Mededeling

Collapse
No announcement yet.

Pop-ups, banners en veranderde startpagina

Collapse
X
  •  
  • Filter
  • Tijd
  • Show
Clear All
new posts

  • Pop-ups, banners en veranderde startpagina

    Hallo,

    In de titel heb ik het probleem aangegeven, in aanvulling hierop: het laden van webpagina's vindt opvallend traag plaats.

    Ik heb de stappen van "Voordat je een bericht plaatst" opgevolgd.
    Tijdens het scannen op rootkits met GMER liep mijn PC volledig vast. Ik kreeg een zwart scherm met de tekst: "Disk boot failure, insert system disk and press enter."

    Hieronder volgt mijn DDS-bestand:

    DDS (Ver_2012-11-20.01) - NTFS_x86
    Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
    Run by Owner at 1:04:41 on 2013-09-08
    Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.50 [GMT -4:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
    .
    ============== Running Processes ================
    .
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
    C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe
    C:\WINDOWS\Downlo~1\MyWebEx\319\RAAGTAPP.EXE
    C:\windows\system\hpsysdrv.exe
    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
    C:\WINDOWS\System32\hphmon05.exe
    C:\HP\KBD\KBD.EXE
    C:\WINDOWS\system32\VTTimer.exe
    C:\WINDOWS\AGRSMMSG.exe
    C:\WINDOWS\ALCXMNTR.EXE
    C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe
    C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPMon32.exe
    C:\Program Files\VERIZONDM\bin\sprtcmd.exe
    C:\Program Files\DivX\DivX Update\DivXUpdate.exe
    C:\Program Files\AVG Secure Search\vprot.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\PCShowServerPMWrapper.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\NDSPCShowServer.exe
    C:\WINDOWS\Downloaded Program Files\MyWebEx\319\raagtx.exe
    C:\WINDOWS\System32\gearsec.exe
    C:\Program Files\Java\jre7\bin\jqs.exe
    C:\Program Files\VERIZONDM\bin\sprtsvc.exe
    C:\Program Files\privoxy\privoxy.exe
    C:\Program Files\VERIZONDM\bin\tgsrvc.exe
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.5.0\loggingserver.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\WINDOWS\System32\alg.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Program Files\Mozilla Firefox\plugin-container.exe
    C:\WINDOWS\system32\wbem\wmiprvse.exe
    C:\WINDOWS\system32\svchost.exe -k DcomLaunch
    C:\WINDOWS\system32\svchost.exe -k rpcss
    C:\WINDOWS\System32\svchost.exe -k netsvcs
    C:\WINDOWS\System32\svchost.exe -k NetworkService
    C:\WINDOWS\system32\svchost.exe -k LocalService
    C:\WINDOWS\System32\svchost.exe -k imgsvc
    C:\WINDOWS\system32\svchost.exe -k netsvcs
    C:\WINDOWS\System32\svchost.exe -k HTTPFilter
    .
    ============== Pseudo HJT Report ===============
    .
    uStart Page = hxxp://www.google.com/
    uWindow Title = Microsoft Internet Explorer customized for Verizon Online
    uSearch Page = hxxp://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
    uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
    uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
    mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
    uProxyServer = hxxp=127.0.0.1:8118
    uProxyOverride = localhost
    uURLSearchHooks: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - <orphaned>
    dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
    BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
    BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
    BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - LocalServer32 - <no file>
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
    BHO: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
    BHO: Define: {B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE} - c:\documents and settings\owner\local settings\application data\defineext\temp.dat
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
    TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
    TB: <No Name>: {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - LocalServer32 - <no file>
    TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
    TB: <No Name>: - LocalServer32 - <no file>
    TB: AVG Security Toolbar: {95B7759C-8C7F-4BF1-B163-73684A933233} - c:\program files\avg secure search\15.5.0.2\AVG Secure Search_toolbar.dll
    TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
    EB: hp view: {8F4902B6-6C04-4ade-8052-AA58578A21BD} - c:\windows\system32\shdocvw.dll
    uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
    uRun: [BackupNotify] c:\program files\hp\digital imaging\bin\backupnotify.exe
    uRun: [PCShowServer] "c:\documents and settings\owner\local settings\application data\directv player\PCShowServerPMWrapper.exe"
    uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
    mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
    mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
    mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
    mRun: [KBD] c:\hp\kbd\KBD.EXE
    mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
    mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
    mRun: [VTTimer] VTTimer.exe
    mRun: [AGRSMMSG] AGRSMMSG.exe
    mRun: [PS2] c:\windows\system32\ps2.exe
    mRun: [AlcxMonitor] ALCXMNTR.EXE
    mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
    mRun: [IPInSightLAN 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPClient.exe" -l
    mRun: [IPInSightMonitor 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPMon32.exe"
    mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
    mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
    mRun: [vProt] "c:\program files\avg secure search\vprot.exe"
    mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
    mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
    mRun: [SunJavaUpdateSched] c:\program files\java\jre7\bin\jusched.exe
    mRun: [Privoxy] c:\program files\privoxy\starthelp.exe
    StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\windows\downloaded program files\mywebex\319\raagtx.exe
    uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    uPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
    mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
    mPolicies-Explorer: NoDriveAutoRun = dword:67108863
    IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
    IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBC} - <orphaned>
    IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
    IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
    IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
    DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
    DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    TCP: NameServer = 192.168.1.1 192.168.1.1
    TCP: Interfaces\{FE5F6EAE-0EB3-4243-BE98-4214490819E7} : DHCPNameServer = 192.168.1.1 192.168.1.1
    Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files\common files\avg secure search\viprotocolinstaller\15.5.0\ViProtocol.dll
    Notify: igfxcui - igfxsrvc.dll
    SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
    SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\
    FF - prefs.js: browser.search.selectedEngine - MixiDJ V30 Customized Web Search
    FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
    FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN12495888882602117&UM=&q=
    FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}\plugins\np-mswmp.dll
    FF - plugin: c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}\plugins\npConduitFirefoxPlugin.dll
    FF - plugin: c:\documents and settings\owner\local settings\application data\directv player\npPlayerPlugin.dll
    FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
    FF - plugin: c:\program files\common files\avg secure search\sitesafetyinstaller\15.5.0\npsitesafety.dll
    FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
    FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
    FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
    FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
    FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
    FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
    FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
    FF - plugin: c:\windows\system32\npdeployJava1.dll
    FF - plugin: c:\windows\system32\npptools.dll
    FF - ExtSQL: 2013-08-30 00:00; [email protected]; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\[email protected]
    FF - ExtSQL: 2013-08-30 10:53; {1122b43d-30ee-403f-9bfa-3cc99b0caddd}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
    FF - ExtSQL: 2013-08-30 10:55; {03452453-8D4D-4075-B885-FA5FF997737A}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{03452453-8D4D-4075-B885-FA5FF997737A}
    .
    ---- FIREFOX POLICIES ----
    user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);user_pref('extensions.blocklist.enabled', false);user_pref('network.proxy.type', 5);
    ============= SERVICES / DRIVERS ===============
    .
    R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
    R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 246072]
    R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]
    R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]
    R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
    R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
    R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 171320]
    R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 182072]
    R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-28 37664]
    R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-12-4 12880]
    R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 67664]
    R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-1 116608]
