grote problemen-
-
delady - Lid geworden op: 11 sep 2005, 18:45
- Locatie: 3770
dochter heeft acer laptop, windows 7; 64...
IE opent niet normaal, istartsurf.com....niet te verwijderen
ga ik kijken bij internetopties, zoekmachines, staat bing en krijg google niet toegevoegd anders kon ik bing verwijderen...
heeft ook google chrome, stond dit ook op, wel kunnen verwijderen, denk ik
firefox, redelijk normaal
stond ook nog ergens access from anywhere
opera heb ik kunnen verwijderen
ze durft momenteel haar bankzaken er niet meer op doen..
bij update windows werd eentje niet gedownload, gaf foutmelding
heb avast gedraaid
malwarebytes 2058 problemen, vooral PUP
adware gedownload, gedraaid maar liep telkens vast, terug verwijderd
cccleaner ook gebruikt
hier kunnen alleen de professionelen helpen
hijack gedaan
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:34:17, on 18/08/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
FIREFOX: 40.0.2 (x86 nl)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kelly\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6654 bytes
IE opent niet normaal, istartsurf.com....niet te verwijderen
ga ik kijken bij internetopties, zoekmachines, staat bing en krijg google niet toegevoegd anders kon ik bing verwijderen...
heeft ook google chrome, stond dit ook op, wel kunnen verwijderen, denk ik
firefox, redelijk normaal
stond ook nog ergens access from anywhere
opera heb ik kunnen verwijderen
ze durft momenteel haar bankzaken er niet meer op doen..
bij update windows werd eentje niet gedownload, gaf foutmelding
heb avast gedraaid
malwarebytes 2058 problemen, vooral PUP
adware gedownload, gedraaid maar liep telkens vast, terug verwijderd
cccleaner ook gebruikt
hier kunnen alleen de professionelen helpen
hijack gedaan
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 1:34:17, on 18/08/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
FIREFOX: 40.0.2 (x86 nl)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kelly\Downloads\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6654 bytes
microsoft windows xp
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
-
Sony - Lid geworden op: 19 feb 2005, 13:45
- Locatie: Boom
Hoi delady,
Plaats eerst HijackThis.exe in een eigen map.
Open CCleaner --> Opties --> Bewaking
Verwijder alle vinkjes die daar staan.
Sluit CCleaner.
Download AdwCleaner klik op de link hieronder de download start automatisch
https://toolslib.net/downloads/finish/1/
Als u AdwCleaner vroeger reeds gebruikt hebt start AdwCleaner dan en klik op Deïnstalleren.
Download AdwCleaner terug, start die en laat scannen, wacht tot het scannen gedaan is en klik op Cleaning.
Als het gevraagd wordt laat de computer terug opstarten. Na het opstarten verschijnt kladblok met een log bestand, plaats de log tekst in een volgend bericht.
Als u de log mist kunt u die terugvinden bij C:\AdwCleaner\AdwCleaner[S0]
Dat is de log die u hier moet plaatsen.
Sony
Plaats eerst HijackThis.exe in een eigen map.
Open CCleaner --> Opties --> Bewaking
Verwijder alle vinkjes die daar staan.
Sluit CCleaner.
Download AdwCleaner klik op de link hieronder de download start automatisch
https://toolslib.net/downloads/finish/1/
Als u AdwCleaner vroeger reeds gebruikt hebt start AdwCleaner dan en klik op Deïnstalleren.
Download AdwCleaner terug, start die en laat scannen, wacht tot het scannen gedaan is en klik op Cleaning.
Als het gevraagd wordt laat de computer terug opstarten. Na het opstarten verschijnt kladblok met een log bestand, plaats de log tekst in een volgend bericht.
Als u de log mist kunt u die terugvinden bij C:\AdwCleaner\AdwCleaner[S0]
Dat is de log die u hier moet plaatsen.
