramData\Premium
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
Sleutel Verwijdert : HKCU\Software\Conduit
Sleutel Verwijdert : HKCU\Software\InstallCore
Sleutel Verwijdert : HKCU\Software\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\Software\SearchProtect
Sleutel Verwijdert : HKLM\Software\SP Global
Sleutel Verwijdert : HKLM\Software\SProtector
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
***** [browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v17.0.1 (nl)
File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT2865317.FirstTime", "true");
Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
Verwijdert : user_pref("CT2865317.defaultSearch", "true");
Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT2865317.enableAlerts", "always");
Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT2865317.fixUrls", true);
Verwijdert : user_pref("CT2865317.installType", "xpe");
Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.keyword", true);
Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
Verwijdert : user_pref("CT2865317.search.searchCount", "0");
Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
Verwijdert : user_pref("CT2865317.settingsINI", true);
Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
Verwijdert : user_pref("CT2865317.startPage", "userChanged");
Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT3272810.FirstTime", "true");
Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
Verwijdert : user_pref("CT3272810.defaultSearch", "true");
Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT3272810.enableAlerts", "always");
Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT3272810.fixUrls", true);
Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.installId", "9818");
Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT3272810.keyword", true);
Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
Verwijdert : user_pref("CT3272810.search.searchCount", "0");
Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
Verwijdert : user_pref("CT3272810.settingsINI", true);
Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
Verwijdert : user_pref("aol_toolbar.default.search.check", false);
Verwijdert : user_pref("browser.search.order.1", "Ask.com");
Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
Verwijdert : user_pref("smartbar.originalSearchEngine", false);
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");
*************************
AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29]
########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ##########
# AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
# Geactualiseerd op 08/01/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Paul - PAUL-LPT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
# Optie [Verwijderen]
***** [Diensten] *****
Gestopt & Verwijdert : CltMngSvc
***** [Files / Mappen] *****
File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
Map Verwijdert : C:\Program Files (x86)\Conduit
Map Verwijdert : C:\Program Files (x86)\SaveAs
Map Verwijdert : C:\Program Files (x86)\SearchProtect
Map Verwijdert : C:\ProgramData\Ask
Map Verwijdert : C:\ProgramData\InstallMate
Map Verwijdert : C:\ProgramData\Partner
Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
Verwijdert bij het opstarten : C:\ProgramData\Premium
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
Sleutel Verwijdert : HKCU\Software\Conduit
Sleutel Verwijdert : HKCU\Software\InstallCore
Sleutel Verwijdert : HKCU\Software\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\Software\SearchProtect
Sleutel Verwijdert : HKLM\Software\SP Global
Sleutel Verwijdert : HKLM\Software\SProtector
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
***** [browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v17.0.1 (nl)
File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT2865317.FirstTime", "true");
Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
Verwijdert : user_pref("CT2865317.defaultSearch", "true");
Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT2865317.enableAlerts", "always");
Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT2865317.fixUrls", true);
Verwijdert : user_pref("CT2865317.installType", "xpe");
Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.keyword", true);
Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
Verwijdert : user_pref("CT2865317.search.searchCount", "0");
Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
Verwijdert : user_pref("CT2865317.settingsINI", true);
Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
Verwijdert : user_pref("CT2865317.startPage", "userChanged");
Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT3272810.FirstTime", "true");
Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
Verwijdert : user_pref("CT3272810.defaultSearch", "true");
Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT3272810.enableAlerts", "always");
Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT3272810.fixUrls", true);
Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.installId", "9818");
Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT3272810.keyword", true);
Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
Verwijdert : user_pref("CT3272810.search.searchCount", "0");
Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
Verwijdert : user_pref("CT3272810.settingsINI", true);
Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
Verwijdert : user_pref("aol_toolbar.default.search.check", false);
Verwijdert : user_pref("browser.search.order.1", "Ask.com");
Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
Verwijdert : user_pref("smartbar.originalSearchEngine", false);
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");
*************************
AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29]
########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ##########
# AdwCleaner v2.105 - Verslag gemaakt op 09/01/2013 om 11:36:29
# Geactualiseerd op 08/01/2013 door Xplode
# Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Gebruiker : Paul - PAUL-LPT
# Opstarten Modus : Normale modus
# Gelanceerd vanaf : C:\Users\Paul\Downloads\adwcleaner(3).exe
# Optie [Verwijderen]
***** [Diensten] *****
Gestopt & Verwijdert : CltMngSvc
***** [Files / Mappen] *****
File Verwijdert : C:\Users\Paul\AppData\Local\Temp\Uninstall.exe
Map Verwijdert : C:\Program Files (x86)\Conduit
Map Verwijdert : C:\Program Files (x86)\SaveAs
Map Verwijdert : C:\Program Files (x86)\SearchProtect
Map Verwijdert : C:\ProgramData\Ask
Map Verwijdert : C:\ProgramData\InstallMate
Map Verwijdert : C:\ProgramData\Partner
Map Verwijdert : C:\Users\Paul\AppData\Local\Conduit
Map Verwijdert : C:\Users\Paul\AppData\Local\SwvUpdater
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\Conduit
Map Verwijdert : C:\Users\Paul\AppData\LocalLow\PriceGong
Map Verwijdert : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\Smartbar
Map Verwijdert : C:\Users\Paul\AppData\Roaming\SearchProtect
Verwijdert bij het opstarten : C:\ProgramData\Premium
***** [Register] *****
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\Conduit
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\PriceGong
Sleutel Verwijdert : HKCU\Software\AppDataLow\Software\SmartBar
Sleutel Verwijdert : HKCU\Software\AppDataLow\SProtector
Sleutel Verwijdert : HKCU\Software\Conduit
Sleutel Verwijdert : HKCU\Software\InstallCore
Sleutel Verwijdert : HKCU\Software\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Toolbar.CT2865317
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Sleutel Verwijdert : HKLM\Software\Conduit
Sleutel Verwijdert : HKLM\Software\SearchProtect
Sleutel Verwijdert : HKLM\Software\SP Global
Sleutel Verwijdert : HKLM\Software\SProtector
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Sleutel Verwijdert : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Waarde Verwijdert : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [searchProtectAll]
***** [browsers] *****
-\\ Internet Explorer v9.0.8112.16457
[OK] Het register bevat geen enkele ongeoorloofde invoer.
-\\ Mozilla Firefox v17.0.1 (nl)
File : C:\Users\Paul\AppData\Roaming\Mozilla\Firefox\Profiles\hc7khe8p.default\prefs.js
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_city", "HERENTALS");
Verwijdert : user_pref("CT2865317.1000234.TWC_TMP_country", "BE");
Verwijdert : user_pref("CT2865317.1000234.TWC_locId", "BEXX0206");
Verwijdert : user_pref("CT2865317.1000234.TWC_location", "Herentals, Belgium");
Verwijdert : user_pref("CT2865317.1000234.TWC_region", "OT");
Verwijdert : user_pref("CT2865317.1000234.TWC_temp_dis", "C");
Verwijdert : user_pref("CT2865317.1000234.TWC_wind_dis", "kmh");
Verwijdert : user_pref("CT2865317.1000234.weatherData", "{\"icon\":\"26.png\",\"temperature\":\"7°C\",\"temperatu[...]
Verwijdert : user_pref("CT2865317.CBOpenMAMSettings.enc", "MA==");
Verwijdert : user_pref("CT2865317.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT2865317.FirstTime", "true");
Verwijdert : user_pref("CT2865317.FirstTimeFF3", "true");
Verwijdert : user_pref("CT2865317.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.PairingKey.enc", "RThGN0I2MDFBRThGNEYwMTgyMEUzRjM0NTQyMUREOUVFRTMwQzY2Nw==");
Verwijdert : user_pref("CT2865317.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT2865317.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT286[...]
