Op deze website gebruiken we cookies om content en advertenties te personaliseren, om functies voor social media te bieden en om ons websiteverkeer te analyseren. Ook delen we informatie over uw gebruik van onze site met onze partners voor social media, adverteren en analyse. Deze partners kunnen deze gegevens combineren met andere informatie die u aan ze heeft verstrekt of die ze hebben verzameld op basis van uw gebruik van hun services. Meer informatie.

Akkoord

Vraag & Antwoord

Beveiliging & privacy

automatische start aqub.co.uk

Abraham54
36 antwoorden
  • Als ik mijn computer opstart, start ongevraagd de IE op met een startpagina die niet van mij is, aqub.co.uk, een soort van search pagina.
    Ik heb de virusscanner erop losgelaten, maar die herkent dit (nog) niet als schadelijk. Wat is het en belangrijker nog, hoe verwijder ik dit?
  • Begin nu maar eerst met een overzicht te posten van jouw Windows:

    [b:4a8114a50e]Welk programma[/b:4a8114a50e]:
  • .
    DDS (Ver_2011-08-26.01) - NTFSx86
    Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 1.6.0_29
    Run by Johannes at 19:03:48 on 2012-07-23
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2370 [GMT 2:00]
    .
    AV: McAfeeAntivirus en antispyware *Enabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: McAfeeAntivirus en antispyware *Enabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    FW: McAfeeFirewall *Enabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    .
    ============== Running Processes ===============
    .
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32
    vvsvc.exe
    C:\Windows\system32\svchost.exe -k RPCSS
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32
    vvsvc.exe
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\system32\svchost.exe -k hpdevmgmt
    C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
    C:\Windows\system32\mfevtps.exe
    C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
    C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe
    C:\Windows\system32\rundll32.exe
    C:\Windows\system32\IoctlSvc.exe
    C:\Windows\system32\PnkBstrA.exe
    C:\Windows\system32\PrintCtrl.exe
    C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\11.1.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files\Xobni\XobniService.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mcshield.exe
    C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\system32\taskhost.exe
    C:\Windows\Explorer.EXE
    C:\Windows\RtHDVCpl.exe
    C:\Program Files\Packard Bell\FIJI\ABoard.exe
    C:\Program Files\Packard Bell\FIJI\AOSD.exe
    C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
    C:\Program Files\SweetIM\Messenger\SweetIM.exe
    C:\Windows\System32\PrintDisp.exe
    C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
    C:\Program Files\Intel\IntelAppStore\bin\serviceManager.exe
    C:\Program Files\McAfee.com\Agent\mcagent.exe
    C:\Program Files\Common Files\Java\Java Update\jusched.exe
    C:\Program Files\Citrix\ICA Client\concentr.exe
    C:\Windows\WindowsMobile\wmdcBase.exe
    C:\Program Files\Citrix\ICA Client\wfcrun32.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
    C:\Program Files\Packard Bell\SetUpMyPC\SmpSys.exe
    C:\Program Files\DAEMON Tools Lite\DTLite.exe
    C:\Users\Johannes\AppData\Local\Temp\ZT1RfYGnkW2j.exe
    C:\Users\Johannes\AppData\Roaming\Updatez\Chrome_Loader.exe
    C:\Users\Johannes\AppData\Local\Temp\Updatez\Chrome_Check.exe
    C:\Program Files\Common Files\Apple\Internet Services\ubd.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\Program Files\ZyXEL\NWD210N\NWD210N.exe
    C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
    C:\Windows\system32\conhost.exe
    C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Windows\system32\svchost.exe -k WindowsMobile
    C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
    C:\Windows\System32\svchost.exe -k LocalServicePeerNet
    C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
    C:\Windows\system32\WUDFHost.exe
    C:\Windows\system32\DllHost.exe
    C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskmgr.exe
    C:\Windows\system32\conhost.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    .
    ============== Pseudo HJT Report ===============
    .
    uDefault_Page_URL = hxxp://go.packardbell.com/?id=9152
    uSearch Bar = hxxp://www.google.com/ie
    uSearch Page = hxxp://www.google.com
    uStart Page = hxxp://www.igoogle.nl/
    mStart Page = hxxp://www.bigseekpro.com/somud/{44F15C88-C147-442B-B87B-8376319D08E1}
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    uURLSearchHooks: H - No File
    uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    mURLSearchHooks: SweetIM ToolbarURLSearchHook Class: {eee6c35d-6118-11dc-9c72-001320c79847} - c:\program files\sweetim\toolbars\internet explorer\mgHelper.dll
    mURLSearchHooks: ToolbarURLSearchHook Class: {ca3eb689-8f09-4026-aa10-b9534c691ce0} - c:\program files\somud db toolbar\tbhelper.dll
    mWinlogon: Userinit=userinit.exe,
    BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
    BHO: Babylon toolbar helper: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\bh\BabylonToolbar.dll
    BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll
    BHO: scriptproxy: {7db2d5a0-7241-4e79-b68d-6309f01c5231} - c:\program files\common files\mcafee\systemcore\ScriptSn.20120628210119.dll
    BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
    BHO: DealPly: {a6174f27-1fff-e1d6-a93f-ba48ad5dd448} - c:\program files\dealply\DealPlyIE.dll
    BHO: McAfee SiteAdvisor BHO: {b164e929-a1b6-4a06-b104-2cd0e90a88ff} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: McAfee SiteAdvisor Toolbar: {0ebbbe48-bad4-4b4c-8e5a-516abecae064} - c:\progra~1\mcafee\sitead~1\mcieplg.dll
    TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.5.3.17\BabylonToolbarTlbr.dll
    TB: AVG Security Toolbar: {95b7759c-8c7f-4bf1-b163-73684a933233} - c:\program files\avg secure search\11.1.0.7\AVG Secure Search_toolbar.dll
    TB: {2877A654-1C9F-4CB5-8438-16022B2FDD9C} - No File
    {e7df6bff-55a5-4eb7-a673-4ed3e9456d39}
    EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hp\digital imaging\smart web printing\hpswp_bho.dll
    EB: {BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939} - No File
    uRun: [AlcoholAutomount] "c:\program files\alcohol soft\alcohol 120\axcmd.exe" /automount
    uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
    uRun: [Google Update] "c:\users\johannes\appdata\local\google\update\GoogleUpdate.exe" /c
    uRun: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files
    ero\lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
    uRun: [SmpcSys] c:\program files\packard bell\setupmypc\SmpSys.exe
    uRun: [igndlm.exe] c:\program files\download manager\DLM.exe /windowsstart /startifwork
    uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun
    uRun: [Audio HD Driver] c:\users\johannes\appdata\local\temp\ZT1RfYGnkW2j.exe
    uRun: [MyWebSearch Email Plugin] c:\progra~1\mywebs~1\bar\1.bin\mwsoemon.exe
    uRun: [Chrome_Loader.exe] c:\users\johannes\appdata\roaming\updatez\Chrome_Loader.exe
    uRun: [Chrome_Check.exe] c:\users\johannes\appdata\local\temp\updatez\Chrome_Check.exe
    uRun: [<NO NAME>] \
    uRun:


  • Jij hebt een aantal malafide toolbars geïnstalleerd.

    Download AdwCleaner by Xplode naar het bureaublad.

    [list:df63a2fde4][*:df63a2fde4]Sluit alle openstaande vensters
    [*:df63a2fde4]Rechtsklik op AdwCleaner en selecteer als Administrator uitvoeren…
    [*:df63a2fde4]Klik vervolgens op Delete
    [*:df63a2fde4]Klik bij AdwCleaner – Information op OK
    [*:df63a2fde4]Klik bij AdwCleaner – Restart Required op OK[/list:u:df63a2fde4]

    Dat tijdens de aktie de snelkoppelingen verdwijnen, is normaal.
    Nadat de PC opnieuw is opgestart, opent een logfile.
    Post aansluitend de inhoud van dit log in je volgende bericht.
  • Zojuist opnieuw opgestart met als resde volgende logfile (en toch ook weer het gewraakte scherm)

    # AdwCleaner v1.703 - Logfile created 07/23/2012 at 19:36:23
    # Updated 20/07/2012 by Xplode
    # Operating system : Windows 7 Ultimate Service Pack 1 (32 bits)
    # User : Johannes - PC_VAN_JOHANNES
    # Running from : C:\Users\Johannes\Desktop\adwcleaner.exe
    # Option [Delete]


    ***** [Services] *****

    Stopped & Deleted : MyWebSearchService
    Stopped & Deleted : vToolbarUpdater11.1.0

    ***** [Files / Folders] *****

    Folder Deleted : C:\Users\Johannes\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\Eline\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\RFD\AppData\Local\AVG Secure Search
    Folder Deleted : C:\Users\RFD\AppData\Local\Ilivid Player
    Folder Deleted : C:\Users\Johannes\AppData\Local\Temp\avg@toolbar
    Folder Deleted : C:\Users\Johannes\AppData\Local\Temp\BabylonToolbar
    Folder Deleted : C:\Users\RFD\AppData\Local\Temp\AskBarDis
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\FunWebProducts
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\MyWebSearch
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\Searchqutoolbar
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\ShoppingReport2
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\SweetIM
    Folder Deleted : C:\Users\Johannes\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Jannie\AppData\LocalLow\imeshbandmltbpi
    Folder Deleted : C:\Users\Jannie\AppData\LocalLow\MyWebSearch
    Folder Deleted : C:\Users\Jannie\AppData\LocalLow\SweetIM
    Folder Deleted : C:\Users\Jannie\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Maureen\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Eline\AppData\LocalLow\SearchquTB
    Folder Deleted : C:\Users\Eline\AppData\LocalLow\SweetIM
    Folder Deleted : C:\Users\Eline\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\AVG Secure Search
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\FunWebProducts
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\imeshbandmltbpi
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\MyWebSearch
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\SearchquTB
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\Searchqutoolbar
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\ShoppingReport2
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\SweetIM
    Folder Deleted : C:\Users\RFD\AppData\LocalLow\Toolbar4
    Folder Deleted : C:\Users\Johannes\AppData\Roaming\Babylon
    Folder Deleted : C:\Users\Johannes\AppData\Roaming\BabylonToolbar
    Folder Deleted : C:\Users\Johannes\AppData\Roaming\Bandoo
    Folder Deleted : C:\Users\RFD\AppData\Roaming\Bandoo
    Folder Deleted : C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\5149wsd9.default\Searchqutoolbar
    Folder Deleted : C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\5149wsd9.default\SweetIMToolbarData
    Folder Deleted : C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\xwxerhbg.default\Searchqutoolbar
    Folder Deleted : C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\xwxerhbg.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
    Folder Deleted : C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\xwxerhbg.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Folder Deleted : C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\xwxerhbg.default\extensions\m3ffxtbr@mywebsearch.com
    Folder Deleted : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\Searchqutoolbar
    Folder Deleted : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
    Folder Deleted : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\extensions\{75656794-AB59-4712-BFBC-5D816D56F3BC}
    Folder Deleted : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Folder Deleted : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\extensions\m3ffxtbr@mywebsearch.com
    Folder Deleted : C:\Users\RFD\AppData\Roaming\Mozilla\Firefox\Profiles\su1vv8bi.default\Searchqutoolbar
    Folder Deleted : C:\Users\RFD\AppData\Roaming\Mozilla\Firefox\Profiles\su1vv8bi.default\extensions\{28387537-e3f9-4ed7-860c-11e69af4a8a0}
    Folder Deleted : C:\Users\RFD\AppData\Roaming\Mozilla\Firefox\Profiles\su1vv8bi.default\extensions\{99079a25-328f-4bd4-be04-00955acaa0a7}
    Folder Deleted : C:\Users\RFD\AppData\Roaming\Mozilla\Firefox\Profiles\su1vv8bi.default\extensions\m3ffxtbr@mywebsearch.com
    Folder Deleted : C:\ProgramData\AVG Secure Search
    Folder Deleted : C:\ProgramData\Babylon
    Folder Deleted : C:\ProgramData\boost_interprocess
    Folder Deleted : C:\ProgramData\SweetIM
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DealPly
    Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ilivid
    Folder Deleted : C:\Program Files\AVG Secure Search
    Folder Deleted : C:\Program Files\BabylonToolbar
    Folder Deleted : C:\Program Files\DAEMON Tools Toolbar
    Folder Deleted : C:\Program Files\DealPly
    Folder Deleted : C:\Program Files\FunWebProducts
    Folder Deleted : C:\Program Files\Ilivid
    Folder Deleted : C:\Program Files\MyWebSearch
    Folder Deleted : C:\Program Files\ShoppingReport2
    Folder Deleted : C:\Program Files\SweetIM
    Folder Deleted : C:\Program Files\Windows iLivid Toolbar
    Folder Deleted : C:\Program Files\Windows Searchqu Toolbar
    Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
    File Deleted : C:\Program Files\Mozilla Firefox\.autoreg
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
    File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\babylon.xml
    File Deleted : C:\Windows\system32\f3PSSavr.scr

