Beste Abraham,
Het is gelukt,Aartemis is verdwenen.
Hartelijk Dank
Frans
# AdwCleaner v6.042 - Logbestand aangemaakt 24/01/2017 op 19:36:34
# Bijgewerkt op 06/01/2017 door Malwarebytes
# Database : 2017-01-24.1 [Server]
# Besturingssysteem : Windows Vista (TM) Home Premium Service Pack 2 (X86)
# Gebruikersnaam : Frans - LAPTOP
# Gestart vanuit : C:\Users\Frans\Desktop\Nieuwe map\adwcleaner_6.042.exe
# Mode: Verwijderen
# Ondersteuning :
https://www.malwarebytes.com/support
***** [ Services ] *****
[-] Service verwijderd: ReimageRealTimeProtector
***** [ Mappen ] *****
[-] Map verwijderd: C:\Users\Frans\AppData\Roaming\DownLite
[-] Map verwijderd: C:\Users\Frans\AppData\Roaming\Auslogics
[-] Map verwijderd: C:\ProgramData\WPM
[#] Map verwijderd tijdens herstart: C:\ProgramData\Application Data\WPM
[-] Map verwijderd: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\myfree codec
[-] Map verwijderd: C:\Program Files\Reimage
[-] Map verwijderd: C:\Program Files\WinZip Driver Updater
[-] Map verwijderd: C:\Program Files\WinZip Smart Monitor
[-] Map verwijderd: C:\Program Files\Auslogics
[#] Map verwijderd tijdens herstart: C:\Program Files\reimage
***** [ Bestanden ] *****
[-] Bestand verwijderd: C:\Users\Frans\AppData\Local\Temp\reimage.log
***** [ DLL ] *****
***** [ WMI ] *****
***** [ Snelkoppelingen ] *****
[-] Snelkoppeling gedesinfecteerd: C:\Users\Frans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Snelkoppeling gedesinfecteerd: C:\Users\Frans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
[-] Snelkoppeling gedesinfecteerd: C:\Users\Frans\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk
***** [ Geplande Taken ] *****
***** [ Register ] *****
[-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{248b3e95-17a4-482d-a8a8-6b3df4d05c35}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6874fade-02c8-4181-831a-fc7486cf1d74}
[-] Sleutel verwijderd: HKLM\SYSTEM\CurrentControlSet\Services\EventLog\Application\Wpm
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.ProtectorBho.1
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\CLSID\{5C3B5DAA-0AFF-4808-90FB-0F2F2D760E36}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{4BD0FCFF-AD64-4315-9F2C-960EF3C21623}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{507C73BB-FC69-425E-8A49-9204F886B328}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{6EC57031-1740-4151-93C5-C465D6063DD2}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
[-] Sleutel verwijderd: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
[-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7EB7381C-FB01-47FC-9C42-ED64122C1B92}
[-] Waarde verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\DownLite
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Mozilla\Extends
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Myfree Codec
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Reimage
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Auslogics
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DownLite
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RightSurf
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SupTab
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm
[#] Sleutel verwijderd tijdens herstart: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SUPTAB
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
[-] Sleutel verwijderd: HKU\S-1-5-21-2973733020-3217649059-2171837013-1000\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\DownLite
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Mozilla\Extends
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Myfree Codec
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Reimage
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Auslogics
[-] Sleutel verwijderd: HKLM\SOFTWARE\hdcode
[-] Sleutel verwijderd: HKLM\SOFTWARE\Myfree Codec
[-] Sleutel verwijderd: HKLM\SOFTWARE\Reimage
[-] Sleutel verwijderd: HKLM\SOFTWARE\WISECLEANER
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\MyFreeCodec
[-] Sleutel verwijderd: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Reimage Protector
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\DownLite
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\IePlugins
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\MyFreeCodec
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\RightSurf
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SupTab
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Wpm
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SUPTAB
[#] Sleutel verwijderd tijdens herstart: HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1
[-] Sleutel verwijderd: HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\aartemis.com
[-] Sleutel verwijderd: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
***** [ Browsers ] *****
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: websearch.ask.com
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: conduit.search
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: sweet-page
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: awesomehp
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: search.conduit.com
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Verwijderd: start.mysearchdial.com