Verwijdert : user_pref("CT2865317.UserID", "UN58750992632368830");
Verwijdert : user_pref("CT2865317.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.autoDisableScopes", -1);
Verwijdert : user_pref("CT2865317.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT2865317.cbcountry_001.enc", "QkU=");
Verwijdert : user_pref("CT2865317.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE4OjEzOjMxIEdNVCswMTAw");
Verwijdert : user_pref("CT2865317.defaultSearch", "true");
Verwijdert : user_pref("CT2865317.embeddedsData", "[{\"appId\":\"129363015615338104\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT2865317.enableAlerts", "always");
Verwijdert : user_pref("CT2865317.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT2865317.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT2865317.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT2865317.fixUrls", true);
Verwijdert : user_pref("CT2865317.installType", "xpe");
Verwijdert : user_pref("CT2865317.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT2865317.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT2865317.isNewTabEnabled", true);
Verwijdert : user_pref("CT2865317.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT2865317.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT2865317.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.keyword", true);
Verwijdert : user_pref("CT2865317.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT2865317.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT2865317.openThankYouPage", "true");
Verwijdert : user_pref("CT2865317.openUninstallPage", "false");
Verwijdert : user_pref("CT2865317.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT2865317.scriptSource.enc", "aHR0cDovLzEyNy4wLjAuMToxMDAwMC9ndWkv");
Verwijdert : user_pref("CT2865317.search.searchAppId", "129363015615338104");
Verwijdert : user_pref("CT2865317.search.searchCount", "0");
Verwijdert : user_pref("CT2865317.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT2865317.searchProtector.notifyChanges", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT2865317.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357665210290");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appTracking_lastUpdate", "1357665304474");
Verwijdert : user_pref("CT2865317.serviceLayer_services_appsMetadata_lastUpdate", "1357665209918");
Verwijdert : user_pref("CT2865317.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357665211154");
Verwijdert : user_pref("CT2865317.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671411880");
Verwijdert : user_pref("CT2865317.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357665210842");
Verwijdert : user_pref("CT2865317.serviceLayer_services_searchAPI_lastUpdate", "1357665209120");
Verwijdert : user_pref("CT2865317.serviceLayer_services_serviceMap_lastUpdate", "1357665208882");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357665211211");
Verwijdert : user_pref("CT2865317.serviceLayer_services_toolbarSettings_lastUpdate", "1357672592175");
Verwijdert : user_pref("CT2865317.serviceLayer_services_translation_lastUpdate", "1357665209930");
Verwijdert : user_pref("CT2865317.settingsINI", true);
Verwijdert : user_pref("CT2865317.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT2865317.smartbar.CTID", "CT2865317");
Verwijdert : user_pref("CT2865317.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT2865317.smartbar.homepage", true);
Verwijdert : user_pref("CT2865317.smartbar.isHidden", true);
Verwijdert : user_pref("CT2865317.smartbar.toolbarName", "uTorrentBar_NL ");
Verwijdert : user_pref("CT2865317.startPage", "userChanged");
Verwijdert : user_pref("CT2865317.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT2865317.uTTorrents.enc", "eyJidWlsZCI6Mjg3MDUsImxhYmVsIjpbXSwidG9ycmVudHMiOltbIjhFM0E4R[...]
Verwijdert : user_pref("CT2865317.url_history0001.enc", "aHR0cDovL2thdC5waC86OjpjbGlja2hhbmRsZXI6OjoxMzU3NjY1MzQz[...]
Verwijdert : user_pref("CT2865317_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("CT3272810.1000082.isDisplayHidden", "true");
Verwijdert : user_pref("CT3272810.1000082.state", "{\"state\":\"stopped\",\"text\":\"Californi...\",\"description[...]
Verwijdert : user_pref("CT3272810.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"tru[...]
Verwijdert : user_pref("CT3272810.FirstTime", "true");
Verwijdert : user_pref("CT3272810.FirstTimeFF3", "true");
Verwijdert : user_pref("CT3272810.InstallDate", "8/1/2013 19:43:18");
Verwijdert : user_pref("CT3272810.LoginRevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.RevertSettingsEnabled", true);
Verwijdert : user_pref("CT3272810.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT327[...]
