Add's Zijn er terug

[Ikbeneenkneusmetpc's]

Goeieavond Kape,

Ik ben al reeds geholpen door jouw enkele weken terug.

Nu heb ik opnieuw last van hetzelfde probleem.

Hieronder is het forumbericht van toen

http://www.pc-helpforum.be/f163/adds-gaan-niet-weg-67369/

Ik doe nu weer exact dezelfde dingen die ik toen moest doen al zal kijken of het zichzelf weer oplost.

Het is echter erg vervelend want ik speel voor Mmorpg en Browsergames. Als ik per klik een externe reclamepagina krijg daar wordt ik gek van.

Het is gisteren in de nacht teruggekomen toen ik op Youtube aan het ronddwalen was.

Ik zou nu graag willen weten of jij me kan zeggen Vanwaar die malware komt en hoe ik kan voorkomen dat ik hier binnen een paar weken weer sta? (Ik bezorg niet graag extra werk )

Alvast Bedankt,

Glenn

[Ikbeneenkneusmetpc's]

Ik heb Zoek.exe nu gedaan en hier is het logje

De malware en adds zijn nu opnieuw weg maar ik zou willen weten hoe ik het kan voorkomen

Mvg

Zoek.exe v5.0.0.0 Updated 25-January-2014

Tool run by Playboii on di 28/01/2014 at 18:13:18,67.

Microsoft Windows 8 6.2.9200 x64

Running in: Normal Mode Internet Access Detected

Launched: C:\Users\Playboii\Downloads\zoek.exe [scan all users] [script inserted] [Checkboxes used]

==== System Restore Info ======================

28/01/2014 18:15:20 Zoek.exe System Restore Point Created Succesfully.

==== Empty Folders Check ======================

C:\Users\Playboii\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Registry Fix Code x64 ======================

Windows Registry Editor Version 5.00

[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181172}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{055af109-de93-4160-bcfc-7da70ecaa020}]

[-HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110411181172}]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]

"ApnTBMon"=-

==== Deleting Files \ Folders ======================

C:\Program Files (x86)\diamondata not found

C:\Program Files (x86)\TubeSing-3 not found

C:\Program Files (x86)\AskPartnerNetwork not found

"C:\Windows\tasks\TubeSing-3-chromeinstaller.job" not found

"C:\Windows\tasks\TubeSing-3-enabler.job" not found

"C:\Windows\tasks\TubeSing-3-updater.job" not found

==== Files Recently Created / Modified ======================

====== C:\Windows ====

====== C:\Users\Playboii\AppData\Local\Temp ====

2014-01-26 15:19:15 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\Playboii\AppData\Local\Temp\Blizzard Installer Temporary Data - 30543559\vcredist_x86.exe

2014-01-14 20:31:03 171F1BB73D0238A7A56126D3459ECDCD 50432 ----a-w- C:\Users\Playboii\AppData\Local\Temp\Extract.exe

====== Java Cache =====

====== C:\Windows\SysWOW64 =====

2014-01-15 11:29:25 62601FF7577D8CC2132D26BDF6B4997F 452608 ----a-w- C:\Windows\SysWOW64\SHCore.dll

2014-01-15 11:29:24 6A10586D2456BBE6E1F7DBAABB2C5F28 550400 ----a-w- C:\Windows\SysWOW64\FirewallAPI.dll

2014-01-15 11:29:23 AC52DA0DC81956307CB8E13B5A0A390E 86016 ----a-w- C:\Windows\SysWOW64\davclnt.dll

2014-01-15 11:29:23 07577AD2DA7D82B8A077DA4C1981DB9B 199168 ----a-w- C:\Windows\SysWOW64\WebClnt.dll

2014-01-15 11:29:02 18DB0EA3DAD0932C62F2DED17837D92E 562688 ----a-w- C:\Windows\SysWOW64\WSShared.dll

====== C:\Windows\SysWOW64\drivers =====

====== C:\Windows\Sysnative =====

2014-01-15 11:29:30 9DE3341BD4E14BC5FADFCAD3019F2D0D 915968 ----a-w- C:\Windows\Sysnative\MPSSVC.dll

2014-01-15 11:29:30 09DC813EA00294A6F5B2B6C75E2740ED 758784 ----a-w- C:\Windows\Sysnative\FirewallAPI.dll

2014-01-15 11:29:29 A28DE7725EC0426BC76C064B3A9D64EF 588288 ----a-w- C:\Windows\Sysnative\SHCore.dll

