Ga naar inhoud

Nieuw Ukash politievirus


Aanbevolen berichten

Hallo!

Er is blijkbaar een nieuwe versie van het politievirus dat de ronde doet. Ik ben zelf (weeral) slachtoffer.

Kan iemand me hierbij nog is mee helpen?

Thank you!

Greetz, BigA

Alvast mijn logje

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 12:41:14, on 1/01/2014

Platform: Windows Vista (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16982)

Boot mode: Safe mode with network support

Running processes:

C:\Windows\Explorer.EXE

C:\Program Files\Windows Media Player\wmpnscfg.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Users\Khadija\Desktop\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Yahoo UK

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Yahoo UK

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = Yahoo UK

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = Yahoo UK

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll

O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: Windows Live Aanmelden - Help - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} - C:\Windows\system32\eDStoolbar.dll

O3 - Toolbar: (no name) - {95B7759C-8C7F-4BF1-B163-73684A933233} - (no file)

O4 - HKLM\..\Run: [iAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"

O4 - HKLM\..\Run: [eAudio] "C:\Acer\Empowering Technology\eAudio\eAudio.exe"

O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe

O4 - HKLM\..\Run: [PLFSet] rundll32.exe C:\Windows\PLFSet.dll,PLFDefSetting

O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [WarReg_PopUp] C:\Acer\WR_PopUp\WarReg_PopUp.exe

O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe

O4 - HKLM\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe

O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM\..\Run: [AVG_UI] "C:\Program Files\AVG\AVG2013\avgui.exe" /TRAYONLY

O4 - HKLM\..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKCU\..\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe

O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'SYSTEEM')

O4 - HKUS\.DEFAULT\..\Run: [Acer Tour Reminder] C:\Acer\AcerTour\Reminder.exe (User 'Default user')

O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

O9 - Extra button: Verzenden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Verz&enden naar OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll

O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab

O16 - DPF: {1C11B948-582A-433F-A98D-A8C4D5CC64F2} (20-20 3D Viewer) - http://kitchenplanner.ikea.com/be/Core/Player/2020PlayerAX_Win32.cab

O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail.com/mail/w3/resources/VistaMSNPUpldnl-be.cab

O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab

O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - MSN Games - Free Online Games

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} (Windows Live Hotmail Photo Upload Tool) - http://gfx2.hotmail.com/mail/w4/pr01/photouploadcontrol/VistaMSNPUpldnl-be.cab

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\17.2.0\ViProtocol.dll

O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer.exe

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe

O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files\AVG\AVG8\Toolbar\ToolbarBroker.exe

O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgidsagent.exe

O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG2013\avgwdsvc.exe

O23 - Service: eDSService.exe (eDataSecurity Service) - HiTRSUT - C:\Acer\Empowering Technology\eDataSecurity\eDSService.exe

O23 - Service: eLock Service (eLockService) - Acer Inc. - C:\Acer\Empowering Technology\eLock\Service\eLockServ.exe

O23 - Service: eNet Service - Acer Inc. - C:\Acer\Empowering Technology\eNet\eNet Service.exe

O23 - Service: eRecovery Service (eRecoveryService) - Acer Inc. - C:\Acer\Empowering Technology\eRecovery\eRecoveryService.exe

O23 - Service: eSettings Service (eSettingsService) - Unknown owner - C:\Acer\Empowering Technology\eSettings\Service\capuserv.exe

O23 - Service: Google Updateservice (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Intel® Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MobilityService - Unknown owner - C:\Acer\Mobility Center\MobilityService.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Internet Pass-Through Service (PassThru Service) - Unknown owner - C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

O23 - Service: vToolbarUpdater17.2.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe

O23 - Service: ePower Service (WMIService) - acer - C:\Acer\Empowering Technology\ePower\ePowerSvc.exe

O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--

End of file - 10320 bytes

Link naar reactie
Delen op andere sites

Download de 51a46c3b17d42-HitmanPro-logo16px.png32 of 64 bit versie van HitmanPro naar het bureaublad.

Klik hier voor een uitgebreide handleiding van HitmanPro.