Verwijdert : user_pref("CT3272810.UserID", "UN79361368422498797");
Verwijdert : user_pref("CT3272810.addressBarTakeOverEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.autoDisableScopes", -1);
Verwijdert : user_pref("CT3272810.browser.search.defaultthis.engineName", true);
Verwijdert : user_pref("CT3272810.cbfirsttime.enc", "VHVlIEphbiAwOCAyMDEzIDE5OjUwOjUwIEdNVCswMTAw");
Verwijdert : user_pref("CT3272810.defaultSearch", "true");
Verwijdert : user_pref("CT3272810.embeddedsData", "[{\"appId\":\"130004960265293823\",\"apiPermissions\":{\"cross[...]
Verwijdert : user_pref("CT3272810.enableAlerts", "always");
Verwijdert : user_pref("CT3272810.enableSearchFromAddressBar", "true");
Verwijdert : user_pref("CT3272810.firstTimeDialogOpened", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundError", "true");
Verwijdert : user_pref("CT3272810.fixPageNotFoundErrorInHidden", "true");
Verwijdert : user_pref("CT3272810.fixUrls", true);
Verwijdert : user_pref("CT3272810.hxxp___api16_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api21_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api28_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.hxxp___api6_starwebnet_com.pid2.enc", "YTAyYjlhOWU3ZTMwMzg0Yg==");
Verwijdert : user_pref("CT3272810.installId", "9818");
Verwijdert : user_pref("CT3272810.installType", "conduitnsisintegration");
Verwijdert : user_pref("CT3272810.isCheckedStartAsHidden", true);
Verwijdert : user_pref("CT3272810.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.isFirstTimeToolbarLoading", "false");
Verwijdert : user_pref("CT3272810.isNewTabEnabled", true);
Verwijdert : user_pref("CT3272810.isPerformedSmartBarTransition", "true");
Verwijdert : user_pref("CT3272810.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Verwijdert : user_pref("CT3272810.keyword", true);
Verwijdert : user_pref("CT3272810.mam_CouponBuddy_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_PriceGong_appState.enc", "b24=");
Verwijdert : user_pref("CT3272810.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IlByaWNlR29uZyIsInVybCI6Imh0dHA6Ly9z[...]
Verwijdert : user_pref("CT3272810.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlByaWNlR29uZyIsImN[...]
Verwijdert : user_pref("CT3272810.mam_gk_first_time.enc", "MQ==");
Verwijdert : user_pref("CT3272810.mam_gk_lastLoginTime.enc", "MTM1NzY3MDY0ODIyNQ==");
Verwijdert : user_pref("CT3272810.mam_gk_settings.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoy[...]
Verwijdert : user_pref("CT3272810.mam_gk_userId.enc", "M2VhZGNlNTQtY2VmMS00M2ZkLWIwMjUtOGE2M2IzNjdhMTAx");
Verwijdert : user_pref("CT3272810.mam_gk_user_apps_selection.enc", "eyJQcmljZUdvbmciOnRydWUsIkNvdXBvbkJ1ZGR5Ijp0c[...]
Verwijdert : user_pref("CT3272810.migrateAppsAndComponents", true);
Verwijdert : user_pref("CT3272810.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"\",\"[...]
Verwijdert : user_pref("CT3272810.openThankYouPage", "false");
Verwijdert : user_pref("CT3272810.openUninstallPage", "false");
Verwijdert : user_pref("CT3272810.price-gong.bornDate", "{\"dataType\":\"string\",\"data\":\"{\\\"Response\\\":\\[...]
Verwijdert : user_pref("CT3272810.revertSettingsEnabled", "false");
Verwijdert : user_pref("CT3272810.search.searchAppId", "130004960265293823");
Verwijdert : user_pref("CT3272810.search.searchCount", "0");
Verwijdert : user_pref("CT3272810.searchInNewTabEnabledInHidden", "true");
Verwijdert : user_pref("CT3272810.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"d[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"strin[...]
Verwijdert : user_pref("CT3272810.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data[...]