2014-01-15 11:29:24 9B1384CE8E681D2D77BB3524B8E86311 227840 ----a-w- C:\Windows\Sysnative\WebClnt.dll

2014-01-15 11:29:23 353F85DB0B6EB92A77DA1DC2B9DD4FEF 104448 ----a-w- C:\Windows\Sysnative\davclnt.dll

2014-01-15 11:29:02 FA3B2DEF1EA2D6D2018E4289A235B83B 688640 ----a-w- C:\Windows\Sysnative\WSShared.dll

====== C:\Windows\Sysnative\drivers =====

2014-01-15 11:29:24 AE3786294CC246A5403783E1B86A0168 100696 ----a-w- C:\Windows\Sysnative\drivers\disk.sys

2014-01-15 11:29:22 4CCBBD4944777CA100B9A6C2F149A46F 74752 ----a-w- C:\Windows\Sysnative\drivers\mpsdrv.sys

2014-01-12 18:20:28 AAB5F5336EDBB5D99CC7E1A9F4D8F63F 79672 ----a-w- C:\Windows\Sysnative\drivers\aswstm.sys

====== C:\Windows\Tasks ======

2014-01-08 02:15:54 EB4AD3FD1186ED3D00BB529DC545074C 956 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001UA.job

2014-01-08 02:15:54 534356384E2A2D086FF0D2BEEE7ACFDB 3810 ----a-w- C:\Windows\Sysnative\Tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001UA

2014-01-08 02:15:53 3D74BD2D8F598FD484A12906FEF855A5 3460 ----a-w- C:\Windows\Sysnative\Tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001Core

2014-01-08 02:15:53 0F4B45E5275F6F3762A6C3FB09D9FCFF 934 ----a-w- C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001Core.job

2014-01-07 02:30:09 B22A74D5B0D23F41B114204A4F299E8B 1076 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-01-07 02:30:09 3544FA8D8ED4842613816CCDB089F959 4048 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineUA

2014-01-07 02:30:08 F247908E136E0CBC89077693D1B761E2 3812 ----a-w- C:\Windows\Sysnative\Tasks\GoogleUpdateTaskMachineCore

2014-01-07 02:30:07 F0334E99CB39C0F82A9AD28FB85D79A1 1072 ----a-w- C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

====== C:\Windows\Temp ======

======= C:\Program Files =====

2014-01-12 14:40:54 -------- d-----w- C:\Program Files\trend micro

======= C:\PROGRA~2 =====

2014-01-26 15:19:20 -------- d-----w- C:\PROGRA~2\Hearthstone

2014-01-23 23:45:32 -------- d-----w- C:\PROGRA~2\COMMON~1\Blizzard Entertainment

2014-01-23 23:45:32 -------- d-----w- C:\PROGRA~2\Battle.net

2014-01-12 13:54:39 -------- d-----w- C:\PROGRA~2\COMMON~1\Java

======= C: =====

2014-01-13 08:34:27 813CBF07C41D19749FBD3CC0F778F024 941 ----a-w- C:\DelFix.txt

====== C:\Users\Playboii\AppData\Roaming ======

2014-01-24 00:12:06 -------- d-----w- C:\Users\Playboii\AppData\Local\Blizzard

2014-01-23 23:45:51 -------- d-----w- C:\Users\Playboii\AppData\Local\Blizzard Entertainment

2014-01-23 23:45:48 -------- d-----w- C:\Users\Playboii\AppData\Roaming\Battle.net

2014-01-23 23:45:48 -------- d-----w- C:\Users\Playboii\AppData\Local\Battle.net

2014-01-12 18:44:48 -------- d-----w- C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp

2014-01-12 18:44:48 -------- d-----w- C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp

2014-01-12 18:44:48 -------- d-----w- C:\Users\Playboii\AppData\Local\Temp

2014-01-12 18:44:48 -------- d-----w- C:\Users\Default\AppData\Local\Temp

2014-01-12 18:44:48 -------- d-----w- C:\Users\Default User\AppData\Local\Temp

2014-01-08 02:15:49 -------- d-----w- C:\Users\Playboii\AppData\Local\Facebook

====== C:\Users\Playboii ======

2014-01-28 17:14:41 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Playboii\Downloads\adwcleaner.exe

2014-01-26 15:19:20 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone

2014-01-23 23:45:32 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2014-01-23 23:45:32 -------- d-----w- C:\ProgramData\Blizzard Entertainment