    R2 atnthost;WebEx Remote Access Agent;c:\windows\downlo~1\mywebex\319\atnthost.exe [2012-7-19 18592]
    R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
    R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
    R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2013-6-30 9216]
    R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
    S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
    S2 mrtRate;mrtRate; [x]
    S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-4-8 1025352]
    S3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
    S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
    .
    =============== File Associations ===============
    .
    ShellExec: FRONTPG.EXE: edit=c:\progra~1\mi1933~1\office\FRONTPG.EXE
    .
    =============== Created Last 30 ================
    .
    2013-09-04 13:11:09 22856 ----a-w- c:\windows\system32\drivers\mbam.sys
    2013-08-30 20:31:53 -------- d-sh--w- c:\documents and settings\owner\IECompatCache
    2013-08-30 20:30:34 -------- d-sh--w- c:\documents and settings\owner\PrivacIE
    2013-08-30 20:09:53 -------- d-sh--w- c:\documents and settings\owner\IETldCache
    2013-08-30 19:57:39 -------- d-----w- c:\windows\ie8updates
    2013-08-30 19:45:58 -------- dc-h--w- c:\windows\ie8
    2013-08-30 19:28:01 522240 -c----w- c:\windows\system32\dllcache\jsdbgui.dll
    2013-08-30 19:23:02 6144 -c----w- c:\windows\system32\dllcache\iecompat.dll
    2013-08-30 19:22:47 630272 -c----w- c:\windows\system32\dllcache\msfeeds.dll
    2013-08-30 19:22:47 55296 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll
    2013-08-30 19:22:45 12800 -c----w- c:\windows\system32\dllcache\xpshims.dll
    2013-08-30 19:22:42 743424 -c----w- c:\windows\system32\dllcache\iedvtool.dll
    2013-08-30 19:22:40 247808 -c----w- c:\windows\system32\dllcache\ieproxy.dll
    2013-08-30 19:22:39 2005504 -c----w- c:\windows\system32\dllcache\iertutil.dll
    2013-08-30 19:22:34 11113472 -c----w- c:\windows\system32\dllcache\ieframe.dll
    2013-08-30 19:00:44 -------- d-----w- c:\documents and settings\owner\application data\searchresultstb
    2013-08-30 16:44:06 130128 ----a-w- c:\windows\atagtctl.exe
    2013-08-30 14:57:15 -------- d-----w- c:\program files\FileOpenerPro
    2013-08-30 14:56:28 -------- d-----w- c:\documents and settings\owner\local settings\application data\DefineExt
    2013-08-30 14:55:58 -------- d-----w- c:\program files\privoxy
    2013-08-30 14:55:24 -------- d-----w- c:\program files\Web Protect
    2013-08-30 14:53:58 -------- d-----w- c:\documents and settings\owner\application data\SearchProtect
    2013-08-30 09:27:45 -------- d-----w- c:\windows\system32\MRT
    2013-08-30 06:31:46 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll
    2013-08-30 06:31:45 116120 ----a-w- c:\program files\mozilla firefox\crashreporter.exe
    2013-08-30 06:31:28 262552 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
    2013-08-30 06:31:26 17737608 ----a-w- c:\windows\system32\FlashPlayerInstaller.exe
    2013-08-30 06:31:21 74136 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
    2013-08-30 06:31:16 19352 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
    .
    ==================== Find3M ====================
    .
    2013-08-30 06:32:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
    2013-08-30 06:32:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
    2013-08-30 05:27:27 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
    2013-08-03 18:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
    2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
    2013-07-26 02:47:13 43520 ------w- c:\windows\system32\licmgr10.dll
    2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
    2013-07-25 15:52:59 385024 ------w- c:\windows\system32\html.iec
    2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
    2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
    2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
    2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
    2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
    2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
    2013-07-04 02:59:11 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
    2013-07-04 02:08:30 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
    2013-06-23 18:24:29 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
    2013-06-23 18:24:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
    2013-06-23 18:24:26 789416 ----a-w- c:\windows\system32\deployJava1.dll
    2013-06-23 18:24:26 144896 ----a-w- c:\windows\system32\javacpl.cpl
    2006-08-04 00:41:23 774144 -c--a-w- c:\program files\RngInterstitial.dll
    2005-01-04 00:40:16 5473872 -c--a-w- c:\program files\msjavx86_3805.exe
    2004-12-29 05:05:52 149504 -c--a-w- c:\program files\cwshredder.exe
    .
    ============= FINISH: 1:08:19.95 ===============