Sony
-
delady - Lid geworden op: 11 sep 2005, 18:45
- Locatie: 3770
Sony, ben even verward,
# AdwCleaner v5.000 - Logfile created 17/08/2015 at 19:49:03
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Desktop\adwcleaner_5.000.exe
# Option : Scan
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
Folder Found : C:\Users\Kelly\AppData\Local\globalUpdate
Folder Found : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
***** [ Scheduled tasks ] *****
Task Found : LaunchSignup
***** [ Registry ] *****
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Key Found : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Kromtech
Key Found : HKCU\Software\AppDataLow\Software\SmartWeb
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.alias", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.name", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}","usage_count":0}},"extensions":{"known_disabled":null,"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13043712558257822","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Winkel","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.131\\resources\\web_store","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077315912395157","lastpingday":"13077356394564808","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"nl","default_locale":"en_US","description":"Documenten maken en bewerken","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Documenten","offline_enabled":true,"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315938597378","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"nl","default_locale":"en_US","description":"Google Drive: alles op één plek maken, delen en bewaren.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"6.4"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315917865827","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_co ... ption":"'s Werelds populairste online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315934687715","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"nl","default_locale":"en","description":"The fastest way to search the web.
*************************
C:\AdwCleaner[S1].txt - [13642 octets] - [17/08/2015 19:49:03]
########## EOF - C:\AdwCleaner[S1].txt - [13706 octets] ##########
# AdwCleaner v5.001 - Logfile created 18/08/2015 at 18:13:57
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Downloads\adwcleaner_5.001.exe
# Option : Scan
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
Folder Found : C:\Users\Kelly\AppData\Local\globalUpdate
Folder Found : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Found : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
***** [ Scheduled tasks ] *****
Task Found : LaunchSignup
***** [ Registry ] *****
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Key Found : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Kromtech
Key Found : HKCU\Software\AppDataLow\Software\SmartWeb
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.alias", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.name", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxps://www.google.de/search?q={searchTerms}&tr ... ons":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13043712558257822","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Winkel","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.131\\resources\\web_store","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077315912395157","lastpingday":"13084354803105243","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"nl","default_locale":"en_US","description":"Documenten maken en bewerken","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Documenten","offline_enabled":true,"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084321425615957","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"nl","default_locale":"en_US","description":"Google Drive: alles op één plek maken, delen en bewaren.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"14.0"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\14.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315917865827","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_co ... ption":"'s Werelds populairste online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315934687715","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"nl","default_locale":"en","description":"The fastest way to search the web.
*************************
C:\AdwCleaner[S1].txt - [26177 bytes] - [17/08/2015 19:49:03]
C:\AdwCleaner[S2].txt - [15158 bytes] - [17/08/2015 21:29:35]
########## EOF - C:\AdwCleaner[S1].txt - [26303 bytes] ##########
adware draait net geen 2h; blijft scan geven, niets te zien om te verwijderen,
heb ik eens op logfile geduwd en kreeg dit, weet niet of dit volledig is,
adware nog niet verwijderd in afwachting van uw antwoord
# AdwCleaner v5.000 - Logfile created 17/08/2015 at 19:49:03
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Desktop\adwcleaner_5.000.exe
# Option : Scan
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
Folder Found : C:\Users\Kelly\AppData\Local\globalUpdate
Folder Found : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage-journal
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_pstatic.bestpriceninja.com_0.localstorage-journal
File Found : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
Shortcut Infected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
***** [ Scheduled tasks ] *****
Task Found : LaunchSignup
***** [ Registry ] *****
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Key Found : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Kromtech
Key Found : HKCU\Software\AppDataLow\Software\SmartWeb
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.alias", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.name", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}{google:contextualSearchVersion}ie={inputEncoding}","usage_count":0}},"extensions":{"known_disabled":null,"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13043712558257822","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Winkel","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.131\\resources\\web_store","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077315912395157","lastpingday":"13077356394564808","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"nl","default_locale":"en_US","description":"Documenten maken en bewerken","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Documenten","offline_enabled":true,"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315938597378","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"nl","default_locale":"en_US","description":"Google Drive: alles op één plek maken, delen en bewaren.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"6.4"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\6.4_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315917865827","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_co ... ption":"'s Werelds populairste online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315934687715","lastpingday":"13077356394564808","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"nl","default_locale":"en","description":"The fastest way to search the web.