2014-01-23 23:44:41 -------- d-----w- C:\ProgramData\Battle.net

2014-01-23 23:44:28 480FADEA6D7A1A38C7578454AD486E48 5971128 ----a-w- C:\Users\Playboii\Downloads\Hearthstone-Beta-Setup-enGB.exe

2014-01-13 05:23:05 -------- d-----r- C:\Windows\sysWoW64\config\systemprofile\Desktop

2014-01-12 13:54:21 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-01-07 02:30:48 -------- d-----w- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

====== C: exe-files ==

2014-01-28 17:14:41 54DB2B8C60F04C5ADE6D711D47EABA75 1166132 ----a-w- C:\Users\Playboii\Downloads\adwcleaner.exe

2014-01-26 15:19:20 E608E26139994D98E958263E1690D4D2 2770992 ----a-w- C:\Program Files (x86)\Hearthstone\Hearthstone Beta Launcher.exe

2014-01-26 15:19:20 BE935AF2C1A17827C86EFB7D8D882BB2 10342912 ----a-w- C:\Program Files (x86)\Hearthstone\Hearthstone.exe

2014-01-26 15:19:20 A829DDDC417B4BB4D8175DF1846B8BAA 1337424 ----a-w- C:\Program Files (x86)\Common Files\Blizzard Entertainment\Hearthstone\Uninstall.exe

2014-01-26 15:19:15 5689D43C3B201DD3810FA3BBA4A6476A 4216840 ----a-w- C:\Users\Playboii\AppData\Local\Temp\Blizzard Installer Temporary Data - 30543559\vcredist_x86.exe

2014-01-23 23:45:32 A829DDDC417B4BB4D8175DF1846B8BAA 1337424 ----a-w- C:\Program Files (x86)\Common Files\Blizzard Entertainment\Battle.net\Uninstall.exe

2014-01-23 23:45:32 9281BA1479347C2757EF6FBB52697921 333360 ----a-w- C:\Program Files (x86)\Battle.net\BlizzardError.exe

2014-01-23 23:45:32 615340229141F2F30C785BC2B705B078 9044016 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.4124\Battle.net.exe

2014-01-23 23:45:32 5E9E75B78AF45FE376022B4D61767109 1839664 ----a-w- C:\Program Files (x86)\Battle.net\SystemSurvey.exe

2014-01-23 23:45:32 3955290068A527FD961FB721F825AB69 474160 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net.exe

2014-01-23 23:45:32 00A8D9606D7CA23B051BFBC73DB7A1AB 2586672 ----a-w- C:\Program Files (x86)\Battle.net\Battle.net Launcher.exe

2014-01-23 23:44:50 349FA42CC2CB2F6E03B56105E70F35BD 8830512 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.beta.2581\Agent.exe

2014-01-23 23:44:42 EB53CB18978E56A15CA334FF20ED0DE3 6259248 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.2380\Agent.exe

2014-01-23 23:44:42 9281BA1479347C2757EF6FBB52697921 333360 ----a-w- C:\ProgramData\Battle.net\Agent\BlizzardError.exe

2014-01-23 23:44:42 750471B7D27B0FEF0969221896A4AE73 428592 ----a-w- C:\ProgramData\Battle.net\Agent\Agent.exe

2014-01-23 23:44:42 52F2B8439890B30ED08E2D078ECBF5FA 1620016 ----a-w- C:\ProgramData\Battle.net\Agent\Blizzard Uninstaller.exe

2014-01-23 23:44:28 480FADEA6D7A1A38C7578454AD486E48 5971128 ----a-w- C:\Users\Playboii\Downloads\Hearthstone-Beta-Setup-enGB.exe

2014-01-21 20:48:53 FAF662699E5B406660BD85E514E73C45 27448 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_US.exe

2014-01-21 20:48:53 F6D2EA7FCB0F094B53CB88480FB5E582 30424 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_SmartFriendAwareness_Ex.exe

2014-01-21 20:48:53 51D3A8E9A26EA3DE98A80BF117519F85 42712 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_BackupYourImportantData_EMEA.exe

2014-01-21 20:48:53 2EEE5D8BCE7D62C7A971FEC350209F0B 44344 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detect_RecoveryDisc_Darwin_NSPOS.exe

2014-01-21 20:48:52 2DA14CADC35E8CAEC6D0FD7D3A5844C2 21208 ----a-w- C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\Detection_GuestAccount.exe

=== C: other files ==

==== Startup Registry Enabled ======================

[HKEY_USERS\S-1-5-21-2180366274-3890716138-2575993000-1001\Software\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Playboii\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Playboii\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"uTorrent"="C:\Users\Playboii\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