    ***** [Registry] *****

  • Key Deleted : HKCU\Software\SMTTB2009
  • Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
  • Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
  • Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009
  • Key Deleted : HKLM\SOFTWARE\Classes\SMTTB2009.SMTTB2009.3
  • Key Deleted : HKLM\SOFTWARE\Classes\TBSB07500.IEToolbar
  • Key Deleted : HKLM\SOFTWARE\Classes\TBSB07500.IEToolbar.1
  • Key Deleted : HKLM\SOFTWARE\Classes\TBSB07500.TBSB07500
  • Key Deleted : HKLM\SOFTWARE\Classes\TBSB07500.TBSB07500.3
  • Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
  • Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
  • Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07500
  • Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.TBSB07500.1
  • Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TBSB07500.TBSB07500Toolbar
  • Key Deleted : HKCU\Software\AppDataLow\Software\Fun Web Products
    Key Deleted : HKCU\Software\AppDataLow\Software\FunWebProducts
    Key Deleted : HKCU\Software\AppDataLow\Software\MyWebSearch
    Key Deleted : HKCU\Software\AppDataLow\Software\searchqutb
    Key Deleted : HKCU\Software\AppDataLow\Software\ShoppingReport2
    Key Deleted : HKCU\Software\AVG Secure Search
    Key Deleted : HKCU\Software\BabylonToolbar
    Key Deleted : HKCU\Software\DataMngr
    Key Deleted : HKCU\Software\DealPly
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
    Key Deleted : HKCU\Software\IGearSettings
    Key Deleted : HKCU\Software\ilivid
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\qword.com
    Key Deleted : HKCU\Software\MyWebSearch
    Key Deleted : HKCU\Software\ShoppingReport2
    Key Deleted : HKCU\Software\Softonic
    Key Deleted : HKCU\Software\Somoto Toolbar
    Key Deleted : HKCU\Software\SweetIm
    Key Deleted : HKLM\SOFTWARE\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Babylon
    Key Deleted : HKLM\SOFTWARE\BabylonToolbar
    Key Deleted : HKLM\SOFTWARE\bandoo
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BandooCore.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\DiscoveryHelper.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\GIFAnimator.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMTrProgress.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\IMWeb.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\WMHelper.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
    Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
    Key Deleted : HKLM\SOFTWARE\Classes\b
    Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd
    Key Deleted : HKLM\SOFTWARE\Classes\Babylon.dskBnd.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.BandooCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.ResourcesMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.SettingsMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr
    Key Deleted : HKLM\SOFTWARE\Classes\BandooCore.StatisticMngr.1
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore
    Key Deleted : HKLM\SOFTWARE\Classes\bbylnApp.appCore.1
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler
    Key Deleted : HKLM\SOFTWARE\Classes\ComObject.DeskbarEnabler.1
    Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery
    Key Deleted : HKLM\SOFTWARE\Classes\DiscoveryHelper.iMesh6Discovery.1
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escortIEPane.1
    Key Deleted : HKLM\SOFTWARE\Classes\escort.escrtBtn.1
    Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc
    Key Deleted : HKLM\SOFTWARE\Classes\esrv.BabylonESrvc.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.DataControl.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistoryKillerScheduler.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HistorySwatterControlBar.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.HTMLMenu.2
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.IECookiesManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.KillerObjManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterBarButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl
    Key Deleted : HKLM\SOFTWARE\Classes\FunWebProducts.PopSwatterSettingsControl.1
    Key Deleted : HKLM\SOFTWARE\Classes\imweb.imwebcontrol
    Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils
    Key Deleted : HKLM\SOFTWARE\Classes\MediaPlayer.GraphicsUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator
    Key Deleted : HKLM\SOFTWARE\Classes\MgMediaPlayer.GifAnimator.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ChatSessionPlugin.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.HTMLPanel.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.MultipleButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.OutlookAddin.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.PseudoTransparentPlugin.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.ThirdPartyInstaller.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearch.UrlAlertButton.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.SettingsPlugin.1
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin
    Key Deleted : HKLM\SOFTWARE\Classes\MyWebSearchToolBar.ToolbarPlugin.1
    Key Deleted : HKLM\SOFTWARE\Classes\PROTOCOLS\Handler\viprotocol
    Key Deleted : HKLM\SOFTWARE\Classes\S
    Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller
    Key Deleted : HKLM\SOFTWARE\Classes\ScreenSaverControl.ScreenSaverInstaller.1
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
    Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
    Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar
    Key Deleted : HKLM\SOFTWARE\Classes\SWEETIE.IEToolbar.1
    Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook
    Key Deleted : HKLM\SOFTWARE\Classes\sweetim_urlsearchhook.toolbarurlsearchhook.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
    Key Deleted : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
    Key Deleted : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar3.sweetie.1
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook
    Key Deleted : HKLM\SOFTWARE\Classes\URLSearchHook.ToolbarURLSearchHook.1
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
    Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
    Key Deleted : HKLM\SOFTWARE\DataMngr
    Key Deleted : HKLM\SOFTWARE\DealPly
    Key Deleted : HKLM\SOFTWARE\DT Soft
    Key Deleted : HKLM\SOFTWARE\eRightSoft\OpenCandy
    Key Deleted : HKLM\SOFTWARE\FocusInteractive
    Key Deleted : HKLM\SOFTWARE\Fun Web Products
    Key Deleted : HKLM\SOFTWARE\FunWebProducts
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\gaiilaahiahdejapggenmdmafpmbipje
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll
    Key Deleted : HKLM\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss
    Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin
    Key Deleted : HKLM\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin
    Key Deleted : HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\0563B8630D62D75ABBC8AB1E4BDFB5A899B24D43
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchquMediaBar_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SetupDataMngr_Searchqu_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweetIM.exe
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonToolbar
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DealPly
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchqu 406 MediaBar
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
    Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@mywebsearch.com/Plugin
    Key Deleted : HKLM\SOFTWARE\MyWebSearch
    Key Deleted : HKLM\SOFTWARE\SearchquMediabarTb
    Key Deleted : HKLM\SOFTWARE\ShoppingReport2
    Key Deleted : HKLM\SOFTWARE\SweetIM
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [www.qword.com]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\User Agent\Post Platform [FunWebProducts]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\post platform [FunWebProducts]
    Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MyWebSearch Email Plugin]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SweetIM]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Windows Media\Wmsdk\Sources [F3PopularScreenSavers]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]
    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [m3ffxtbr@mywebsearch.com]