  • #2
    Hoi Jan VS,

    Voor we beginnen , wil ik even vriendelijk op de volgende richtlijnen wijzen:
    .
    • Log enkel in als beheerder met alle rechten.
    • Post je probleem niet in verscheidene fora. het komt je probleem niet ten goede en het is niet netjes tegenover de helpers.
    • Het opruimen van je systeem kan wat tijd in beslag nemen, wees geduldig.
    • Volg aandachtig de instructies die door mij worden gegeven.
    • Volg enkel het door mij gegeven advies op
    • Blijf bij het topic totdat ik gemeldt heb dat je PC clean is.
    • Als je iets niet weet of verstaat, vraag het dan even aub.
    • Installeer of deinstalleer géén software of hardware terwijl we met je probleem bezig zijn.
    • Ga ondertussen niet wat "anders" proberen, dat maakt het alleen maar moeilijker voor ons
    • Zet je emoticons (Smileys) uit als je logs plaatst aub .
    • De logs niet als bijlage, noch tussen codetags zetten aub.

    .
    Opmerking: Vista of Windows 7 ? >> Alle tools steeds uitvoeren als admin.
    De instructies die worden gegeven, zijn enkel geldig voor jouw PC.

    Stap 1:

    Malware scannen en verwijderen....


    Download MalwareBytes' Anti-Malware naar je bureaublad vanuit één van de volgende links: Dubbelklik op mbam-setup.exe om het programma te installeren.

    Op het einde van de setup procedure, krijg je een scherm waar je op "Voltooien" moet klikken.
    Indien je MBAM niet wenst te evalueren, vink je de eerste optie uit en klik je dan pas op "Voltooien"

    Zorg dat er na de installatie een vinkje is geplaatst bij:
    • Update MalwareBytes' Anti-Malware
    • Start MalwareBytes' Anti-Malware
    • Klik daarna op "Voltooien". Indien een update gevonden wordt, zal die gedownload en geïnstalleerd worden.



    Zodra het programma gestart is, ga je naar het tabblad "Instellingen".
    • Vink hier aan: "Sluit Internet Explorer tijdens verwijdering van malware".
    • Ga naar het tabblad "Updates" en Update MBAM.
    • Ga daarna naar het tabblad "Scanner", kies hier voor "VOLLEDIGE Scan".
    • Druk vervolgens op "Scannen" om de scan te starten.
    • Het scannen kan een tijdje duren, dus wees geduldig.
    • Wanneer de scan voltooid is, klik op OK, daarna "Bekijk Resultaten" om de resultaten te zien.
    • Zorg ervoor dat daar alles aangevinkt is, daarna klik op: "Verwijder geselecteerde".
    • Na het verwijderen zal een log openen en zal er gevraagd worden om de computer opnieuw op te starten.

    Indien MBAM vraagt om een herstart, doe dit dan ook.
    Wanneer je de restart hebt gedaan, maak je een nieuwe snelle scan met MBAM.
    In dat geval post je dus de twee logs.

    De log wordt automatisch bewaard door MalwareBytes' Anti-Malware en kan je terugvinden door op de "Logs" tab te klikken in het programma.


    Bij problemen!!!

    ___________________________________________________________

    Stap 2:

    Controle op slechte toolbars...

    Download AdwCleaner by Xplode naar je Bureaublad.
    • Sluit alle openstaande vensters
    • Start AdwCleaner
    • Klik op Scan
    • Klik op Clean
    • KLIK HIER voor een vergroting! 

    Alle icoontjes verdwijnen van het Bureaublad,dit is normaal
    Je PC word opnieuw opgestart en er een opent logfile (C:\ AdwCleaner[xx].txt post de inhoud hier op het Forum.

    Enkel de log na de "clean" optie heb ik nodig.

    Vergeet niet om je "smileys" uit te schakelen.

    Als je Startpagina ook gehijackt was,stel dan de zoekmachine opnieuw in,deze word standaard door AdwCleaner terug gezet naar Google.com

    ___________________________________________________________

    Stap 3:

    Download DDS.com, DDS.scr of DDS.pif van één van deze locaties en plaats het op je bureaublad:


    DDS is een diagnosetool en maakt gebruik van scripts.
    Is het uitvoeren van scripts uitgeschakeld, dan schakel je dit weer in zodat er geen problemen optreden bij gebruik van DDS.


    Dubbelklik op DDS om de tool te starten. (afhankelijk van de download die je gekozen hebt kan dit het bestand DDS.com, DDS.scr of DDS.pif zijn)
    Wanneer het klaar is openen er twee logfiles: DDS.txt en Attach.txt
    Beide logfiles sla je op je bureaublad.

    Post de inhoud van DDS.txt.

    De inhoud Attach.txt moet je niet posten en Attach.txt moet je niet als bijlage toevoegen aan je post, tenzij ik er om vraag.

    ___________________________________________________________

    Stap 4:

    Controle op updates...