  • Dubbelklik op "HitmanPro.exe" en klik op "volgende"
  • Vink de optie "Ik accepteer de voorwaarden van de gebruikersovereenkomst aan" en klik op "Volgende"
  • Klik in het setup scherm nu nogmaals op "Volgende", nu zal automatisch de scan starten, doe verder niets op de computer totdat de scan gereed is.
  • Als de scan klaar is klik je op "volgende"
  • Activeer nu de gratis licentie, hiermee kunt u 30 dagen gratis HitmanPro gebruiken en de gevonden infecties verwijderen.
  • Note: indien u reeds eerder gebruik hebt gemaakt van de 30 dagen trial-versie van HitmanPro is het niet meer mogelijk om gratis de gevonden infecties te verwijderen.
  • Als het verwijderen gereed is klik je onderin het scherm op "Save log" of "Logbestand opslaan" en sla deze op bijvoorbeeld het bureaublad op.
    Post dit logje.
  • Klik nu op de knop "Herstarten".

Link naar reactie
Delen op andere sites

Oké,

hieronder mijn logje

HitmanPro 3.7.8.208
www.hitmanpro.com

  Computer name . . . . : PC_VAN_KHADIJA
  Windows . . . . . . . : 6.0.0.6000.X86/2
  Safe Mode Boot  . . . : NETWORK
  User name . . . . . . : PC_van_Khadija\Khadija
  UAC . . . . . . . . . : Disabled
  License . . . . . . . : Trial (30 days left)

  Scan date . . . . . . : 2014-01-02 06:07:40
  Scan mode . . . . . . : Normal
  Scan duration . . . . : 6m 49s
  Disk access mode  . . : Direct disk access (SRB)
  Cloud . . . . . . . . : Internet
  Reboot  . . . . . . . : No

  Threats . . . . . . . : 0
  Traces  . . . . . . . : 105

  Objects scanned . . . : 1.684.268
  Files scanned . . . . : 36.079
  Remnants scanned  . . : 464.339 files / 1.183.850 keys

Potential Unwanted Programs _________________________________________________

  C:\Users\Khadija\AppData\Roaming\OpenCandy\ (Conduit) -> Deleted
  C:\Users\Khadija\AppData\Roaming\OpenCandy\DF05907436024BBFB3EF75472DCBA48A\ (Conduit) -> Deleted
  C:\Users\Khadija\AppData\Roaming\OpenCandy\DF05907436024BBFB3EF75472DCBA48A\TuneUpUtilities2013_2200335_nl-NL.exe (Conduit) -> Deleted
     Size . . . . . . . : 27.870.624 bytes
     Age  . . . . . . . : 373.5 days (2012-12-24 17:53:48)
     Entropy  . . . . . : 8.0
     SHA-256  . . . . . : 25C20D7F93F844263F3EA632B50C771A985820091F0F75B723F4C84270976896
     Product  . . . . . : TuneUp Utilities 2013
     Publisher  . . . . : TuneUp Software
     Description  . . . : TuneUp Utilities 2013
     Version  . . . . . : 13.0.2020.56
     Copyright
     RSA Key Size . . . : 1024
     Authenticode . . . : Valid
     Fuzzy  . . . . . . : -4.0

  C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) -> Deleted
  C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\1043.MST (AskBar) -> Deleted
  C:\Windows\Installer\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ARPPRODUCTICON.exe (AskBar) -> Deleted
     Size . . . . . . . : 102.400 bytes
     Age  . . . . . . . : 272.5 days (2013-04-04 19:03:00)
     Entropy  . . . . . : 6.1
     SHA-256  . . . . . : 092D64E5DB4FA21D6719B3A6A30AD06A2CB0E1F897357CD4935BECA52E921274
     Product  . . . . . : InstallShield
     Publisher  . . . . : Acresso Software Inc.
     Description  . . . : InstallShield
     Version  . . . . . : 16.0.328
     Copyright  . . . . : Copyright (C) 2009 Acresso Software Inc. and/or InstallShield Co. Inc. All Rights Reserved.
     Fuzzy  . . . . . . : 0.0

  HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd.1\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Classes\GenericAskToolbar.ToolbarWnd\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF\ (AskBar) -> Deleted
  HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}\ (AskBar) -> Deleted
  HKU\S-1-5-21-3097075850-1168955965-1893721474-1000\Software\Ask.com\ (AskBar) -> Deleted
  HKU\S-1-5-21-3097075850-1168955965-1893721474-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}\ (AskBar) -> Deleted