    ***** [Registre - GUID] *****

    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1301A8A5-3DFB-4731-A162-B357D00C9644}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FC41815-FA4C-4F8B-B143-2C045C8EA2FC}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{21493C1F-D071-496A-9C27-450578888291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{403A885F-CB00-40C1-BDC1-EB09053194F7}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{55C1727F-5535-4C2A-9601-8C2458608B48}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{A7DDCBDE-5C86-415c-8A37-763AE183E7E4}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{00A6FAF6-072E-44CF-8957-5838F569A31D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2656B92B-0207-4afb-BEBF-F5FD231ECD39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{27BF8F8D-58B8-D41C-F913-B7EEB57EF6F6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{291BCCC1-6890-484A-89D3-318C928DAC1B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{338B4DFE-2E2C-4338-9E41-E176D497299E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{34CB0620-E343-4772-BBA8-D3074BC47516}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{412CD209-DDA4-4275-8C79-55F1C93FBD47}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{57CADC46-58FF-4105-B733-5A9F3FC9783C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{59570C1F-B692-48c9-91B4-7809E6945287}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{63A0F7FA-2C95-4d7e-AF25-EFCC303D20A1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6559E502-6EE1-46b8-A83C-F3A45BDA23EE}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{82AC53B4-164C-4B07-A016-437A8388B81A}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A2858A72-758F-4486-B6A1-7F1DCC0924FA}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4730EBE-43A6-443E-9776-36915D323AD3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A4A0CB15-8465-4F58-A7E5-73084EA2A064}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B8276A94-891D-453C-9FF3-715C042A2575}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C63CA8A4-AB4E-49e5-A6C0-33FC86D80205}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C6A7847E-8931-4a9a-B4EF-72A91E3CCF4D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D858DAFC-9573-4811-B323-7011A3AA7E61}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DD0F1D24-E250-4e93-966C-65615720AEFB}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EC1277BB-1C71-4c0d-BA6D-BFEA16E773A6}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FFB9ADCB-8C79-4C29-81D3-74D46A93D370}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06DE5702-44CF-4B79-B4EF-3DDF653358F5}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0EB3F101-224A-4B2B-9E5B-DF720857529C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1093995A-BA37-41D2-836E-091067C4AD17}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{120927BF-1700-43BC-810F-FAB92549B390}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{17DE5E5E-BFE3-4E83-8E1F-8755795359EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1F52A5FA-A705-4415-B975-88503B291728}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{247A115F-06C2-4FB3-967D-2D62D3CF4F0A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E1656ED-F60E-4597-B6AA-B6A58E171495}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E53E2CB-86DB-4A4A-8BD9-FFEB7A64DF82}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720451-B472-4954-B7AA-33069EB53906}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3E720453-B472-4954-B7AA-33069EB53906}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{44C3C1DB-2127-433C-98EC-4C9412B5FC3A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{477F210A-2A86-4666-9C4B-1189634D2C84}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D5132DD-BB2B-4249-B5E0-D145A8C982E1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5E8CD073-21DF-4117-9BBD-D03C45D36CAE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2B-B45B-4458-8B3B-60C69BBBD83C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{63D0ED2D-B45B-4458-8B3B-60C69BBBD83C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{706D4A4B-184A-4434-B331-296B07493D2D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{741DE825-A6F0-4497-9AA6-8023CF9B0FFF}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8BE10F21-185F-4CA0-B789-9921674C3993}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8E9CF769-3D3B-40EB-9E2D-76E7A205E4D2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{90449521-D834-4703-BB4E-D3AA44042FF8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{94C0B25D-3359-4B10-B227-F96A77DB773F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{991AAC62-B100-47CE-8B75-253965244F69}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A1F1ECD3-4806-44C6-A869-F0DADF11C57C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A439801C-961D-452C-AB42-7848E9CBD289}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A626CDBD-3D13-4F78-B819-440A28D7E8FC}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B0B75FBA-7288-4FD3-A9EB-7EE27FA65599}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B173667F-8395-4317-8DD6-45AD1FE00047}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B32672B3-F656-46E0-B584-FE61C0BB6037}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B37B4BA6-334E-72C1-B57E-6AFE8F8A5AF3}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B77AD4AC-C1C2-B293-7737-71E13A11FFEA}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BBABDC90-F3D5-4801-863A-EE6AE529862D}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BFE569F7-646C-4512-969B-9BE3E580D393}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2434722-5C85-4CA0-BA69-1B67E7AB3D68}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2996524-2187-441F-A398-CD6CB6B3D020}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CA1CE38C-F04C-471F-B9F3-083C58165C10}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D6FF3684-AD3B-48EB-BBB4-B9E6C5A355C1}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E047E227-5342-4D94-80F7-CFB154BF55BD}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E3F79BE9-24D4-4F4D-8C13-DF2C9899F82E}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E773F2CF-5E6E-FF2B-81A1-AC581A26B2B2}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E77EEF95-3E83-4BB8-9C0D-4A5163774997}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EB9E5C1C-B1F9-4C2B-BE8A-27D6446FDAF8}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C358-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C359-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EEE6C35A-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4EBB1E2-21F3-4786-8CF4-16EC5925867F}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FF871E51-2655-4D06-AED5-745962A96B32}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07B18EA0-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{0D26BC71-A633-4E71-AD31-EADC3A1B6A3A}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{252C2315-CCE0-4446-8DA7-C00292A690BA}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{29D67D3C-509A-4544-903F-C8C1B8236554}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{35C1605E-438B-4D64-AAB1-8885F097A9B1}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{3E720450-B472-4954-B7AA-33069EB53906}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{403A885F-CB00-40C1-BDC1-EB09053194F7}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4509D3CC-B642-4745-B030-645B79522C6D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4D3B167E-5FD8-4276-8FD7-9DF19C1E4D19}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{55C1727F-5535-4C2A-9601-8C2458608B48}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6E8BF012-2C85-4834-B10A-1B31AF173D70}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{7473D290-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{819FFE20-35C7-4925-8CDA-4E0E2DB94302}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8CA01F0E-987C-49C3-B852-2F1AC4A7094C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8E6F1830-9607-4440-8530-13BE7C4B1D14}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8F5F1CB6-EA9E-40AF-A5CA-C7FD63CC1971}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{8FFDF636-0D87-4B33-B9E9-79A53F6E1DAE}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{96F7FABC-5789-EFA4-B6ED-1272F4C1D27B}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B035BA6B-57CD-4F72-B545-65BE465FCAF6}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C8CECDE3-1AE1-4C4A-AD82-6D5B00212144}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D44FD6F0-9746-484E-B5C4-C66688393872}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E47CAEE0-DEEA-464A-9326-3F2801535A4D}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E79DFBC0-5697-4FBD-94E5-5B2A9C7C1612}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EC4085F2-8DB3-45A6-AD0B-CA289F3C5D7E}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F42228FB-E84E-479E-B922-FBBD096E792C}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\Explorer Bars\{BDEA95CF-F0E6-41E0-BD3D-B00F39A4E939}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{424624F4-C5DD-4E1D-BDD0-1E9C9B7799CC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C7FC09-1C83-4648-B3E6-003D2BBC7481}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AF847F-6E91-45DD-9B68-D6A12C30E5D7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F000001-DB8E-F89C-2FEC-49BF726F8C12}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8375D9C8-634F-4ECB-8CF5-C7416BA5D542}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170B96C-28D4-4626-8358-27E6CAEEF907}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C8A3CA5-889E-4554-BEEC-EC0876E4E96A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A078F691-9C07-4AF2-BF43-35E79EECF8B7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1A71FA0-FF48-48DD-9B6D-7A13A3E42127}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DDB1968E-EAD6-40FD-8DAE-FF14757F60C7}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EEE6C367-6118-11DC-9C72-001320C79847}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F138D901-86F0-4383-99B6-9CDD406036DA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F9189560-573A-4FDE-B055-AE7B0F4CF080}
    Key Deleted : HKU\.DEFAULT\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{F48DA960-0FD9-4BB5-9826-C0C271C6C74D}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4D7B-9389-0F166788785A}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3E720452-B472-4954-B7AA-33069EB53906}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63D0ED2C-B45B-4458-8B3B-60C69BBBD83C}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473D294-B7BB-4F24-AE82-7E2CE94BB6A9}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{872F3C0B-4462-424C-BB9F-74C6899B9F92}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98D9753D-D73B-42D5-8C85-4469CDA897AB}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{B6F8DA9F-2696-419e-A8A3-19BE41EF51BD}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E79DFBCA-5697-4FBD-94E5-5B2A9C7C1612}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{338B4DFE-2E2C-4338-9E41-E176D497299E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{00A6FAF1-072E-44CF-8957-5838F569A31D}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EAB-A523-4961-B6BB-170DE4475CCA}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{28387537-E3F9-4ED7-860C-11E69AF4A8A0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{338B4DFE-2E2C-4338-9E41-E176D497299E}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3DC201FB-E9C9-499C-A11F-23C360D7C3F8}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{99079A25-328F-4BD4-BE04-00955ACAA0A7}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9FF05104-B030-46FC-94B8-81276E4E27DF}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A6174F27-1FFF-E1D6-A93F-BA48AD5DD448}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CA3EB689-8F09-4026-AA10-B9534C691CE0}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35B-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35C-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EEE6C35D-6118-11DC-9C72-001320C79847}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
    Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{98889811-442D-49DD-99D7-DC866BE87DBC}]
    Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

    ***** [Internet Browsers] *****

    -\\ Internet Explorer v9.0.8112.16421

    Replaced : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.bigseekpro.com/somud/{44F15C88-C147-442B-B87B-8376319D08E1} –> hxxp://www.google.com

    -\\ Mozilla Firefox v10.0 (nl)

    Profile name : default
    File : C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\5149wsd9.default\prefs.js

    C:\Users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\5149wsd9.default\user.js … Deleted !

    Deleted : user_pref("browser.babylon.HPOnNewTab", "search.babylon.com";);
    Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search";);
    Deleted : user_pref("browser.search.order.1", "Search the web (Babylon)";);
    Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search";);
    Deleted : user_pref("browser.startup.homepage", "hxxp://search.babylon.com/?affID=112059&tt=060612_5_&babsrc=H[…]
    Deleted : user_pref("extensions.BabylonToolbar.admin", false);
    Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst";);
    Deleted : user_pref("extensions.BabylonToolbar.babExt", "";);
    Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=109130";);
    Deleted : user_pref("extensions.BabylonToolbar.bbDpng", 1);
    Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en";);
    Deleted : user_pref("extensions.BabylonToolbar.dfltSrch", true);
    Deleted : user_pref("extensions.BabylonToolbar.hmpg", true);
    Deleted : user_pref("extensions.BabylonToolbar.id", "ec95c9e80000000000000019cb85c4d9";);
    Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15371";);
    Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst";);
    Deleted : user_pref("extensions.BabylonToolbar.keyWordUrl", "hxxp://search.babylon.com/?AF=109130&babsrc=adbar[…]
    Deleted : user_pref("extensions.BabylonToolbar.lastDP", 1);
    Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.5.3.1713:59:09";);
    Deleted : user_pref("extensions.BabylonToolbar.mntrFFxVrsn", "4.0";);
    Deleted : user_pref("extensions.BabylonToolbar.newTab", false);
    Deleted : user_pref("extensions.BabylonToolbar.newTabUrl", "hxxp://search.babylon.com/?AF=109130&babsrc=NT_ss&[…]
    Deleted : user_pref("extensions.BabylonToolbar.noFFXTlbr", false);
    Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar";);
    Deleted : user_pref("extensions.BabylonToolbar.propectorlck", 66681771);
    Deleted : user_pref("extensions.BabylonToolbar.prtkDS", 1);
    Deleted : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
    Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon";);
    Deleted : user_pref("extensions.BabylonToolbar.ptch_0717", true);
    Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "none";);
    Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss";);
    Deleted : user_pref("extensions.BabylonToolbar.srchPrvdr", "Search the web (Babylon)";);
    Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base";);
    Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.5.3.17";);
    Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.5.3.1713:59:09";);
    Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.5.3.17";);
    Deleted : user_pref("extensions.BabylonToolbar_i.aflt", "babsst";);
    Deleted : user_pref("extensions.BabylonToolbar_i.babExt", "";);
    Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=112059&tt=060612_5_";);
    Deleted : user_pref("extensions.BabylonToolbar_i.hardId", "ec95c9e80000000000000019cb85c4d9";);
    Deleted : user_pref("extensions.BabylonToolbar_i.id", "ec95c9e80000000000000019cb85c4d9";);
    Deleted : user_pref("extensions.BabylonToolbar_i.instlDay", "15508";);
    Deleted : user_pref("extensions.BabylonToolbar_i.instlRef", "sst";);
    Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false);
    Deleted : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://search.babylon.com/?affID=112059&tt=06061[…]
    Deleted : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar";);
    Deleted : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon";);
    Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none";);
    Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss";);
    Deleted : user_pref("extensions.BabylonToolbar_i.tlbrId", "base";);
    Deleted : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17";);
    Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.1715:02:11";);
    Deleted : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17";);
    Deleted : user_pref("extensions.snipit.askTbInstalled", true);
    Deleted : user_pref("keyword.URL", "hxxp://search.babylon.com/?affID=112059&tt=060612_5_&babsrc=KW_ss&mntrId=e[…]
    Deleted : user_pref("sweetim.toolbar.highlight.colors", "#FFFF00,#00FFE4,#5AFF00,#0087FF,#FFCC00,#FF00F0";);
    Deleted : user_pref("sweetim.toolbar.logger.ConsoleHandler.MinReportLevel", "7";);
    Deleted : user_pref("sweetim.toolbar.logger.FileHandler.FileName", "ff-toolbar.log";);
    Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MaxFileSize", "200000";);
    Deleted : user_pref("sweetim.toolbar.logger.FileHandler.MinReportLevel", "7";);
    Deleted : user_pref("sweetim.toolbar.mode.debug", "false";);
    Deleted : user_pref("sweetim.toolbar.previous.keyword.URL", "hxxp://www.searchqu.com/web?src=ffb&q=";);
    Deleted : user_pref("sweetim.toolbar.search.external", "<?xml version=\"1.0\"?><TOOLBAR><EXTERNAL_SEARCH engin[…]
    Deleted : user_pref("sweetim.toolbar.search.history.capacity", "10";);
    Deleted : user_pref("sweetim.toolbar.simapp_id", "{532D8768-8475-11DF-A8CA-001FE2575744}";);
    Deleted : user_pref("sweetim.toolbar.version", "1.0.0.10";);

    Profile name : default
    File : C:\Users\Maureen\AppData\Roaming\Mozilla\Firefox\Profiles\xwxerhbg.default\prefs.js

    [OK] File is clean.