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Verwijderd: hxxp://search.conduit.com/?ctid=CT3312806&SearchSource=48&CUI=UN12296701201844321&UM=1
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Verwijderd: hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SPAFF91FC6-400E-4D48-97B9-B0B441941F34&SSPV=
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [startup_urls] Verwijderd: hxxp://search.conduit.com/?ctid=CT3319597&octid=EB_ORIGINAL_CTID&SearchSource=55&CUI=&UM=4&UP=SP5744A610-7CE9-4B29-A29D-F1ED18E3521C&SSPV=
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: amfclgbdpgndipgoegfpkkgobahigbcl
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: cekcjpgehmohobmdiikfnopibipmgnml
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: jpmbfleldcgkldadpdinhjjopdfpjfjp
[-] [C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default] [extension] Verwijderd: pkndmigholgfjlniaohblojbhgjbkakn
*************************
:: "Tracing" sleutels verwijderd
:: Winsock instellingen gereset
*************************
C:\AdwCleaner\AdwCleaner[C0].txt - [9927 bytes] - [24/01/2017 19:36:34]
C:\AdwCleaner\AdwCleaner[S0].txt - [9791 bytes] - [24/01/2017 19:30:26]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [10073 bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.0 (12.05.2016)
Operating System: Windows Vista (TM) Home Premium x86
Ran by Frans (Administrator) on di 24-01-2017 at 19:12:54,10
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 41
Failed to delete: C:\Program Files\reimage (Folder)
Successfully deleted: C:\ProgramData\reimage protector (Folder)
Successfully deleted: C:\ProgramData\Start Menu\Programs\wise registry cleaner (Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{01012A43-841E-43E0-AF8D-AB43F2B6D3FE} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{06D04D37-4385-45DE-AB93-4DC0789384CB} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{1AB6C0FD-03EA-4E1E-BF32-30346E3AF6A3} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{1CA5BFFC-115A-42B8-B5F4-3782F17E1A5B} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{213EE670-B2A0-4353-8BA4-F613B525EE7E} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{25F4C84C-A1E9-4FEF-9691-310D802A2A76} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{3680904A-067A-419F-B06F-895C55D38463} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{67069327-2004-454C-B5CC-9EDD59AD0157} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{7931FF65-9D3A-4B9E-84D1-C45EC26A60D7} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{BF754876-6E6B-4489-B9C3-8D32A09CE6C0} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{DC87ED72-29CA-43A3-B444-DCA64985BE28} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{EB1B8033-1A72-4354-8611-C400403E0185} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\{EE93306E-32DB-4A4B-91D1-83D9EA065ACC} (Empty Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pkndmigholgfjlniaohblojbhgjbkakn_0.localstorage (File)
Successfully deleted: C:\Users\Frans\AppData\Roaming\wise registry cleaner (Folder)
Successfully deleted: C:\Windows\reimage.ini (File)
Successfully deleted: C:\Windows\System32\Tasks\ReimageUpdater (Task)
Successfully deleted: C:\Program Files\myfree codec (Folder)
Successfully deleted: C:\Program Files\wise\wise registry cleaner (Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20MBBHK2 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SZ90Q70 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRCQ122G (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F65G58B6 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L0QH7TEO (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LHSPQULM (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7D8IGP5 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\Frans\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W02FWP1T (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\20MBBHK2 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2SZ90Q70 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CRCQ122G (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\F65G58B6 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L0QH7TEO (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LHSPQULM (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S7D8IGP5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\W02FWP1T (Temporary Internet Files Folder)
Successfully repaired: C:\Users\Frans\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.lnk (Shortcut)
Successfully repaired: C:\Users\Frans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk (Shortcut)
Successfully repaired: C:\Users\Frans\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk (Shortcut)
Registry: 5
Successfully deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_E3D21468733E38BD0DDA205AFF4F0573 (Registry Value)
Successfully deleted: HKLM\SYSTEM\CurrentControlSet\services\ReimageRealTimeProtector (Registry Key)
Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{75b4241f-171e-44a3-bf44-23613b6e3e03} (Registry Key)
Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\Main\\Search Page (Registry Value)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on di 24-01-2017 at 19:20:01,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~