Cookies _____________________________________________________________________

  C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\5kmv7l7g.default\cookies.sqlite:apmebf.com
  C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\5kmv7l7g.default\cookies.sqlite:doubleclick.net
  C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\5kmv7l7g.default\cookies.sqlite:mediaplex.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ad.360yield.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ads.adhese.be
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ads.creative-serving.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ads.p161.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ads.yahoo.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:adserving.unibet.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:adtech.de
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:adtechus.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:advertising.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:atdmt.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:c.atdmt.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:casalemedia.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:doubleclick.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:fastclick.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:h.atdmt.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:idfact.adservinginternational.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:invitemedia.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:media6degrees.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:pool-eu-ie.creative-serving.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ptvgoalv15.122.2o7.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:ru4.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:serving-sys.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:smartadserver.com
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:track.adform.net
  C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\cookies.sqlite:www.googleadservices.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:2786949.fls.doubleclick.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ad.360yield.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ad.ladssrv.info
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ad.velmedia.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ad.zanox.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ads.adk2.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ads.adsrvmedia.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ads.creative-serving.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ads.pubmatic.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ads.yahoo.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:adserving.unibet.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:adtech.de
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:adtechus.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:advertising.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:at.atwola.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:atdmt.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:c.atdmt.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:casalemedia.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:cstatic.weborama.fr
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:doubleclick.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:engine.pgmediaserve.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:fastclick.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:fl01.ct2.comclick.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:h.atdmt.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:interclick.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:invitemedia.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:media6degrees.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:pool-eu-ie.creative-serving.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:riverisland.122.2o7.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ru4.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:smartadserver.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:specificclick.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:statcounter.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:stats.adotube.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:statse.webtrendslive.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:track.adform.net
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:tradedoubler.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:tribalfusion.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:uk.at.atwola.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:ww251.smartadserver.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:www.googleadservices.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:www4.smartadserver.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:xiti.com
  C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\cookies.sqlite:zedo.com


Link naar reactie
Delen op andere sites

Nog even een extraatje dan:

Download 52147fb3b2536-AdwCleaner_99_3_16x16x32.pngAdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

  • Sluit alle openstaande vensters.
  • Dubbelklik op AdwCleaner.exe om de tool te starten.
  • Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  • Klik vervolgens op de knop Scan.
  • Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  • Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  • Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  • Plaats dit logbestand in het volgende bericht.

Link naar reactie
Delen op andere sites

  • 2 weken later...

Oeps,

Heb dat laatste berichtje nu pas ontdekt :).

Hieronder mijn logbestand.

# AdwCleaner v3.017 - Report created 16/01/2014 at 13:58:12

# Updated 12/01/2014 by Xplode

# Operating System : Windows Vista Home Premium (32 bits)

# Username : Khadija - PC_VAN_KHADIJA

# Running from : C:\Users\Khadija\Desktop\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Ask

Folder Deleted : C:\ProgramData\AVG Secure Search

Folder Deleted : C:\ProgramData\AVG Security Toolbar

Folder Deleted : C:\ProgramData\Trymedia

Folder Deleted : C:\Program Files\AVG Secure Search

Folder Deleted : C:\Program Files\Common Files\AVG Secure Search

Folder Deleted : C:\Users\Khadija\AppData\Local\apn

Folder Deleted : C:\Users\Khadija\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Khadija\AppData\Local\AVG Security Toolbar

Folder Deleted : C:\Users\Khadija\AppData\LocalLow\AskToolbar

Folder Deleted : C:\Users\Khadija\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Khadija\AppData\LocalLow\AVG Security Toolbar

Folder Deleted : C:\Users\Familie\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Familie\AppData\Local\AVG Security Toolbar

Folder Deleted : C:\Users\Familie\AppData\LocalLow\AskToolbar

Folder Deleted : C:\Users\Familie\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Familie\AppData\LocalLow\AVG Security Toolbar

Folder Deleted : C:\Users\Familie\AppData\LocalLow\Seekmo

Folder Deleted : C:\Users\Familie\AppData\LocalLow\ShoppingReport

Folder Deleted : C:\Users\Gast\AppData\Local\AVG Secure Search

Folder Deleted : C:\Users\Gast\AppData\Local\AVG Security Toolbar

Folder Deleted : C:\Users\Gast\AppData\LocalLow\AskToolbar

Folder Deleted : C:\Users\Gast\AppData\LocalLow\AVG Secure Search

Folder Deleted : C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\Extensions\toolbar@ask.com