    Profile name : default
    File : C:\Users\Eline\AppData\Roaming\Mozilla\Firefox\Profiles\66c1u724.default\prefs.js

    Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search";);
    Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search";);
    Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={B5DB1F7B-0EE6-44A4-A670-0A6FCA8B[…]

    Profile name : default
    File : C:\Users\RFD\AppData\Roaming\Mozilla\Firefox\Profiles\su1vv8bi.default\prefs.js

    Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search";);
    Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search";);
    Deleted : user_pref("browser.startup.homepage", "hxxp://isearch.avg.com/?cid={B5DB1F7B-0EE6-44A4-A670-0A6FCA8B[…]
    Deleted : user_pref("extensions.enabledAddons", "m3ffxtbr@mywebsearch.com:1.1,{99079a25-328f-4bd4-be04-00955ac[…]

    -\\ Google Chrome v20.0.1132.57

    File : C:\Users\Johannes\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted : "icon_url": "hxxp://isearch.avg.com/favicon.ico",
    Deleted : "keyword": "isearch.avg.com",
    Deleted : "name": "AVG Secure Search",
    Deleted : "search_url": "hxxp://isearch.avg.com/search?cid={B5DB1F7B-0EE6-44A4-A670-0A6FCA8B49F0}&mid=28[…]
    Deleted : "default_icon": "browser_icon_babylon48.png",
    Deleted : "default_title": "Babylon Toolbar"
    Deleted : "description": "Babylon ToolBar",
    Deleted : "128": "babylon48.png",
    Deleted : "48": "babylon48.png"
    Deleted : "name": "Babylon Toolbar",
    Deleted : "path": "BabylonChromeToolBar.dll",
    Deleted : "update_url": "hxxp://img.babylon.com/ext/chrome/update/update1.xml",
    Deleted : "name": "My Web Search Plugin Stub",
    Deleted : "path": "C:\\Program Files\\MyWebSearch\\bar\\1.bin\\NPMyWebS.dll",
    Deleted : "name": "My Web Search Plugin Stub"

    File : C:\Users\RFD\AppData\Local\Google\Chrome\User Data\Default\Preferences

    Deleted : "name": "My Web Search Plugin Stub",
    Deleted : "path": "C:\\Program Files\\MyWebSearch\\bar\\1.bin\\NPMyWebS.dll",
    Deleted : "name": "My Web Search Plugin Stub"
    Deleted : "path": "C:\\Users\\RFD\\AppData\\LocalLow\\Unity\\WebPlayer\\loader\
    pUnity3D32.dll",
    Deleted : "dj-mixer-pro.nl.softonic.com": 0.5227587223052979,

    *************************

    AdwCleaner[S1].txt - [50774 octets] - [23/07/2012 19:36:23]

    ########## EOF - C:\AdwCleaner[S1].txt - [50903 octets] ##########
  • Download niks meer via Softonic.
    Want daardoor krijg je ongewild troep in jouw Windows!

    Maar om te beginnen is er heel veel rotzooi jouw Windows uit!

    [b:0a3bcde7da]Welk programma[/b:0a3bcde7da]:
  • Malwarebytes Anti-Malware 1.62.0.1300
    www.malwarebytes.org

    Databaseversie: v2012.07.23.10

    Windows 7 Service Pack 1 x86 NTFS
    Internet Explorer 9.0.8112.16421
    Johannes :: PC_VAN_JOHANNES [administrator]

    23-7-2012 20:18:32
    mbam-log-2012-07-23 (20-18-32).txt

    Scantype: Snelle scan
    Ingeschakelde scanopties: Geheugen | Opstartitems | Register | Bestanden en mappen | Heuristiek/Extra | Heuristiek/Shuriken | PUP | PUM
    Uitgeschakelde scanopties: P2P
    Objecten gescand: 412284
    Verstreken tijd: 38 minuut/minuten, 59 seconde(n)

    Geheugenprocessen gedetecteerd: 3
    C:\Users\Johannes\AppData\Local\Temp\ZT1RfYGnkW2j.exe (Trojan.MSIL.ND3) -> 3984 -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\Johannes\AppData\Local\Temp\Updatez\Chrome_Check.exe (Trojan.Downloader) -> 3132 -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\Johannes\AppData\Roaming\Updatez\Chrome_Loader.exe (Trojan.Downloader) -> 2904 -> Zal worden verwijderd tijdens het herstarten.

    Geheugenmodulen gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Registersleutels gedetecteerd: 5
    HKCR\Typelib\{40196867-19F8-7157-C097-ECAFF653C9AD} (Trojan.FakeAlert) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\XML.XML (Trojan.FakeAlert) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCR\XML.XML.1 (Trojan.FakeAlert) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Cognac (Rogue.Multiple) -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\ColdWare (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerwaarden gedetecteerd: 3
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Audio HD Driver (Trojan.MSIL.ND3) -> Data: C:\Users\Johannes\AppData\Local\Temp\ZT1RfYGnkW2j.exe -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Chrome_Check.exe (Trojan.Downloader) -> Data: C:\Users\Johannes\AppData\Local\Temp\Updatez\Chrome_Check.exe -> Succesvol in quarantaine geplaatst en verwijderd.
    HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Chrome_Loader.exe (Trojan.Downloader) -> Data: C:\Users\Johannes\AppData\Roaming\Updatez\Chrome_Loader.exe -> Succesvol in quarantaine geplaatst en verwijderd.

    Registerdata gedetecteerd: 0
    (Geen kwaadaardige objecten gedetecteerd)

    Mappen gedetecteerd: 1
    C:\Users\Public\C-76947-8457-2745 (Backdoor.Bot) -> Succesvol in quarantaine geplaatst en verwijderd.

    Bestanden gedetecteerd: 32
    C:\Users\Johannes\AppData\Local\Temp\ZT1RfYGnkW2j.exe (Trojan.MSIL.ND3) -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\Johannes\AppData\Roaming\run_setup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Johannes\AppData\Roaming\svchost.exe (Trojan.Inject) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Johannes\AppData\Roaming\ZT1RfYGnkW2j.exe (Trojan.MSIL.ND3) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\$RECYCLE.BIN\S-1-5-21-1156446526-715349011-416336771-1008\$R1PR3QQ.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\$RECYCLE.BIN\S-1-5-21-1156446526-715349011-416336771-1008\$RLW8S1Y\Coldplay-Christmas_Lights-ID3FIX-WEB-2010-ENEMY.exe (Trojan.MSIL.ND3) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Johannes\AppData\Local\Temp\ICReinstall_PDFCreatorSetup.exe (PUP.Adware.InstallCore) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\AppData\Local\Temp\ICReinstall\VideoConverterSetup.exe (Affiliate.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\installer_adobe_after_effects.exe (PUP.BundleInstaller.BT) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\MyWebFace.exe (PUP.FunWebProducts) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\youtube-downloader.exe (PUP.Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\YouTubeDownloader.exe (PUP.EZSoft) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_blender.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_cinema-4d.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_lego-batman-2.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_lego-pirates-of-the-caribbean.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_minecraft-skinedit.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_minecraft.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\SoftonicDownloader_voor_virtual-dj.exe (PUP.ToolbarDownloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\setup (1).exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\setup (2).exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\setup (3).exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\setup (4).exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\RFD\Downloads\setup (5).exe (PUP.BundleInstaller.VG) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Windows\run_setup.exe (Adware.Agent) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Johannes\Favorites\Qword Search Engine.url (Adware.QWO) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Public\Documents\Server\admin.txt (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Public\Documents\Server\server.dat (Malware.Trace) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Windows\Tasks\{22116563-108C-42c0-A7CE-60161B75E508}.job (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Windows\Tasks\{35DC3473-A719-4d14-B7C1-FD326CA84A0C}.job (Trojan.Downloader) -> Succesvol in quarantaine geplaatst en verwijderd.
    C:\Users\Johannes\AppData\Local\Temp\Updatez\Chrome_Check.exe (Trojan.Downloader) -> Zal worden verwijderd tijdens het herstarten.
    C:\Users\Johannes\AppData\Roaming\Updatez\Chrome_Loader.exe (Trojan.Downloader) -> Zal worden verwijderd tijdens het herstarten.

    (einde)
  • Er zijn nogal wat trojan downloaders verwijderd.
    Heb jij soms veel keygens e.d. gebruikt om software te aktiveren?

    [b:0f857c46c0]Welk programma[/b:0f857c46c0]:
  • Antivirusprogramma uitschakelen. Kan dat uitsluitend het realtimescannen zijn of moet ook firewall e.a. zaken uitgeschakeld worden?
  • De firewall mag je eventueel ook uitschakelen, maar hoeft van mij niet.
    Wel inderdaad de realtime beveiliging deaktiveren.
  • Het logbestand