*************************
C:\AdwCleaner[S1].txt - [13642 octets] - [17/08/2015 19:49:03]
########## EOF - C:\AdwCleaner[S1].txt - [13706 octets] ##########
# AdwCleaner v5.001 - Logfile created 18/08/2015 at 18:13:57
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Downloads\adwcleaner_5.001.exe
# Option : Scan
***** [ Services ] *****
***** [ Folders ] *****
Folder Found : C:\Program Files (x86)\globalUpdate
Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
Folder Found : C:\Users\Kelly\AppData\Local\globalUpdate
Folder Found : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
File Found : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
File Found : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
Shortcut Infected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk ( hxxp://www.istartsurf.com/?type=sc&ts=14398123 ... V5171V5171 )
***** [ Scheduled tasks ] *****
Task Found : LaunchSignup
***** [ Registry ] *****
Value Found : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
Value Found : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
Key Found : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
Key Found : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\GlobalUpdate
Key Found : HKCU\Software\simplytech
Key Found : HKCU\Software\Tutorials
Key Found : HKCU\Software\Linkey
Key Found : HKCU\Software\Kromtech
Key Found : HKCU\Software\AppDataLow\Software\SmartWeb
Key Found : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\GlobalUpdate
Key Found : HKLM\SOFTWARE\SearchProtect
Key Found : HKLM\SOFTWARE\SpeedBit
Key Found : HKLM\SOFTWARE\AIM Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\GlobalUpdate
Key Found : [x64] HKCU\Software\simplytech
Key Found : [x64] HKCU\Software\Tutorials
Key Found : [x64] HKCU\Software\Linkey
Key Found : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.alias", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.name", "istartsurf");
[C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Found : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Found : hxxp://www.istartsurf.com/webfavicon.ico
[C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Found : hxxps://www.google.de/search?q={searchTerms}&tr ... ons":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"manifest_permissions":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13043712558257822","location":5,"manifest":{"app":{"launch":{"web_url":"hxxps://chrome.google.com/webstore"},"urls":["hxxps://chrome.google.com/webstore"]},"description":"Chrome Web Store","icons":{"128":"webstore_icon_128.png","16":"webstore_icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtl3tO0osjuzRsf6xtD2SKxPlTfuoy7AWoObysitBPvH5fE1NaAA1/2JkPWkVDhdLBWLaIBPYeXbzlHp3y4Vv/4XG+aN5qFE3z+1RU/NqkzVYHtIpVScf3DjTYtKVL66mzVGijSoAIwbFCC3LpGdaoe6Q1rSRDp76wR6jjFzsYwQIDAQAB","name":"Winkel","permissions":["webstorePrivate","management"],"version":"0.2"},"page_ordinal":"n","path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\34.0.1847.131\\resources\\web_store","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false},"aohghmighlieiainnegkcijnfilokake":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"w","commands":{},"content_settings":[],"creation_flags":137,"events":[],"extension_can_script_all_urls":true,"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13077315912395157","lastpingday":"13084354803105243","location":1,"manifest":{"api_console_project_id":"619683526622","app":{"launch":{"local_path":"main.html"}},"container":"GOOGLE_DRIVE","current_locale":"nl","default_locale":"en_US","description":"Documenten maken en bewerken","icons":{"128":"icon_128.png","16":"icon_16.