File Deleted : C:\Windows\system32\roboot.exe

File Deleted : C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\searchplugins\Askcom.xml

File Deleted : C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\searchplugins\avg-secure-search.xml

File Deleted : C:\Windows\System32\Tasks\Scheduled Update for Ask Toolbar

***** [ Shortcuts ] *****

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [Avg@toolbar]

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C40B5F76-E687-4C29-A9CC-D0EBCAD36100}

[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C40B5F76-E687-4C29-A9CC-D0EBCAD36100}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\GenericAskToolbar.DLL

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE

Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL

Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi

Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE

Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1

Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]

Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6C434537-053E-486D-B62A-160059D9D456}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{813A22E0-3E2B-4188-9BDA-ECA9878B8D48}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}

Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E}

Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}

Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{CCC7A320-B3CA-4199-B1A6-9F516DD69829}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}]

Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]

Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]

Key Deleted : HKCU\Software\APN

Key Deleted : HKCU\Software\AVG Secure Search

Key Deleted : HKCU\Software\Headlight

Key Deleted : HKCU\Software\YahooPartnerToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\AskToolbar

Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\APN

Key Deleted : HKLM\Software\AskToolbar

Key Deleted : HKLM\Software\AVG Secure Search

Key Deleted : HKLM\Software\AVG Security Toolbar

Key Deleted : HKLM\Software\Trymedia Systems

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\{79A765E1-C399-405B-85AF-466F52E918B0}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search

Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{86D4B82A-ABED-442A-BE86-96357B70F4FE}

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0FF2AEFF45EEA0A48A4B33C1973B6094

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\305B09CE8C53A214DB58887F62F25536

Key Deleted : HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\Software\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF

Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browsers ] *****

-\\ Internet Explorer v7.0.6000.16982

-\\ Mozilla Firefox v26.0 (nl)

[ File : C:\Users\Khadija\AppData\Roaming\Mozilla\Firefox\Profiles\y63buecf.default\prefs.js ]

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxp://search.avg.com/route/?d=4cc6c6b3&v=7.005.030.004&i=23&tp=ab&iy=&ychte=us&lng=nl&q=");

[ File : C:\Users\Familie\AppData\Roaming\Mozilla\Firefox\Profiles\5kmv7l7g.default\prefs.js ]

Line Deleted : user_pref("avg.install.installDirPath", "C:\\ProgramData\\AVG Secure Search\\FireFoxExt\\17.0.1.12");

Line Deleted : user_pref("avg.userPreferences.URLBarFocus.whiteList", "bing\\.com|google\\.\\w+|yahoo\\.\\w+|gmail\\.\\w+|hotmail\\.\\w+|live\\.\\w+|isearch\\.avg\\.com|mysearch\\.avg\\.com");

Line Deleted : user_pref("browser.search.defaultengine", "Ask.com");

Line Deleted : user_pref("browser.search.defaultenginename", "Ask.com");

Line Deleted : user_pref("browser.search.order.1", "Ask.com");

Line Deleted : user_pref("browser.search.selectedEngine", "Ask.com");

Line Deleted : user_pref("extensions.asktb.ff-original-keyword-url", "hxxps://isearch.avg.com/search?cid={CD156A63-F58C-423A-A0B5-0D9C0467C980}&mid=25e340918e30dee451eb1c8856db35c9-619a7d14e8ecadfe95984f88b4d71cb44d[...]

[ File : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\n1crcni9.default\prefs.js ]

-\\ Google Chrome v

[ File : C:\Users\Khadija\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [11390 octets] - [16/01/2014 13:56:17]

AdwCleaner[s0].txt - [11616 octets] - [16/01/2014 13:58:12]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [11677 octets] ##########

Link naar reactie
Delen op andere sites

Oeps ... dat heeft nog behoorlijk wat rotzooi van de PC gehaald. Die besmettingen ben je nu allemaal kwijt.

Download 51a5ce45263de-delfix.pngDelfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

  • Remove disinfection tools
  • Purge System Restore
  • Reset system settings

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.

Link naar reactie
Delen op andere sites

Gast
Dit topic is nu gesloten voor nieuwe reacties.
×
×
  • Nieuwe aanmaken...

Belangrijke informatie

We hebben cookies geplaatst op je toestel om deze website voor jou beter te kunnen maken. Je kunt de cookie instellingen aanpassen, anders gaan we er van uit dat het goed is om verder te gaan.