    ComboFix 12-07-24.01 - Johannes 23-07-2012 21:49:09.1.4 - x86
    Microsoft Windows 7 Ultimate 6.1.7601.1.1252.31.1043.18.3326.2423 [GMT 2:00]
    Gestart vanuit: c:\users\Johannes\Desktop\ComboFix.exe
    AV: McAfeeAntivirus en antispyware *Disabled/Updated* {86355677-4064-3EA7-ABB3-1B136EB04637}
    FW: McAfeeFirewall *Disabled* {BE0ED752-0A0B-3FFF-80EC-B2269063014C}
    SP: McAfeeAntivirus en antispyware *Disabled/Updated* {3D54B793-665E-3129-9103-206115370C8A}
    SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    * Nieuw herstelpunt werd aangemaakt
    .
    .
    (((((((((((((((((((((((((((((((((( Andere Verwijderingen )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    C:\Install.exe
    c:\users\Johannes\AppData\Roaming\chrtmp
    c:\users\Maureen\Documents\~WRL0005.tmp
    c:\users\RFD\AppData\Roaming\chrtmp
    c:\users\RFD\Desktop\Internet Explorer.lnk
    c:\windows\system32\drivers\RKHit.sys
    c:\windows\system32\socklink.txt
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    ——-\Legacy_RKHIT
    ——-\Service_RkHit
    .
    .
    (((((((((((((((((((( Bestanden Gemaakt van 2012-06-23 to 2012-07-23 ))))))))))))))))))))))))))))))
    .
    .
    2012-07-23 18:16 . 2012-07-23 18:16 ——– d—–w- c:\users\Johannes\AppData\Roaming\Malwarebytes
    2012-07-23 18:16 . 2012-07-23 18:16 ——– d—–w- c:\programdata\Malwarebytes
    2012-07-23 18:16 . 2012-07-03 11:46 22344 —-a-w- c:\windows\system32\drivers\mbam.sys
    2012-07-23 18:16 . 2012-07-23 18:16 ——– d—–w- c:\program files\Malwarebytes' Anti-Malware
    2012-07-23 12:33 . 2012-07-23 12:40 ——– d—–w- c:\program files\PCSafeDoctor
    2012-07-21 13:31 . 2012-07-21 13:31 ——– d—–w- c:\program files\Faceb662
    2012-07-20 15:31 . 2012-07-20 15:31 ——– d—–w- c:\program files\iPod
    2012-07-20 15:09 . 2012-07-20 16:13 ——– d—–w- c:\users\Johannes\AppData\Roaming\calibre
    2012-07-20 15:09 . 2012-07-20 15:09 ——– d—–w- c:\program files\Calibre2
    2012-07-15 15:48 . 2012-07-15 15:48 ——– d—–w- c:\programdata\22106
    2012-07-11 15:17 . 2012-06-12 02:40 2345984 —-a-w- c:\windows\system32\win32k.sys
    2012-07-11 13:24 . 2012-06-02 04:45 134000 —-a-w- c:\windows\system32\drivers\ksecpkg.sys
    2012-07-11 13:24 . 2012-06-02 04:40 369336 —-a-w- c:\windows\system32\drivers\cng.sys
    2012-07-11 13:24 . 2012-06-02 04:39 219136 —-a-w- c:\windows\system32
    crypt.dll
    2012-07-11 13:24 . 2012-06-02 04:45 67440 —-a-w- c:\windows\system32\drivers\ksecdd.sys
    2012-07-11 13:24 . 2012-06-02 04:40 225280 —-a-w- c:\windows\system32\schannel.dll
    2012-07-11 13:24 . 2012-06-06 05:05 1390080 —-a-w- c:\windows\system32\msxml6.dll
    2012-07-11 13:24 . 2012-06-06 05:05 1236992 —-a-w- c:\windows\system32\msxml3.dll
    2012-07-11 13:24 . 2010-06-26 03:24 2048 —-a-w- c:\windows\system32\msxml3r.dll
    2012-07-11 13:23 . 2012-06-06 05:05 1019904 —-a-w- c:\program files\Common Files\System\ado\msado15.dll
    2012-07-11 13:23 . 2012-06-06 05:05 57344 —-a-w- c:\program files\Common Files\System\ado\msador15.dll
    2012-07-11 13:23 . 2012-06-06 05:05 352256 —-a-w- c:\program files\Common Files\System\ado\msadomd.dll
    2012-07-11 13:23 . 2012-06-06 05:03 805376 —-a-w- c:\windows\system32\cdosys.dll
    2012-07-11 13:23 . 2012-06-06 05:05 143360 —-a-w- c:\program files\Common Files\System\ado\msjro.dll
    2012-07-11 13:23 . 2012-06-06 05:05 372736 —-a-w- c:\program files\Common Files\System\ado\msadox.dll
    2012-07-11 13:23 . 2012-06-06 05:05 212992 —-a-w- c:\program files\Common Files\System\msadc\msadco.dll
    2012-07-09 18:28 . 2012-07-09 18:28 ——– d—–w- c:\users\RFD\AppData\Local\PunkBuster
    2012-07-08 11:18 . 2012-07-08 11:18 ——– d—–w- c:\users\RFD\AppData\Roaming\Need for Speed World
    2012-07-08 10:37 . 2012-07-22 12:19 270240 —-a-w- c:\windows\system32\PnkBstrB.xtr
    2012-07-08 10:37 . 2012-07-08 10:37 ——– d—–w- c:\users\Johannes\AppData\Local\PunkBuster
    2012-07-08 10:33 . 2012-07-22 12:19 139080 —-a-w- c:\windows\system32\drivers\PnkBstrK.sys
    2012-07-08 10:33 . 2012-07-08 10:33 138056 —-a-w- c:\users\Johannes\AppData\Roaming\PnkBstrK.sys
    2012-07-08 10:33 . 2012-07-22 12:19 270240 —-a-w- c:\windows\system32\PnkBstrB.exe
    2012-07-08 10:33 . 2012-07-21 12:58 270240 —-a-w- c:\windows\system32\PnkBstrB.ex0
    2012-07-08 10:32 . 2012-07-08 10:32 75136 —-a-w- c:\windows\system32\PnkBstrA.exe
    2012-07-08 10:27 . 2012-07-08 10:27 ——– d—–w- c:\program files\EA Games
    2012-07-08 10:20 . 2012-07-08 10:20 ——– d—–w- c:\users\RFD\AppData\Local\Electronic_Arts_Inc
    2012-07-07 18:42 . 2012-07-07 18:42 ——– d—–w- c:\users\Johannes\AppData\Roaming\Need for Speed World
    2012-07-07 18:29 . 2012-07-07 18:29 ——– d—–w- c:\users\Johannes\AppData\Local\Electronic_Arts_Inc
    2012-07-07 18:28 . 2012-07-07 18:28 ——– d—–w- c:\programdata\Electronic Arts
    2012-07-07 18:28 . 2012-07-07 18:28 ——– d—–w- c:\program files\Electronic Arts
    2012-07-07 18:03 . 2012-07-07 18:03 ——– d—–w- c:\program files\VirtualDJ
    2012-06-28 19:01 . 2012-05-25 15:09 29312 —-a-w- c:\program files\Mozilla Firefox\ScriptFF.dll
    2012-06-24 12:47 . 2012-06-24 12:47 ——– d—–w- c:\windows
    l
    2012-06-24 12:40 . 2012-06-24 12:40 89944 —-a-w- c:\program files\Common Files\Windows Live\.cache\990e33441cd520601\DSETUP.dll
    2012-06-24 12:40 . 2012-06-24 12:40 537432 —-a-w- c:\program files\Common Files\Windows Live\.cache\990e33441cd520601\DXSETUP.exe
    2012-06-24 12:40 . 2012-06-24 12:40 1801048 —-a-w- c:\program files\Common Files\Windows Live\.cache\990e33441cd520601\dsetup32.dll
    2012-06-24 11:02 . 2012-06-24 11:02 ——– d—–w- c:\users\RFD\AppData\Roaming\SnelStart
    .
    .
    .
    ((((((((((((((((((((((((((((((((((((((( Find3M Rapport ))))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    2012-07-12 14:40 . 2012-04-20 07:40 426184 —-a-w- c:\windows\system32\FlashPlayerApp.exe
    2012-07-12 14:40 . 2011-08-22 17:20 70344 —-a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2012-06-02 22:19 . 2012-06-19 14:34 53784 —-a-w- c:\windows\system32\wuauclt.exe
    2012-06-02 22:19 . 2012-06-19 14:34 45080 —-a-w- c:\windows\system32\wups2.dll
    2012-06-02 22:19 . 2012-06-19 14:33 35864 —-a-w- c:\windows\system32\wups.dll
    2012-06-02 22:19 . 2012-06-19 14:33 577048 —-a-w- c:\windows\system32\wuapi.dll
    2012-06-02 22:19 . 2012-06-19 14:34 1933848 —-a-w- c:\windows\system32\wuaueng.dll
    2012-06-02 22:12 . 2012-06-19 14:34 2422272 —-a-w- c:\windows\system32\wucltux.dll
    2012-06-02 22:12 . 2012-06-19 14:33 88576 —-a-w- c:\windows\system32\wudriver.dll
    2012-06-02 13:19 . 2012-06-19 14:33 171904 —-a-w- c:\windows\system32\wuwebv.dll
    2012-06-02 13:12 . 2012-06-19 14:33 33792 —-a-w- c:\windows\system32\wuapp.exe
    2012-05-01 04:44 . 2012-06-13 13:44 164352 —-a-w- c:\windows\system32\profsvc.dll
    2012-04-28 04:41 . 2012-06-13 13:44 919040 —-a-w- c:\windows\system32\rdpcorets.dll
    2012-04-28 03:17 . 2012-06-13 13:44 183808 —-a-w- c:\windows\system32\drivers\rdpwd.sys
    2012-04-26 04:45 . 2012-06-13 13:44 58880 —-a-w- c:\windows\system32\rdpwsx.dll
    2012-04-26 04:45 . 2012-06-13 13:44 129536 —-a-w- c:\windows\system32\rdpcorekmts.dll
    2012-04-26 04:41 . 2012-06-13 13:44 8192 —-a-w- c:\windows\system32\rdrmemptylst.exe
    2010-03-10 23:01 . 2010-03-10 23:01 124272 —-a-w- c:\program files\mozilla firefox\plugins\CCMSDK.dll
    2010-03-10 23:40 . 2010-03-10 23:40 13168 —-a-w- c:\program files\mozilla firefox\plugins\cgpcfg.dll
    2010-03-10 23:02 . 2010-03-10 23:02 70512 —-a-w- c:\program files\mozilla firefox\plugins\CgpCore.dll
    2010-03-10 23:01 . 2010-03-10 23:01 91504 —-a-w- c:\program files\mozilla firefox\plugins\confmgr.dll
    2010-03-10 23:01 . 2010-03-10 23:01 22384 —-a-w- c:\program files\mozilla firefox\plugins\ctxlogging.dll
    2010-03-10 23:00 . 2010-03-10 23:00 255344 —-a-w- c:\program files\mozilla firefox\plugins\ctxmui.dll
    2010-03-10 23:01 . 2010-03-10 23:01 31088 —-a-w- c:\program files\mozilla firefox\plugins\icafile.dll
    2010-03-10 23:01 . 2010-03-10 23:01 40304 —-a-w- c:\program files\mozilla firefox\plugins\icalogon.dll
    2009-10-05 12:49 . 2009-10-05 12:49 652640 —-a-w- c:\program files\mozilla firefox\plugins\sslsdk_b.dll
    2010-03-10 23:02 . 2010-03-10 23:02 23920 —-a-w- c:\program files\mozilla firefox\plugins\TcpPServ.dll
    2012-01-29 16:32 . 2011-03-26 18:24 134104 —-a-w- c:\program files\mozilla firefox\components\browsercomps.dll
    2008-06-30 12:44 . 2009-02-23 18:21 324976 —-a-w- c:\program files\mozilla firefox\components\coFFPlgn.dll
    2011-04-14 12:01 . 2010-09-07 15:55 24376 —-a-w- c:\program files\mozilla firefox\components\Scriptff.dll
    2006-05-03 10:06 163328 –sha-r- c:\windows\System32\flvDX.dll
    2007-02-21 11:47 31232 –sha-r- c:\windows\System32\msfDX.dll
    2008-03-16 13:30 216064 –sha-r- c:\windows\System32
    bDX.dll
    2010-01-06 22:00 107520 –sha-r- c:\windows\System32\TAKDSDecoder.dll
    .
    .
    ((((((((((((((((((((((((((((((((((((( Reg Opstartpunten )))))))))))))))))))))))))))))))))))))))))))))))))))
    .
    .
    *Nota* lege verwijzingen & legitieme standaard verwijzingen worden niet getoond
    REGEDIT4
    .
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AlcoholAutomount"="c:\program files\Alcohol Soft\Alcohol 120\axcmd.exe" [2009-04-24 203928]
    "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2010-11-20 144384]
    "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [2008-01-14 1688872]
    "SmpcSys"="c:\program files\Packard Bell\SetUpMyPC\SmpSys.exe" [2008-02-04 1038136]
    "igndlm.exe"="c:\program files\Download Manager\DLM.exe" [2009-10-27 1103216]
    "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
    "YouTube Mini"="c:\program files\YoutubeDownloader.org\YouTubeDownloader\YouTube Mini.exe" [2011-10-28 157696]