"Facebook Update"="C:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"BtTray"="C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe"

"HP Quick Launch"="C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe"

"RemoteControl10"="C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe /nogui"

"SunJavaUpdateSched"="C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]

"RocketDock"="C:\Program Files (x86)\RocketDock\RocketDock.exe"

"Skype"="C:\Program Files (x86)\Skype\Phone\Skype.exe /minimized /regrun"

"Spotify"="C:\Users\Playboii\AppData\Roaming\Spotify\Spotify.exe /uri spotify:autostart"

"Spotify Web Helper"="C:\Users\Playboii\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"

"uTorrent"="C:\Users\Playboii\AppData\Roaming\uTorrent\uTorrent.exe /MINIMIZED"

"Facebook Update"="C:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver"

==== Startup Registry Enabled x64 ======================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"IgfxTray"="C:\Windows\system32\igfxtray.exe"

"HotKeysCmds"="C:\Windows\system32\hkcmd.exe"

"Persistence"="C:\Windows\system32\igfxpers.exe"

"Logitech Download Assistant"="C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch"

"SynTPEnh"="%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe "

"SysTrayApp"="C:\Program Files\IDT\WDM\sttray64.exe"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]

"NCPluginUpdater"="C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe Update"

==== Task Scheduler Jobs ======================

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001Core.job --a-------- C:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe [08/01/2014 03:15]

C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001UA.job --a-------- C:CC:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe []

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2014 03:30]

C:\Windows\tasks\GoogleUpdateTaskMachineUA.job --a-------- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [07/01/2014 03:30]

C:\Windows\tasks\HPCeeScheduleForPlayboii.job --a-------- [undetermined Task]

==== Other Scheduled Tasks ======================

"C:\Windows\SysNative\tasks\CCleanerSkipUAC" ["C:\Program Files\CCleaner\CCleaner.exe"]

"C:\Windows\SysNative\tasks\CLMLSvc_P2G8" [C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe]

"C:\Windows\SysNative\tasks\CLVDLauncher" [C:\Program Files (x86)\CyberLink\Power2Go8\CLVDLauncher.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001Core" [C:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\FacebookUpdateTaskUserS-1-5-21-2180366274-3890716138-2575993000-1001UA" [C:\Users\Playboii\AppData\Local\Facebook\Update\FacebookUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineCore" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\GoogleUpdateTaskMachineUA" [C:\Program Files (x86)\Google\Update\GoogleUpdate.exe]

"C:\Windows\SysNative\tasks\HPCeeScheduleForPlayboii" [C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe]

"C:\Windows\SysNative\tasks\MirageAgent" [C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe]

"C:\Windows\SysNative\tasks\Norton WSC Integration" ["C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\WSCStub.exe"]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP CoolSense\HP CoolSense Start at Logon" [C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\Update Check" [C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater\HPSFUpdater.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan" [C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Analyzer" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

"C:\Windows\SysNative\tasks\Norton Internet Security\Norton Error Processor" [C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\SymErr.exe]

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]

"{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}"="C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.0.0.136\coFFPlgn" [26/01/2014 16:09]

==== Chrome Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions

gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[12/01/2014 19:19]

mkfokfffehpeedafpekjeddnmnjhmcmk - C:\Program Files (x86)\Norton Internet Security\Engine\20.4.0.40\Exts\Chrome.crx[12/09/2013 16:26]

TubeSing-3 - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\alaljncdkeiimkhldhaoibjlbiclmlmj

Google Docs - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake

Google Drive - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf

TBR map - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\bjhafehbmkllpjdoamjdojagpecajeil

YouTube - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo

Last updated at time on date - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb

Google Search - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf

TW BB code ++ - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnjhnnacpdlpecakjmdpmjnekmnmgmbe

avast Online Security - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki

GM FA-Filter - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\lgpnnpjcbjbmahddjhljiicijfgdhnag

Shortcut Manager - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf

Norton Identity Protection - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk

Google Wallet - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda

Last updated at time on date - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocifcklkibdehekfnmflempfgjhbedch

Marc Ecko - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\opjonmehjfmkejjifhhknofdnacklmjk

Gmail - Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia

==== Chrome Fix ======================

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\Extensions\alaljncdkeiimkhldhaoibjlbiclmlmj deleted successfully

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_alaljncdkeiimkhldhaoibjlbiclmlmj_0.localstorage deleted successfully