Verwijdert : user_pref("CT3272810.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1357670644582");
Verwijdert : user_pref("CT3272810.serviceLayer_services_appsMetadata_lastUpdate", "1357670644238");
Verwijdert : user_pref("CT3272810.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1357670646475");
Verwijdert : user_pref("CT3272810.serviceLayer_services_login_10.13.40.15_lastUpdate", "1357671360516");
Verwijdert : user_pref("CT3272810.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1357670646269");
Verwijdert : user_pref("CT3272810.serviceLayer_services_searchAPI_lastUpdate", "1357670642618");
Verwijdert : user_pref("CT3272810.serviceLayer_services_serviceMap_lastUpdate", "1357670642243");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarContextMenu_lastUpdate", "1357670646515");
Verwijdert : user_pref("CT3272810.serviceLayer_services_toolbarSettings_lastUpdate", "1357670642546");
Verwijdert : user_pref("CT3272810.serviceLayer_services_translation_lastUpdate", "1357670644250");
Verwijdert : user_pref("CT3272810.serviceLayer_services_userApps_lastUpdate", "1357671068372");
Verwijdert : user_pref("CT3272810.settingsINI", true);
Verwijdert : user_pref("CT3272810.shouldFirstTimeDialog", "false");
Verwijdert : user_pref("CT3272810.smartbar.CTID", "CT3272810");
Verwijdert : user_pref("CT3272810.smartbar.Uninstall", "0");
Verwijdert : user_pref("CT3272810.smartbar.homepage", true);
Verwijdert : user_pref("CT3272810.smartbar.isHidden", true);
Verwijdert : user_pref("CT3272810.smartbar.toolbarName", "WhiteSmoke US New E1 ");
Verwijdert : user_pref("CT3272810.toolbarBornServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810.toolbarCurrentServerTime", "8-1-2013");
Verwijdert : user_pref("CT3272810_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\"[...]
Verwijdert : user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT327281[...]
Verwijdert : user_pref("Smartbar.ConduitSearchEngineList", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810[...]
Verwijdert : user_pref("Smartbar.SearchFromAddressBarSavedUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=C[...]
Verwijdert : user_pref("Smartbar.keywordURLSelectedCTID", "CT3272810");
Verwijdert : user_pref("aol_toolbar.default.homepage.check", false);
Verwijdert : user_pref("aol_toolbar.default.search.check", false);
Verwijdert : user_pref("browser.search.order.1", "Ask.com");
Verwijdert : user_pref("browser.search.selectedEngine", "WhiteSmoke US New E1 Customized Web Search");
Verwijdert : user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3272810&octid=CT3272810&Sea[...]
Verwijdert : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Verwijdert : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Verwijdert : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3272810&SearchSource=2&CU[...]
Verwijdert : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT2865317&SearchSource=13[...]
Verwijdert : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT[...]
Verwijdert : user_pref("smartbar.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Verwijdert : user_pref("smartbar.originalSearchAddressUrl", "");
Verwijdert : user_pref("smartbar.originalSearchEngine", false);
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Verwijdert : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Verwijdert : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Verwijdert : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Verwijdert : user_pref("sweetim.toolbar.searchguard.enable", "");
*************************
AdwCleaner[R1].txt - [19324 octets] - [09/01/2013 11:33:49]
AdwCleaner[s2].txt - [19743 octets] - [09/01/2013 11:36:29]
########## EOF - C:\AdwCleaner[s2].txt - [19804 octets] ##########
- - - Updated - - -
Het log bestand van het antivirus dat is het enige dat ik u kan toesturen ik kan ook geen resultaten zijn en het enige dat ik kan verwijderen is het logbestand.
Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org
Databaseversie: v2013.01.09.03
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paul :: PAUL-LPT [administrator]
Bescherming: Ingeschakeld
9/01/2013 11:57:34
mbam-log-2013-01-09 (11-57-34).txt
Scan type: Snelle scan
Ingeschakelde scan opties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scan opties: P2P
Objecten gescand: 215031
Verstreken tijd: 2 minuut/minuten, 19 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
(einde)
mvg Paul
-
Malwarebytes Anti-Malware (PRO) 1.65.1.1000
Malwarebytes : Free anti-malware download
Databaseversie: v2012.12.11.12
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
Paul :: PAUL-LPT [administrator]
Realtime bescherming: Ingeschakeld
11/12/2012 23:33:41
mbam-log-2012-12-11 (23-33-41).txt
Scantype: Snelle scan
Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
Uitgeschakelde scanopties: P2P
Objecten gescand: 210861
Verstreken tijd: 4 minuut/minuten, 49 seconde(n)
Geheugenprocessen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Geheugenmodulen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registersleutels gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerwaarden gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Registerdata gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Mappen gedetecteerd: 0
(Geen kwaadaardige objecten gedetecteerd)
Bestanden gedetecteerd: 2
C:\Users\Paul\Downloads\installer_winzip(1).exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen.