    "MobileDocuments"="c:\program files\Common Files\Apple\Internet Services\ubd.exe" [2012-02-23 59240]
    .
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "RtHDVCpl"="RtHDVCpl.exe" [2008-04-24 6111232]
    "Skytel"="Skytel.exe" [2007-11-20 1826816]
    "ACTIVBOARD"="c:\program files\Packard Bell\FIJI\aboard.exe" [2007-01-18 79416]
    "CarboniteSetupLite"="c:\program files\Packard Bell\Carbonite\CarboniteSetupLitePBPreInstaller.exe" [2008-04-07 306112]
    "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-26 30040]
    "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2008-03-25 49152]
    "hpqSRMon"="c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-06-02 81920]
    "toolbar_eula_launcher"="c:\program files\Packard Bell\GOOGLE_EULA\EULALauncher.exe" [2007-02-20 28672]
    "PrintDisp"="c:\windows\system32\PrintDisp.exe" [2009-06-22 864768]
    "Intel AppUp(SM) center"="c:\program files\Intel\IntelAppStore\bin\serviceManager.lnk" [2011-05-30 1223]
    "mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2012-03-21 1318816]
    "APSDaemon"="c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-05-30 59280]
    "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2011-06-09 254696]
    "QuickTime Task"="C:\QTTask.exe" [2011-10-24 421888]
    "ConnectionCenter"="c:\program files\Citrix\ICA Client\concentr.exe" [2010-03-10 300400]
    "Windows Mobile-based device management"="c:\windows\WindowsMobile\wmdcBase.exe" [2007-05-31 648072]
    "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2012-03-27 37296]
    "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2012-01-02 843712]
    "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2012-06-07 421776]
    "pcsafedoctor.exe"="c:\program files\PCSafeDoctor\pcsafedoctor.exe" [2012-01-18 2055680]
    .
    c:\users\Eline\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    OneNote-inhoudsopgave.onetoc2 [2012-4-24 3656]
    .
    c:\users\Maureen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    .
    c:\users\Johannes\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
    Faceb662.url [2012-4-26 113]
    OneNote 2007 Schermopname en Snel starten.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
    OneNote-inhoudsopgave.onetoc2 [2009-5-17 3656]
    .
    c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
    HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
    ZyXEL Wireless N USB Adapter Utility.lnk - c:\program files\ZyXEL\NWD210N\NWD210N.exe [2008-12-15 11321344]
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
    "ConsentPromptBehaviorAdmin"= 5 (0x5)
    "ConsentPromptBehaviorUser"= 3 (0x3)
    "EnableUIADesktopToggle"= 0 (0x0)
    .
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa]
    Security Packages REG_MULTI_SZ kerberos msv1_0 schannel wdigest tspkg pku2u livessp
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
    @=""
    .
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
    @=""
    .
    R2 gupdate1c9f4349d567c66;Google Updateservice (gupdate1c9f4349d567c66);c:\program files\Google\Update\GoogleUpdate.exe [x]
    R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [x]
    R3 gupdatem;Google Update-service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [x]
    R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [x]
    R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x]
    R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [x]
    R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x]
    R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x]
    R3 WatAdminSvc;Windows Activation Technologies-service;c:\windows\system32\Wat\WatAdminSvc.exe [x]
    R3 XDva390;XDva390;c:\windows\system32\XDva390.sys [x]
    R3 XDva391;XDva391;c:\windows\system32\XDva391.sys [x]
    R3 XDva394;XDva394;c:\windows\system32\XDva394.sys [x]
    R3 XDva397;XDva397;c:\windows\system32\XDva397.sys [x]
    R3 XDva398;XDva398;c:\windows\system32\XDva398.sys [x]
    S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys [x]
    S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [x]
    S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys [x]
    S1 mfenlfk;McAfee NDIS Light Filter;c:\windows\system32\DRIVERS\mfenlfk.sys [x]
    S1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\DRIVERS\vwififlt.sys [x]
    S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
    S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\Mcafee\McSvcHost\McSvHost.exe [x]
    S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]
    S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]
    S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe [x]
    S2 Printer Control;Printer Control;c:\windows\system32\PrintCtrl.exe [x]
    S2 XobniService;XobniService;c:\program files\Xobni\XobniService.exe [x]
    S3 3xHybrid;3xHybrid service;c:\windows\system32\DRIVERS\3xHybrid.sys [x]
    S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys [x]
    S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys [x]
    S3 netr28u;Stuurprogramma voor RT2870 USB draadloze LAN-kaart voor Vista;c:\windows\system32\DRIVERS
    etr28u.sys [x]
    S3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\DRIVERS\vwifimp.sys [x]
    .
    .
    — Andere Services/Drivers In Geheugen —
    .
    *NewlyCreated* - WS2IFSL
    *Deregistered* - mfeavfk01
    *Deregistered* - mferkdk
    *Deregistered* - mfesmfk
    *Deregistered* - MPFP
    .
    [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
    hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
    WindowsMobile REG_MULTI_SZ wcescomm rapimgr
    LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr
    .
    Inhoud van de 'Gedeelde Taken' map
    .
    2012-07-23 c:\windows\Tasks\Adobe Flash Player Updater.job
    - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-20 14:40]
    .
    2012-07-20 c:\windows\Tasks\Google Software Updater.job
    - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-27 17:17]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-23 18:58]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    - c:\program files\Google\Update\GoogleUpdate.exe [2009-06-23 18:58]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156446526-715349011-416336771-1000Core.job
    - c:\users\Johannes\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 17:50]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156446526-715349011-416336771-1000UA.job
    - c:\users\Johannes\AppData\Local\Google\Update\GoogleUpdate.exe [2009-05-05 17:50]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156446526-715349011-416336771-1008Core.job
    - c:\users\RFD\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 11:27]
    .
    2012-07-23 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1156446526-715349011-416336771-1008UA.job
    - c:\users\RFD\AppData\Local\Google\Update\GoogleUpdate.exe [2011-05-02 11:27]
    .
    2012-07-23 c:\windows\Tasks\Uitgebreide garantie-Johannes.job
    - c:\program files\Packard Bell\SetupmyPC\PBCarNot.exe [2008-08-27 09:13]
    .
    .
    ——- Bijkomende Scan ——-
    .
    uStart Page = hxxp://www.igoogle.nl/
    mStart Page = hxxp://www.google.com
    uInternet Settings,ProxyOverride = *.local
    uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
    IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
    IE: Download Web &Images with SoMud - c:\program files\SoMud\scripts\ie\images-url.html
    IE: Download with SoMud - c:\program files\SoMud\scripts\ie\link-url.html
    IE: E&xporteren naar Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
    TCP: DhcpNameServer = 213.197.28.3 213.197.30.28
    DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} - hxxp://game.zylom.com/activex/zylomgamesplayer.cab
    FF - ProfilePath - c:\users\Johannes\AppData\Roaming\Mozilla\Firefox\Profiles\5149wsd9.default\
    .
    - - - - ORPHANS VERWIJDERD - - - -
    .
    URLSearchHooks-{2877A654-1C9F-4cb5-8438-16022B2FDD9C} - (no file)
    WebBrowser-{2877A654-1C9F-4CB5-8438-16022B2FDD9C} - (no file)
    HKLM-Run-vProt - c:\program files\AVG Secure Search\vprot.exe
    AddRemove-Blender - c:\program files\Blender Foundation\Blender\uninstall.exe
    AddRemove-HyperCam 2 - c:\users\RFD\Desktop\HyperCam 2\HcUnInst.exe
    AddRemove-{09FF4DB8-7DE9-4D47-B7DB-915DB7D9A8CA} - c:\programdata\{3C0AACBF-B491-4BE5-BAF9-AA46E0629E42}\standard_1.exe
    .
    .
    .
    ——————— VERGRENDELDE REGISTER SLEUTELS ———————
    .
    [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
    @Denied: (Full) (Everyone)
    .
    ———————— Andere Aktieve Processen ————————
    .
    c:\windows\system32
    vvsvc.exe
    c:\windows\system32
    vvsvc.exe
    c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    c:\program files\Bonjour\mDNSResponder.exe
    c:\windows\system32\rundll32.exe
    c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe
    c:\windows\system32\IoctlSvc.exe
    c:\windows\system32\PnkBstrA.exe
    c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    c:\program files\Common Files\McAfee\SystemCore\mcshield.exe
    c:\program files\Common Files\McAfee\SystemCore\mfefire.exe
    c:\windows\system32\taskhost.exe
    c:\windows\system32\WUDFHost.exe
    c:\windows\system32\conhost.exe
    c:\windows\system32\DllHost.exe
    c:\windows\system32\sppsvc.exe
    c:\program files\Windows Media Player\wmpnetwk.exe
    c:\progra~1\mcafee.com\agent\mcagent.exe
    c:\progra~1\mcafee.com\agent\mcupdate.exe
    c:\program files\Internet Explorer\IELowutil.exe
    .
    **************************************************************************
    .
    Voltooingstijd: 2012-07-23 22:14:19 - machine werd herstart
    ComboFix-quarantined-files.txt 2012-07-23 20:14
    .
    Pre-Run: 9.316.728.832 bytes beschikbaar
    Post-Run: 34.105.397.248 bytes beschikbaar
    .
    - - End Of File - - 3071BD7835D2F03B55460F75C8D4EE9F