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJhLK6fk/BWTEvJhywpk7jDe4A2r0bGXGOLZW4/AdBp3IiD9o9nx4YjLAtv0tIPxi7MvFd/GUUbQBwHT5wQWONJj1z/0Rc2qBkiJA0yqXh42p0snuA8dCfdlhOLsp7/XTMEwAVasjV5hC4awl78eKfJYlZ+8fM/UldLWJ/51iBQwIDAQAB","manifest_version":2,"name":"Google Documenten","offline_enabled":true,"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"0.9"},"page_ordinal":"n","path":"aohghmighlieiainnegkcijnfilokake\\0.9_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"apdfllckaahabafndbhieahigkjlhalf":{"ack_external":true,"active_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"app_launcher_ordinal":"yn","commands":{},"content_settings":[],"creation_flags":137,"events":[],"from_bookmark":false,"from_webstore":true,"granted_permissions":{"api":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13084321425615957","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"web_url":"hxxps://drive.google.com/?usp=chrome_app"},"urls":["hxxp://docs.google.com/","hxxp://drive.google.com/","hxxps://docs.google.com/","hxxps://drive.google.com/"]},"background":{"allow_js_access":false},"current_locale":"nl","default_locale":"en_US","description":"Google Drive: alles op één plek maken, delen en bewaren.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDIl5KlKwL2TSkntkpY3naLLz5jsN0YwjhZyObcTOK6Nda4Ie21KRqZau9lx5SHcLh7pE2/S9OiArb+na2dn7YK5EvH+aRXS1ec3uxVlBhqLdnleVgwgwlg5fH95I52IeHcoeK6pR4hW/Nv39GNlI/Uqk6O6GBCCsAxYrdxww9BiQIDAQAB","manifest_version":2,"name":"Google Drive","offline_enabled":true,"options_page":"hxxps://drive.google.com/settings","permissions":["background","clipboardRead","clipboardWrite","notifications","unlimitedStorage"],"update_url":"hxxps://clients2.google.com/service/update2/crx","version":"14.0"},"page_ordinal":"n","path":"apdfllckaahabafndbhieahigkjlhalf\\14.0_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"bepbmhgboaologfdajaanbcjmnhjmhfn":{"disable_reasons":1,"state":0},"blpcfgokakmgnkcojhhkbfbldkacnbeo":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"y","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315917865827","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"container":"tab","web_url":"hxxp://www.youtube.com/?feature=ytca"},"web_co ... ption":"'s Werelds populairste online video community.","icons":{"128":"128.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDC/HotmFlyuz5FaHaIbVBhhL4BwbcUtsfWwzgUMpZt5ZsLB2nW/Y5xwNkkPANYGdVsJkT2GPpRRIKBO5QiJ7jPMa3EZtcZHpkygBlQLSjMhdrAKevpKgIl6YTkwzNvExY6rzVDzeE9zqnIs33eppY4S5QcoALMxuSWlMKqgFQjHQIDAQAB","manifest_version":2,"name":"YouTube","update_url":"hxxp://clients2.google.com/service/update2/crx","version":"4.2.7"},"page_ordinal":"n","path":"blpcfgokakmgnkcojhhkbfbldkacnbeo\\4.2.7_0","preferences":{},"regular_only_preferences":{},"state":1,"was_installed_by_default":true,"was_installed_by_oem":false},"coobgpohoikkiipiblmjeljniedjpjpf":{"ack_external":true,"active_permissions":{"api":[],"manifest_permissions":[]},"app_launcher_ordinal":"z","commands":{},"content_settings":[],"creation_flags":153,"events":[],"from_bookmark":true,"from_webstore":true,"granted_permissions":{"api":[],"manifest_permissions":[]},"incognito_content_settings":[],"incognito_preferences":{},"install_time":"13077315934687715","lastpingday":"13084354803105243","location":1,"manifest":{"app":{"launch":{"web_url":"hxxp://www.google.com/webhp?source=search_app"},"urls":["*://www.google.com/search","*://www.google. ... com/imgres"]},"current_locale":"nl","default_locale":"en","description":"The fastest way to search the web.
*************************
C:\AdwCleaner[S1].txt - [26177 bytes] - [17/08/2015 19:49:03]
C:\AdwCleaner[S2].txt - [15158 bytes] - [17/08/2015 21:29:35]
########## EOF - C:\AdwCleaner[S1].txt - [26303 bytes] ##########
adware draait net geen 2h; blijft scan geven, niets te zien om te verwijderen,
heb ik eens op logfile geduwd en kreeg dit, weet niet of dit volledig is,
adware nog niet verwijderd in afwachting van uw antwoord
microsoft windows xp
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
-
verhaegen - Support SeniorenNet
- Lid geworden op: 03 apr 2003, 20:48
- Locatie: kapellen
ge zult toch beter moeten kijken hoor
der is wél een verwijder knop
als die gedaan heeft met scannen : Om alles te verwijderen wat AdwCleaner gevonden heeft, klik je op de knop "Clean.
http://www.antimalwaresoftware.nl/tools/adwcleaner/
ales wat gevonden wordt moet verwijderd worden (en das een pak )
en ook die super optimiser
der is wél een verwijder knop
als die gedaan heeft met scannen : Om alles te verwijderen wat AdwCleaner gevonden heeft, klik je op de knop "Clean.