C:\Users\Paul\Downloads\installer_winzip.exe (PUP.BundleInstaller.BEN) -> Geen actie ondernomen.
(einde)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:58:40, on 9/01/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11178 bytes
-
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 21:58:23, on 8/01/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v9.00 (9.00.8112.16457)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\ProgramData\DatacardService\DCSHelper.exe
C:\Windows\AsScrPro.exe
C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
C:\Program Files (x86)\uTorrent\uTorrent.exe
C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe
C:\Program Files (x86)\ASUS\ASUS Live Update\ALU.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo Wi-Fi.exe
C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Zoeken
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Hotmail, Messenger, het laatste nieuws en entertainment | MSN.NL
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {87775fdb-6972-41f9-ae51-8326e38cb206} - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [updateLBPShortCut] "C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\LabelPrint" UpdateWithCreateOnce "Software\CyberLink\LabelPrint\2.5"
O4 - HKLM\..\Run: [updateP2GoShortCut] "C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\6.0"
O4 - HKLM\..\Run: [boingo Wi-Fi] "C:\Program Files (x86)\Boingo\Boingo Wi-Fi\Boingo.lnk"
O4 - HKLM\..\Run: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
O4 - HKLM\..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
O4 - HKLM\..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [ROC_roc_ssl_v12] "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [searchProtectAll] C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files (x86)\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [searchProtect] C:\Users\Paul\AppData\Roaming\SearchProtect\cltmng.exe
O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: FancyStart daemon.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: In weblog opnemen - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &In weblog opnemen met Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Toon of verberg HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O20 - AppInit_DLLs: c:\progra~2\saveas\sprote~1.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: AFBAgent - Unknown owner - C:\Windows\system32\FBAgent.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: ASLDR Service (ASLDRService) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe
O23 - Service: ATKGFNEX Service (ATKGFNEXSrv) - ASUS - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
O23 - Service: Search Protect by Conduit Updater (CltMngSvc) - Conduit - C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HWDeviceService64.exe - Unknown owner - C:\ProgramData\DatacardService\HWDeviceService64.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LlamaYA movil. OUC (LlamaYA movil. RunOuc) - Unknown owner - C:\Program Files (x86)\LlamaYA movil\UpdateDog\ouc.exe
O23 - Service: Intel® Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_38986e29a8b510a2\STacSV64.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel® Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 11972 bytes
-
Hallo
Vandaag search.conduit.com binnen gekregen hoe moet ik het verwijderen.
mvg Paul
-
hallo kape
mag ik u hartelijk bedanken voor al uw help
het is opgelost
mvg paul
-
hallo,kape
het gevraagde log
ComboFix 12-09-27.03 - Paul 27/09/2012 19:49:25.1.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.31.1043.18.3007.2305 [GMT 2:00]
Gestart vanuit: c:\documents and settings\Paul\Mijn documenten\Downloads\ComboFix.exe
.
.
(((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\Paul\Application Data\Toolbar4
c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\cache\44cc2ea552a0c51e9190430b66594e9a
c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\favicon16.png
c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\logo16.png
c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\searchbut16.png
c:\documents and settings\Paul\Application Data\Toolbar4\{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1}\searchbut16on.png
c:\program files\ChatZum Toolbar\tbunsz13.tmp\tbHElper.dll
c:\windows\system32\URTTemp
c:\windows\system32\URTTemp\fusion.dll
c:\windows\system32\URTTemp\mscoree.dll
c:\windows\system32\URTTemp\mscoree.dll.local
c:\windows\system32\URTTemp\mscorsn.dll
c:\windows\system32\URTTemp\mscorwks.dll
c:\windows\system32\URTTemp\msvcr71.dll
c:\windows\system32\URTTemp\regtlib.exe
.