  • Doe nu het onderstaande:

    [b:c24d04a5e6]Welk programma[/b:c24d04a5e6]:
  • en ik was vanmiddag nog in de veronderstelling dat je zoiets eenvoudig kunt verwijderen…. Niet dus. Op naar de volgende stap (bedankt trouwens voor het geduld en de zorgvuldigheid)
  • Emsisoft Emergency Kit - Versie 2.0
    Laatste Update: 23-7-2012 22:45:03

    Scaninstellingen:

    Scantype: Diepe scan
    Objecten: Rootkits, Geheugen, Sporen, C:\
    Scan archieven: Aan
    ADS Scan: Aan

    Scan gestart: 23-7-2012 22:45:54

    c:\program files\imesh applications\imesh Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\html Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\images Ontdekt: Trace.File.imesh!E1
    c:\program files\freerip3 Ontdekt: Trace.File.freerip v3.0!E1
    c:\windows\downloaded program files\default.inf Ontdekt: Trace.File.ieplugin!E1
    c:\program files\imesh applications\imesh\html\error.html Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\html\loading.html Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\launcher.exe Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\imwebcontrol.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\license.txt Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh
    ctaudiocdwriter2.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\discoveryhelper.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh
    ctdatacdwriter2.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\resourcesloc.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\shw32.dll Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\default.skn Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\imesh.exe Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\images\defartwork.jpg Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\images\taflogo.png Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\default.xml Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\images\togologo.png Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\skins\settings.xml Ontdekt: Trace.File.imesh!E1
    c:\program files\imesh applications\imesh\updateinst.exe Ontdekt: Trace.File.imesh!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> displayname Ontdekt: Trace.Registry.imesh 6!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> uninstallstring Ontdekt: Trace.Registry.imesh 6!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> publisher Ontdekt: Trace.Registry.imesh 6!E1
    Value: hkey_current_user\software\imesh\player –> volume Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> autosync Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> noremove Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> serialnumber Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> usages Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers –> devices Ontdekt: Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\general –> appdata Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> downloaddir Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> downloadlimit Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> dsuniqueid Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> home Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> languagecode Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> limittime Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> login Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> mnenabled Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> networkpaneshow Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> okhashes Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> settingsxml Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> skin Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> skinxml Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> statisticsfilename Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> accessuploading Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> antport Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> connectip Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> enablelocalconnections Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxconnforfile Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxdownload Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxdownloadspeed Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxupload Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxuploadspeed Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> previewport Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> reassignslowsources Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> smarttraffic Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> statusuploadport Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> timelibraryreportsent Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> timeuploadport Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> password Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> serveraddress Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> serverport Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> type Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> useauthentication Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> username Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\filelist –> deletefromdisk Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\filelist –> mediatypefilter Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> dontshowiehomepageoffer Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> dontshowiehomepageoffernever Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> iehomepage Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> lasthomepagecheck Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> downloadcount Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> inviteshowcount Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> playcount Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> maxresultscount Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> mediatypefilter Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> premiumenabled Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\security –> donotshare Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> audeclinedate Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> autoresetplaycount Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> copyfromremovable Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> imhistoryfolderpath Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> impicturefolderpath Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isautovolume Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> iscrossfadeenable Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimalertcontacts Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimalertmessages Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimdontplaywhenplaying Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimeveryone Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimspecialalers Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isneedupdatehisory Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isnotpresentanyvideo Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> issecuritylock Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isplaydownloadsound Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> issearchautosuggest Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isnotshownick Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowcrqdialog Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowdownloadtray Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowftpdialog Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowlqdialog Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowtoday Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> receivelooking Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> rootlicensedate Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> sendlooking Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> shownilwarning Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> substype Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> updaterlocation Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> usedmnportable Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> usedportable Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> videoregime Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> visualenabled Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> visualregime Ontdekt: Trace.Registry.imesh!E1
    Key: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh –> lastopenfiledir Ontdekt: Trace.Registry.imesh!E1
    Key: hkey_local_machine\software\imesh Ontdekt: Trace.Registry.imesh!E1
    Key: hkey_current_user\software\imesh Ontdekt: Trace.Registry.imesh!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> allowmultipleinstances Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> autochecknewversion Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> autosearchfreedb Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> beepafterrip Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> cddevice Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> converterusesfilenames Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> defaulttargetformat Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> ejectafterrip Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> flacenc_level Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> filenameformat Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbautochoose1 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbemail Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbserver Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> flacenc_channels Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> encodedbypreset Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> language Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lastregreminderdate Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freeripdbautosearch Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> forceaspi Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mainwndcx Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lyricswindow_dx Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lyricswindow_dy Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_channels Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mainwndcy Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_bitrate Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbtimeout Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_writeid3 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_vbrquality Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> optionswindow_dy Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_mode Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> optionswindow_dx Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_writecrcs Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> outputpath Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyport Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxypwd Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyserver Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyuser Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> readcdtext Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regcode Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regname Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regreminderdays Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> ripvolume Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> runathigherpriority Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> runscounter Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> showfullfilename Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> showsplash Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> slowspeedmode Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> uselocaldb Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> useproxy Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> vorbisenc_channels Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> vorbisenc_quality Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_bitspersample Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wndcloseafterrip Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_writeinfotags Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wmaenc_mode Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_channels Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writecdplayerini Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writelrcfile Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writeplaylist Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate –> barsize_32772 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate –> version Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar0 –> barid Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar1 –> barid Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#0 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#1 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#2 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> barid Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bars Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> barid Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> docking Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockbottompos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockid Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockleftpos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockrightpos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudocktoppos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatstyle Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatxpos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatypos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> xpos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> ypos Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> bars Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> screencx Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> screency Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthconv –> n Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 0 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 1 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 2 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 3 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 4 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> n Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 0 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 1 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 2 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 3 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 4 Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> n Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\freedbserverlist –> n Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayicon Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayname Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayversion Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: app path Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: deselected tasks Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: icon group Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: selected tasks Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: setup version Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: user Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> installdate Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> installlocation Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> nomodify Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> norepair Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> publisher Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> quietuninstallstring Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> uninstallstring Ontdekt: Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> urlinfoabout Ontdekt: Trace.Registry.freerip v3.0!E1
    C:\Users\RFD\Downloads\Augs_Dist.rar -> Augs_Dist.exe Ontdekt: Win32.Malware!E2
    C:\Users\RFD\Downloads\cnet_lego_star_wars_pc_demo_final_exe.exe Ontdekt: Riskware.Win32.InstallCore.AMN!E1
    C:\Users\RFD\Downloads\LEGO+Digital+Designer.exe -> $PLUGINSDIR\downloadmr.exe Ontdekt: AdWare.Win32.Solimba!E2
    C:\Users\RFD\Downloads\Micro Volts Hack v3.6.exe Ontdekt: Riskware.Keygen!E2
    C:\Users\RFD\Desktop\Mapjes (inc. stopmotion sketcup)\mcforge_5.5.0.2.zip -> MCForge_.dll Ontdekt: Win32.SuspectCrc!E2
    C:\Users\RFD\Desktop\Mapjes (inc. stopmotion sketcup)\mcforge_5.5.0.2\MCForge_.dll Ontdekt: Win32.SuspectCrc!E2
    C:\Program Files\Windows Live\Messenger\riched20.dll Ontdekt: Adware.Win32.Toolbar.MyWebSearch.AMN!E1
    C:\Program Files\Windows Live\Messenger\msimg32.dll Ontdekt: Adware.Win32.MyWebSearchToolbar!E1
    C:\Program Files\HyvesToolbar\Hyves Toolbar\basis.xml Ontdekt: Riskware.AdWare.Win32.Mostofate!E2
    C:\downloads\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar -> Setup.exe Ontdekt: Trojan.VBCrypt!E2
    C:\downloads\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar.rar -> Setup.exe Ontdekt: Trojan.VBCrypt!E2
    C:\downloads\Pokemon Black Edition EU.nds.rar\Pokemon Black Edition EU.nds.rar -> Setup.exe Ontdekt: Trojan.Win32.VBKrypt!E2
    C:\downloads\Pokemon Black and White EU.nds.rar\Pokemon_Black_and_White_EU.nds.rar -> setup.exe Ontdekt: Trojan.Win32.VBKrypt!E2
    C:\downloads
    ds ninjago.rar
    ds ninjago.rar -> setup.exe Ontdekt: Trojan.Win32.VBKrypt!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.1.rar -> Setup.exe Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.3.rar -> Setup.exe Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.2.rar -> Setup.exe Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.rar -> Setup.exe Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011\Setup.exe Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).rar (2)\NDS - LEGO Battles Ninjago (2011) (USA).rar -> Setup.exe Ontdekt: Trojan.Win32.VBKrypt!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).exe\NDS - LEGO Battles Ninjago (2011) (USA).rar -> NDS - LEGO Battles Ninjago (2011) (USA).exe Ontdekt: Trojan-Dropper!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).rar (1)\NDS - LEGO Battles Ninjago (2011) (USA).rar -> Setup.exe Ontdekt: Trojan.Win32.VBKrypt!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).exe\NDS - LEGO Battles Ninjago (2011) (USA)\NDS - LEGO Battles Ninjago (2011) (USA).exe Ontdekt: Trojan-Dropper!E2
    C:\downloads\les Ninjago USA NDS-BAHAMUT.rar\les_Ninjago_USA_NDS-BAHAMUT.rar -> les_Ninjago_USA_NDS-BAHAMUT.exe -> serverrrr.exe Ontdekt: Trojan-Dropper.Small!E2
    C:\downloads\les Ninjago USA NDS-BAHAMUT.rar\les_Ninjago_USA_NDS-BAHAMUT.rar -> les_Ninjago_USA_NDS-BAHAMUT.exe Ontdekt: Trojan-Dropper.Small!E2
    C:\downloads\Lego Ninjago The Videogame EUR MULTi7 PROPER NDS-DDumpers.rar (1)\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.rar -> Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.exe -> serverrrr.exe Ontdekt: Trojan-Dropper.Small!E2
    C:\downloads\Lego Ninjago The Videogame EUR MULTi7 PROPER NDS-DDumpers.rar (1)\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.rar -> Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.exe Ontdekt: Trojan-Dropper.Small!E2
    C:\downloads\Lego Ninjago The Videogame EUR MULTi7 PROPER NDS-DDumpers.rar (1)\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.exe -> serverrrr.exe Ontdekt: Trojan-Dropper.Small!E2
    C:\downloads\LEGO Battles Ninjago EUR NDS-nukeBAHAMUTps3.rar\LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.1.rar -> LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.exe -> PATCH-~1.EXE Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\LEGO Battles Ninjago EUR NDS-nukeBAHAMUTps3.rar\LEGO_BATTLES_NINJAGO_EUR_NDS-NUKEBAHAMUTPS3\LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.exe -> PATCH-~1.EXE Ontdekt: Trojan.Win32.Jorik!E2
    C:\downloads\LEGO Battles Ninjago EUR NDS-nukeBAHAMUTps3.rar\LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.1.rar -> LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.exe Ontdekt: Trojan.Win32.Jorik!E2