http://www.antimalwaresoftware.nl/tools/adwcleaner/
ales wat gevonden wordt moet verwijderd worden (en das een pak )
en ook die super optimiser
-
delady - Lid geworden op: 11 sep 2005, 18:45
- Locatie: 3770
dag verhaegen,
ik was even verward, dacht dat scannen nog bezig was, daar in de eerste kolom slechts "N." kwam te staan,
heb op cleaning gedrukt, herstart en kreeg volgende log# AdwCleaner v5.001 - Logfile created 18/08/2015 at 21:49:02
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Downloads\adwcleaner_5.001.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Folder Deleted : C:\Users\Kelly\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
[-] File Deleted : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : LaunchSignup
***** [ Registry ] *****
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Tutorials
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "istartsurf");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "istartsurf");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[-] [C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.istartsurf.com/webfavicon.ico
[-] [C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted :
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C1].txt - [6118 bytes] - [18/08/2015 21:49:02]
C:\AdwCleaner[S1].txt - [26396 bytes] - [17/08/2015 19:49:03]
C:\AdwCleaner[S2].txt - [15158 bytes] - [17/08/2015 21:29:35]
########## EOF - C:\AdwCleaner[C1].txt - [6306 bytes] ##########
groeten
ik was even verward, dacht dat scannen nog bezig was, daar in de eerste kolom slechts "N." kwam te staan,
heb op cleaning gedrukt, herstart en kreeg volgende log# AdwCleaner v5.001 - Logfile created 18/08/2015 at 21:49:02
# Updated 17/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Kelly - KELLY-PC
# Running from : C:\Users\Kelly\Downloads\adwcleaner_5.001.exe
# Option : Cleaning
***** [ Services ] *****
***** [ Folders ] *****
[-] Folder Deleted : C:\Program Files (x86)\globalUpdate
[-] Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Super Optimizer
[-] Folder Deleted : C:\Users\Kelly\AppData\Local\globalUpdate
[-] Folder Deleted : C:\Users\Kelly\AppData\Local\wincheck
***** [ Files ] *****
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0.localstorage
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\databases\chrome-extension_papbadoldddalgcjcicnikcfenodpghp_0
[-] File Deleted : C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Local Extension Settings\papbadoldddalgcjcicnikcfenodpghp
[-] File Deleted : C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\user.js
***** [ Shortcuts ] *****
[-] Shortcut Disinfected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[-] Shortcut Disinfected : C:\Users\Kelly\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
***** [ Scheduled tasks ] *****
[-] Task Deleted : LaunchSignup
***** [ Registry ] *****
[-] Value Deleted : HKLM\SOFTWARE\Classes\.xht\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.webp\OpenWithProgIDs [CRSBRWSHTML]
[-] Value Deleted : HKLM\SOFTWARE\Classes\.shtml\OpenWithProgIDs [CRSBRWSHTML]
[-] Key Deleted : HKLM\SOFTWARE\0a90af18-d3ef-4a0b-b8e9-797385b247a4
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6EDBF8C0-C94C-4A13-956F-E393BCA5BA4B}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
[-] Key Deleted : HKCU\Software\APN PIP
[-] Key Deleted : HKCU\Software\GlobalUpdate
[-] Key Deleted : HKCU\Software\simplytech
[-] Key Deleted : HKCU\Software\Tutorials
[-] Key Deleted : HKCU\Software\Linkey
[-] Key Deleted : HKCU\Software\Kromtech
[-] Key Deleted : HKCU\Software\AppDataLow\Software\SmartWeb
[-] Key Deleted : HKLM\SOFTWARE\AppDataLow\SOFTWARE\_CrossriderRegNamePlaceHolder_
[-] Key Deleted : HKLM\SOFTWARE\Conduit
[-] Key Deleted : HKLM\SOFTWARE\GlobalUpdate
[-] Key Deleted : HKLM\SOFTWARE\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\SpeedBit
[-] Key Deleted : HKLM\SOFTWARE\AIM Toolbar
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\wincheck
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Linkey
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{7ADF667E-E14D-4D2C-827C-B0108F0D93BC}
[!] Key Not Deleted : [x64] HKCU\Software\APN PIP
[!] Key Not Deleted : [x64] HKCU\Software\GlobalUpdate
[!] Key Not Deleted : [x64] HKCU\Software\simplytech
[!] Key Not Deleted : [x64] HKCU\Software\Tutorials
[!] Key Not Deleted : [x64] HKCU\Software\Linkey
[!] Key Not Deleted : [x64] HKCU\Software\Kromtech
***** [ Web browsers ] *****
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.alias", "istartsurf");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.iconURL", "hxxp://www.istartsurf.com/favicon.ico");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.name", "istartsurf");
[-] [C:\Users\Kelly\AppData\Roaming\Mozilla\Firefox\Profiles\uq9z7uv8.default\prefs.js] [Preference] Deleted : user_pref("browser.search.searchengine.url", "hxxp://www.istartsurf.com/web/?type=ds&ts=1439 ... 1V5171V517[...]