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_alaljncdkeiimkhldhaoibjlbiclmlmj_0.localstorage-journal deleted successfully

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_alaljncdkeiimkhldhaoibjlbiclmlmj_0 deleted successfully

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\alaljncdkeiimkhldhaoibjlbiclmlmj deleted successfully

==== Set IE to Default ======================

Old Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/HPCON13/2"

New Values:

[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]

"Start Page"="http://g.uk.msn.com/HPCON13/2"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes

"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=HPNTDFJS"

{6A1806CD-94D4-4689-BA73-E35EA1EA9990} Google Url="http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}&ie={inputEncoding}&oe={outputEncoding}&startIndex={startIndex?}&startPage={startPage}"

{D944BB61-2E34-4DBF-A683-47E505C587DC} eBay Url="http://rover.ebay.com/rover/1/1553-29906-12136-18/4"

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Playboii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully

C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

C:\Users\Playboii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTC3JHDD will be deleted at reboot

C:\Users\Playboii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFSTO6W9 will be deleted at reboot

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=322 folders=117 41062623 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully

C:\Users\Default User\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully

C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully

C:\Users\Playboii\AppData\Local\Temp will be emptied at reboot

C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied

C:\Users\Playboii\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\Playboii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HTC3JHDD" not found

"C:\Users\Playboii\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\RFSTO6W9" not found

==== EOF on di 28/01/2014 at 18:39:46,41 ======================

[kape]

Download AdwCleaner by Xplode naar het bureaublad.

AdwCleaner uitvoeren

• Sluit alle openstaande vensters.
  
• Dubbelklik op AdwCleaner.exe om de tool te starten.
  
• Windows Vista, 7 en 8 gebruikers dienen de tool als "administrator" uit te voeren door middel van de rechtermuisknop en kiezen voor Als Administrator uitvoeren.
  
• Klik vervolgens op de knop Scan.
  
• Wanneer de scan gereed is Klikt u vervolgens op de knop Clean.
  
• Als dit gereed is wordt er gevraagd om de computer opnieuw op te starten, klik hier op OK.
  
• Nadat de computer opnieuw is opgestart wordt het logbestand automatisch geopend.
  
• Plaats dit logbestand in het volgende bericht.
  

[Ikbeneenkneusmetpc's]

# AdwCleaner v3.018 - Report created 29/01/2014 at 07:30:13

# Updated 28/01/2014 by Xplode

# Operating System : Windows 8 (64 bits)

# Username : Playboii - MARIEDE

# Running from : C:\Users\Playboii\Downloads\adwcleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

***** [ Shortcuts ] *****

***** [ Registry ] *****

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16537

-\\ Google Chrome v32.0.1700.102

[ File : C:\Users\Playboii\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : icon_url

Deleted : search_url

Deleted : suggest_url

*************************

AdwCleaner[R0].txt - [824 octets] - [29/01/2014 07:29:21]

AdwCleaner[s0].txt - [731 octets] - [29/01/2014 07:30:13]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [790 octets] ##########

[kape]

OK, dat ziet er weer netjes uit. Om het te voorkomen zijn er uiteraard de klassieke raadgevingen: permanente update van Windows, antivirusprogramma (Avast in jouw geval), JAVA en andere belangrijke programma's. Maar vermits ook uTorrent op je PC te vinden is, mogen we ervan uitgaan dat dit ook gebruikt wordt voor downloads. En dan is het vooral goed uitkijken wat je daarmee doet. Want veel van de ingehaalde producten barsten nu eenmaal van (ingebouwde) besmettingen. De keuze is dan aan jou of je legale of illegale downloads uitvoert, waarbij de kans op besmetting bij die laatste natuurlijk serieus wat groter is. Maar dat moet je zelf beoordelen.

Ondertussen mag je de gebruikte tools weer verwijderen:

Download Delfix by Xplode naar het bureaublad.

Dubbelklik op Delfix.exe om de tool te starten.

Zet nu vinkjes voor de volgende items:

• Remove disinfection tools
  
• Purge System Restore
  
• Reset system settings
  

Klik nu op "Run" en wacht geduldig tot de tool gereed is.

Wanneer de tool gereed is wordt er een logbestand aangemaakt. Dit hoeft u echter niet te plaatsen.

Indien dit allemaal probleemloos verlopen is en je binnen dit topic verder geen vragen of problemen meer hebt, mag je dit onderwerp afsluiten door een klik op de knop "Markeer als opgelost", die je links onderaan kan terugvinden … zo blijft het voor iedereen overzichtelijk.