    Gescand 805124
    Gevonden 265

    Scan geëindigd: 24-7-2012 1:05:30
    Scantijd: 2:19:36

    C:\downloads\les Ninjago USA NDS-BAHAMUT.rar\les_Ninjago_USA_NDS-BAHAMUT.rar -> les_Ninjago_USA_NDS-BAHAMUT.exe -> serverrrr.exe Verwijderd Trojan-Dropper.Small!E2
    C:\downloads\Lego Ninjago The Videogame EUR MULTi7 PROPER NDS-DDumpers.rar (1)\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.rar -> Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.exe -> serverrrr.exe Verwijderd Trojan-Dropper.Small!E2
    C:\downloads\Lego Ninjago The Videogame EUR MULTi7 PROPER NDS-DDumpers.rar (1)\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers\Lego_Ninjago_The_Videogame_EUR_MULTi7_PROPER_NDS-DDumpers.exe -> serverrrr.exe Verwijderd Trojan-Dropper.Small!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).exe\NDS - LEGO Battles Ninjago (2011) (USA).rar -> NDS - LEGO Battles Ninjago (2011) (USA).exe Verwijderd Trojan-Dropper!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).exe\NDS - LEGO Battles Ninjago (2011) (USA)\NDS - LEGO Battles Ninjago (2011) (USA).exe Verwijderd Trojan-Dropper!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.1.rar -> Setup.exe Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.3.rar -> Setup.exe Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.2.rar -> Setup.exe Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011.rar -> Setup.exe Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\NDS - LEGO Battles Ninjago 2011.rar\NDS - LEGO Battles Ninjago 2011\Setup.exe Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\LEGO Battles Ninjago EUR NDS-nukeBAHAMUTps3.rar\LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.1.rar -> LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.exe -> PATCH-~1.EXE Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\LEGO Battles Ninjago EUR NDS-nukeBAHAMUTps3.rar\LEGO_BATTLES_NINJAGO_EUR_NDS-NUKEBAHAMUTPS3\LEGO_Battles_Ninjago_EUR_NDS-nukeBAHAMUTps3.exe -> PATCH-~1.EXE Verwijderd Trojan.Win32.Jorik!E2
    C:\downloads\Pokemon Black Edition EU.nds.rar\Pokemon Black Edition EU.nds.rar -> Setup.exe Verwijderd Trojan.Win32.VBKrypt!E2
    C:\downloads\Pokemon Black and White EU.nds.rar\Pokemon_Black_and_White_EU.nds.rar -> setup.exe Verwijderd Trojan.Win32.VBKrypt!E2
    C:\downloads
    ds ninjago.rar
    ds ninjago.rar -> setup.exe Verwijderd Trojan.Win32.VBKrypt!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).rar (2)\NDS - LEGO Battles Ninjago (2011) (USA).rar -> Setup.exe Verwijderd Trojan.Win32.VBKrypt!E2
    C:\downloads\NDS - LEGO Battles Ninjago (2011) (USA).rar (1)\NDS - LEGO Battles Ninjago (2011) (USA).rar -> Setup.exe Verwijderd Trojan.Win32.VBKrypt!E2
    C:\downloads\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar -> Setup.exe Verwijderd Trojan.VBCrypt!E2
    C:\downloads\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar\[NDS] Pokemon White Version EUR -SweeTnDs - WORKING.rar.rar -> Setup.exe Verwijderd Trojan.VBCrypt!E2
    C:\Program Files\HyvesToolbar\Hyves Toolbar\basis.xml Verwijderd Riskware.AdWare.Win32.Mostofate!E2
    C:\Program Files\Windows Live\Messenger\msimg32.dll Verwijderd Adware.Win32.MyWebSearchToolbar!E1
    C:\Program Files\Windows Live\Messenger\riched20.dll Verwijderd Adware.Win32.Toolbar.MyWebSearch.AMN!E1
    C:\Users\RFD\Desktop\Mapjes (inc. stopmotion sketcup)\mcforge_5.5.0.2.zip -> MCForge_.dll Verwijderd Win32.SuspectCrc!E2
    C:\Users\RFD\Desktop\Mapjes (inc. stopmotion sketcup)\mcforge_5.5.0.2\MCForge_.dll Verwijderd Win32.SuspectCrc!E2
    C:\Users\RFD\Downloads\Micro Volts Hack v3.6.exe Verwijderd Riskware.Keygen!E2
    C:\Users\RFD\Downloads\LEGO+Digital+Designer.exe -> $PLUGINSDIR\downloadmr.exe Verwijderd AdWare.Win32.Solimba!E2
    C:\Users\RFD\Downloads\cnet_lego_star_wars_pc_demo_final_exe.exe Verwijderd Riskware.Win32.InstallCore.AMN!E1
    C:\Users\RFD\Downloads\Augs_Dist.rar -> Augs_Dist.exe Verwijderd Win32.Malware!E2
    Value: hkey_current_user\software\mgshareware\freerip3 –> allowmultipleinstances Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> autochecknewversion Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> autosearchfreedb Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> beepafterrip Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> cddevice Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> converterusesfilenames Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> defaulttargetformat Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> ejectafterrip Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> flacenc_level Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> filenameformat Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbautochoose1 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbemail Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbserver Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> flacenc_channels Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> encodedbypreset Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> language Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lastregreminderdate Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freeripdbautosearch Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> forceaspi Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mainwndcx Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lyricswindow_dx Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> lyricswindow_dy Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_channels Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mainwndcy Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_bitrate Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> freedbtimeout Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_writeid3 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_vbrquality Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> optionswindow_dy Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_mode Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> optionswindow_dx Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> mp3enc_writecrcs Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> outputpath Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyport Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxypwd Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyserver Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> proxyuser Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> readcdtext Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regcode Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regname Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> regreminderdays Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> ripvolume Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> runathigherpriority Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> runscounter Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> showfullfilename Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> showsplash Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> slowspeedmode Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> uselocaldb Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> useproxy Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> vorbisenc_channels Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> vorbisenc_quality Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_bitspersample Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wndcloseafterrip Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_writeinfotags Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wmaenc_mode Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> wavenc_channels Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writecdplayerini Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writelrcfile Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3 –> writeplaylist Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate –> barsize_32772 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate –> version Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar0 –> barid Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar1 –> barid Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#0 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#1 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bar#2 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> barid Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar2 –> bars Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> barid Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> docking Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockbottompos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockid Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockleftpos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudockrightpos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrudocktoppos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatstyle Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatxpos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> mrufloatypos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> xpos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-bar3 –> ypos Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> bars Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> screencx Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\barsstate-summary –> screency Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthconv –> n Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 0 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 1 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 2 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 3 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> 4 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\cdgridcolumnwidthrip –> n Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 0 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 1 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 2 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 3 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> 4 Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\filenamedefs –> n Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\mgshareware\freerip3\freedbserverlist –> n Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayicon Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayname Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> displayversion Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: app path Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: deselected tasks Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: icon group Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: selected tasks Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: setup version Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> inno setup: user Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> installdate Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> installlocation Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> nomodify Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> norepair Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> publisher Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> quietuninstallstring Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> uninstallstring Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\{501451de-5808-4599-b544-8bd0915b6b24}_is1 –> urlinfoabout Verwijderd Trace.Registry.freerip v3.0!E1
    Value: hkey_current_user\software\imesh\general –> appdata Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> downloaddir Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> downloadlimit Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> dsuniqueid Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> home Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> languagecode Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> limittime Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> login Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> mnenabled Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> networkpaneshow Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> okhashes Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> settingsxml Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> skin Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> skinxml Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\general –> statisticsfilename Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> accessuploading Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> antport Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> connectip Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> enablelocalconnections Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxconnforfile Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxdownload Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxdownloadspeed Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxupload Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> maxuploadspeed Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> previewport Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> reassignslowsources Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> smarttraffic Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> statusuploadport Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> timelibraryreportsent Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\im2net –> timeuploadport Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> password Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> serveraddress Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> serverport Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> type Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> useauthentication Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh
    etwork\proxy –> username Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\filelist –> deletefromdisk Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\filelist –> mediatypefilter Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> dontshowiehomepageoffer Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> dontshowiehomepageoffernever Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> iehomepage Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\iehomepage –> lasthomepagecheck Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> downloadcount Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> inviteshowcount Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\invite –> playcount Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> maxresultscount Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> mediatypefilter Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\search –> premiumenabled Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences\security –> donotshare Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> audeclinedate Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> autoresetplaycount Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> copyfromremovable Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> imhistoryfolderpath Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> impicturefolderpath Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isautovolume Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> iscrossfadeenable Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimalertcontacts Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimalertmessages Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimdontplaywhenplaying Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimeveryone Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isimspecialalers Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isneedupdatehisory Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isnotpresentanyvideo Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> issecuritylock Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isplaydownloadsound Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> issearchautosuggest Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isnotshownick Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowcrqdialog Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowdownloadtray Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowftpdialog Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowlqdialog Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> isshowtoday Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> receivelooking Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> rootlicensedate Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> sendlooking Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> shownilwarning Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> substype Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> updaterlocation Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> usedmnportable Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> usedportable Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> videoregime Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> visualenabled Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\preferences –> visualregime Verwijderd Trace.Registry.imesh!E1
    Key: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh –> lastopenfiledir Verwijderd Trace.Registry.imesh!E1
    Key: hkey_local_machine\software\imesh Verwijderd Trace.Registry.imesh!E1
    Key: hkey_current_user\software\imesh Verwijderd Trace.Registry.imesh!E1
    Value: hkey_current_user\software\imesh\player –> volume Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> autosync Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> noremove Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> serialnumber Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers\0 –> usages Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_current_user\software\imesh\preferences\portableplayers –> devices Verwijderd Trace.Registry.imesh mediabar!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> displayname Verwijderd Trace.Registry.imesh 6!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> uninstallstring Verwijderd Trace.Registry.imesh 6!E1
    Value: hkey_local_machine\software\microsoft\windows\currentversion\uninstall\imesh –> publisher Verwijderd Trace.Registry.imesh 6!E1
    c:\windows\downloaded program files\default.inf Verwijderd Trace.File.ieplugin!E1
    c:\program files\freerip3 Verwijderd Trace.File.freerip v3.0!E1
    c:\program files\imesh applications\imesh Verwijderd Trace.File.imesh!E1

    Verwijderd 241















































  • Je hebt me nog steeds niet geantwoord of jij keygens hebt gebruikt.
    Of jij of iemand die al die software in jouw Windows heeft gezet, heeft dat dus wel gedaan.

    Je mag overigens van geluk spreken, dat er geen groter onheil is aangericht.

    Dat Freerip programma zou ik in jouw geval zo snel mogelijk compleet verwijderen!
    Ik heb een geweldig en veel beter alternatief voor jouw: Vollversion: Ashampoo Music Studio 2012
    Download: http://www.chip.de/downloads/Ashampoo-Music-Studio-2012-Vollversion_39157711.html

    Het programma installeert automatisch in de Nederlandse taal.
    Haal het vinkje bij installatie weg van de Ashampoo toolbar en eventueel andere meelifters.
    Na installatie opent je webbrowser en na registratie bij Ashampoo krijg je de licentiesleutel om het programma onbeperkt en volledig te gebruiken!

    Verder wil ik van jou weten hoe het nu gaat.
  • Ik heb eerst op moeten zoeken wat keygens zijn, dus ik denk niet dat ik ze gebruikt heb. Of in ieder geval niet bewust. De rommel op m'n computer komt natuurlijk deels door mezelf, deels door m'n zoon, maar die is nog te jong om bewust met dit soort dingen te werken.

    Wat betreft het probleem: dat blijft bestaan.
    De computer start op, IE wordt gestart en in de balk bovenaan komt faceb662.eu Vervolgens leidt dit tot http://faceb662.eu/earn/ waarop uiteindelijk aqub.co.uk geopend wordt.

    JD
  • Terwijl ik in de lijst van te verwijderen software kijk (i.v.m. verwijderen van freerip, dat ik overigens nog niet gevonden heb) stuit ik op faceb 662 version 1.5 Het is dat ik dit net in het opstarten tegenkwam dat ik er nu alert op ben. Kan het zo simpel zijn, dat ik dit moet verwijderen en dan schoon op kan starten?
  • Dat mag je verwijderen hoor.
    En vertel: zit jouw zoon soms gewoon via jouw account in de PC?
    Zit hij ook aan jouw PC op momenten dat jij er niet bent?
  • Meestal zit hij in z'n eigen account, maar op mijn bureaublad kom ik van tijd tot tijd zaken tegen waarvan ik zeker ben, dat ze niet door mij geïnstalleerd zijn of wordt ik geconfronteerd met een werkbalk die ik niet wil(de). De afscherming tussen de accounts is dus niet optimaal.

    En ja, hij zit ook op de computer als ik niet in de buurt ben.

    Wat betreft free rip. Ik kom het wel tegen in de lijst van programma's bij het windowsteken, maar bij te verwijderen software niet. Kan ik de map in de programmalijst gewoon openen (zonder nieuwe directe infecties?).
  • Ik heb faceb662 version 1.5 verwijderd, de computer opnieuw opgestart en ….. het automatisch starten van IE is voorbij. M.a.w. een mooie snelle opstart van de computer (zonder alle balast je me de afgelopen dag eraf hebt laten gooien - waarvoor natuurlijk mijn hartelijke dank) en geen ergernis en angst voor het eerste scherm. Je weet tenslotte niet waarop dit gebaseerd is.

    Maar ik werk met een siteadvisor van Mc Afee. Die voorkomt dus niet dat ik op sites kom die ongevraagd dit soort zaken op mijn computer kunnen dumpen?
  • Beantwoord deze vraag

    Dit is een gearchiveerde pagina. Antwoorden is niet meer mogelijk.