[-] [C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider] Deleted : hxxp://www.istartsurf.com/webfavicon.ico
[-] [C:\Users\Kelly\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Default_Search_Provider_Data] Deleted :
*************************
:: Proxy settings cleared
:: Winsock settings cleared
*************************
C:\AdwCleaner[C1].txt - [6118 bytes] - [18/08/2015 21:49:02]
C:\AdwCleaner[S1].txt - [26396 bytes] - [17/08/2015 19:49:03]
C:\AdwCleaner[S2].txt - [15158 bytes] - [17/08/2015 21:29:35]
########## EOF - C:\AdwCleaner[C1].txt - [6306 bytes] ##########
groeten
microsoft windows xp
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
-
delady - Lid geworden op: 11 sep 2005, 18:45
- Locatie: 3770
dag verhaegen,
had bij cc cleaner bewaking uitgevinkt
IE opent nu met google, dank u wel, dochter zal straks tevreden zijn
ben even bij IE bij invoegtoepassingen gaan kijken, staat Bing nog als zoekmachine,
heb met invoegtoepassingenLogfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:08:42, on 19/08/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
FIREFOX: 40.0.2 (x86 nl)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kelly\Desktop\pc\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6517 bytes
toevoegen, google toegevoegd maar die geraakt niet ingeschakeld?ook niet als je hem als vaste aanduidt, wou graag die bing eraf hebben
heb ook nog een hijack this gedaan
had bij cc cleaner bewaking uitgevinkt
IE opent nu met google, dank u wel, dochter zal straks tevreden zijn
ben even bij IE bij invoegtoepassingen gaan kijken, staat Bing nog als zoekmachine,
heb met invoegtoepassingenLogfile of Trend Micro HijackThis v2.0.5
Scan saved at 10:08:42, on 19/08/2015
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17937)
FIREFOX: 40.0.2 (x86 nl)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Users\Kelly\Desktop\pc\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.be/?gws_rd=ssl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [VirtualCloneDrive] "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update-service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update-service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: Intel(R) Management & Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 6517 bytes
toevoegen, google toegevoegd maar die geraakt niet ingeschakeld?ook niet als je hem als vaste aanduidt, wou graag die bing eraf hebben
heb ook nog een hijack this gedaan
microsoft windows xp
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
home edtion
versie 2002
service pack 3
intel(R) Corel(TM)2 Quad CPU
Q6600 @ 2.40 Ghz
kloksnelheid 2.39 GHz, 1,75 GB
-
verhaegen - Support SeniorenNet
- Lid geworden op: 03 apr 2003, 20:48
- Locatie: kapellen
bing der af en google in de plaats gaat wél hoor
als je de juiste procedure volgt
als ik u was zou ik toch nog even het tooltje van crome zelf gebruiken om die crome nog eens een beurt te geven
https://support.google.com/websearch/answer/464?hl=nl
onderstaande is de normale manier :
als google al in de lijst staat , ga je naar :
invoegtoepassingen beheren
zoekmachines
klik op de google
klik op : als standaardinvoegtoepassing gebruiken
klik bing aan
klik op : verwijderen
als je de juiste procedure volgt
als ik u was zou ik toch nog even het tooltje van crome zelf gebruiken om die crome nog eens een beurt te geven
https://support.google.com/websearch/answer/464?hl=nl
onderstaande is de normale manier :
als google al in de lijst staat , ga je naar :
invoegtoepassingen beheren
zoekmachines
klik op de google
klik op : als standaardinvoegtoepassing gebruiken
klik bing aan
klik op : verwijderen
-
Sony - Lid geworden op: 19 feb 2005, 13:45
- Locatie: Boom
Delady,
Plaats HijackThis eens in een eigen map
C:\Users\Kelly\Desktop\pc\HijackThis.exe
zo:
C:\HijackThis\HijackThis.exe
Ik stel voor dat u Malwarebytes ook nog een diepe scan laat doen klik op onderstaande link, de download start automatisch.
https://www.malwarebytes.org/mwb-download/
Sony
Plaats HijackThis eens in een eigen map
C:\Users\Kelly\Desktop\pc\HijackThis.exe
zo:
C:\HijackThis\HijackThis.exe
Ik stel voor dat u Malwarebytes ook nog een diepe scan laat doen klik op onderstaande link, de download start automatisch.
https://www.malwarebytes.org/mwb-download/
Sony