.
(((((((((((((((((((( Bestanden Gemaakt van 2012-08-27 to 2012-09-27 ))))))))))))))))))))))))))))))
.
.
2012-09-25 16:53 . 2012-09-25 16:53 -------- d-----w- C:\AMD
2012-09-24 19:01 . 2012-09-26 18:27 -------- d-----r- C:\Program Files
.
.
.
((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2012-08-28 15:17 . 2008-04-15 12:00 916992 ----a-w- c:\windows\system32\wininet.dll
2012-08-28 15:17 . 2008-04-15 12:00 43520 ------w- c:\windows\system32\licmgr10.dll
2012-08-28 15:17 . 2008-04-15 12:00 1469440 ------w- c:\windows\system32\inetcpl.cpl
2012-08-28 12:07 . 2008-04-15 12:00 385024 ------w- c:\windows\system32\html.iec
2012-07-06 13:58 . 2008-04-15 12:00 78336 ----a-w- c:\windows\system32\browser.dll
2012-07-03 18:23 . 2008-04-15 12:00 1866240 ----a-w- c:\windows\system32\win32k.sys
2012-09-06 01:26 . 2012-09-25 16:29 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2007-10-09 1036288]
"JMB36X Configure"="c:\windows\system32\JMRaidTool.exe" [2006-06-02 385024]
"StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2012-07-03 98304]
.
c:\documents and settings\All Users\Menu Start\Programma's\Opstarten\
ASUS WiFi-AP Solo.lnk - c:\program files\ASUS WiFi-AP Solo\RtWLan.exe [2012-9-25 987136]
.
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
.
R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes' Anti-Malware\mbamscheduler.exe [24/09/2012 20:20 399432]
R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [24/09/2012 20:20 676936]
R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [25/09/2012 18:56 103040]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [24/09/2012 20:20 22856]
S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\Mozilla Maintenance Service\maintenanceservice.exe [25/09/2012 18:29 114144]
S3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter;c:\windows\system32\drivers\RTL8187.sys [25/09/2012 18:27 176128]
S3 SjyPkt;SjyPkt;c:\windows\system32\drivers\SjyPkt.sys [25/09/2012 18:27 13532]
.
.
------- Bijkomende Scan -------
.
TCP: DhcpNameServer = 195.130.131.132 195.130.130.4
FF - ProfilePath - c:\documents and settings\Paul\Application Data\Mozilla\Firefox\Profiles\0ib4xqoo.default\
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - hxxp://utils.chatzum.com/?url=
.
- - - - ORPHANS VERWIJDERD - - - -
.
WebBrowser-{37D48D9C-3F7E-412F-B5BF-611BE7CCFCA1} - c:\program files\ChatZum Toolbar\tbunsz13.tmp\tbcore3.dll
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2012-09-27 19:52
Windows 5.1.2600 Service Pack 3 NTFS
.
scannen van verborgen processen ...
.
scannen van verborgen autostart items ...
.
scannen van verborgen bestanden ...
.
Scan succesvol afgerond
verborgen bestanden: 0
.
**************************************************************************
.
--------------------- DLLs Geladen Onder Lopende Processen ---------------------
.
- - - - - - - > 'winlogon.exe'(704)
c:\windows\system32\Ati2evxx.dll
c:\windows\system32\atiadlxx.dll
.
Voltooingstijd: 2012-09-27 19:53:52
ComboFix-quarantined-files.txt 2012-09-27 17:53
.
Pre-Run: 45.213.786.112 bytes beschikbaar
Post-Run: 45.403.557.888 bytes beschikbaar
.
WindowsXP-KB310994-SP2-Pro-BootDisk-NLD.exe
[boot loader]
timeout=2
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons
UnsupportedDebug="do not select this" /debug
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect
.
- - End Of File - - 09259AEB648D3180B195C84A61E5ACE9
mvg paul
Virus werwijderd computer traag
in Archief Bestrijding malware & virussen
Geplaatst:
Alles is terug in orde Heel erg bedankt aan de mensen die dit mogelijk maken.
mvg Paul