    Download Security Check op je bureaublad via hier of hier

    Start Security Check
    Volg de Instructies in het scherm
    Aan het eind verschijnt een log ( checkup.txt )
    Plaats de inhoud ervan in je volgende antwoord.

    In je volgende posting, had ik graag de volgende logs gezien, gemaakt in de opgestelde volgorde:
    .
    • MBAM
    • AdwCleaner
    • DDS
    • checkup.txt

    .
    Deze logs NIET als bijlage of tussen codetags posten aub.
    (Desnoods in meerdere postingen.)

    Emphyrio
    Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
    E Dev * McAfee verwijderen. * Ccleaner * E-Peek

    Comment


    • #3
      MBAM (1)
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Database version: v2013.09.08.02

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Owner :: YOUR-VP7X3S9CTM [administrator]

      9/8/2013 1:35:11 PM
      mbam-log-2013-09-08 (13-35-11).txt

      Scan type: Quick scan
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 251368
      Time elapsed: 21 minute(s), 45 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 0
      (No malicious items detected)

      (end)

      MBAM (2):
      Malwarebytes Anti-Malware 1.75.0.1300
      www.malwarebytes.org

      Database version: v2013.09.08.02

      Windows XP Service Pack 3 x86 NTFS
      Internet Explorer 8.0.6001.18702
      Owner :: YOUR-VP7X3S9CTM [administrator]

      9/8/2013 6:27:52 AM
      mbam-log-2013-09-08 (06-27-52).txt

      Scan type: Full scan (C:\|D:\|)
      Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
      Scan options disabled: P2P
      Objects scanned: 364719
      Time elapsed: 6 hour(s), 24 minute(s), 16 second(s)

      Memory Processes Detected: 0
      (No malicious items detected)

      Memory Modules Detected: 0
      (No malicious items detected)

      Registry Keys Detected: 0
      (No malicious items detected)

      Registry Values Detected: 0
      (No malicious items detected)

      Registry Data Items Detected: 0
      (No malicious items detected)

      Folders Detected: 0
      (No malicious items detected)

      Files Detected: 1
      C:\Documents and Settings\Owner\My Documents\Downloads\tinymediaconverter_227(2).exe (Trojan.InstallIQ) -> Quarantined and deleted successfully.

      (end)


      AdwCleaner:
      # AdwCleaner v3.003 - Report created 08/09/2013 at 16:14:03
      # Updated 07/09/2013 by Xplode
      # Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
      # Username : Owner - YOUR-VP7X3S9CTM
      # Running from : C:\Documents and Settings\Owner\My Documents\Downloads\adwcleaner.exe
      # Option : Clean

      ***** [ Services ] *****


      ***** [ Files / Folders ] *****

      Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Secure Search
      Folder Deleted : C:\Documents and Settings\All Users\Application Data\AVG Security Toolbar
      Folder Deleted : C:\Documents and Settings\All Users\Application Data\GamesBar
      Folder Deleted : C:\Documents and Settings\All Users\Application Data\Trymedia
      Folder Deleted : C:\Program Files\AVG Secure Search
      Folder Deleted : C:\Program Files\Free Offers from Freeze.com
      Folder Deleted : C:\Program Files\Search Results Toolbar
      Folder Deleted : C:\Program Files\Common Files\AVG Secure Search
      Folder Deleted : C:\Documents and Settings\Owner\IECompatCache
      Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG Secure Search
      Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\AVG Security Toolbar
      Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\DefineExt
      Folder Deleted : C:\Documents and Settings\Owner\Local Settings\Application Data\Ilivid
      Folder Deleted : C:\DOCUME~1\Owner\LOCALS~1\Temp\CT3298566
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\AVG Secure Search
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\ilividtoolbarguid
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\SearchProtect
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\searchresultstb
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bv4gwmws.default-1370714463796\Smartbar
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bv4gwmws.default-1370714463796\CT3298566
      Folder Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bv4gwmws.default-1370714463796\Extensions\{1122b43d-30ee-403f-9bfa-3cc99b0caddd}
      File Deleted : C:\Program Files\Mozilla Firefox\Extensions\{1FD91A9C-410C-4090-BBCC-55D3450EF433}
      File Deleted : C:\END
      File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\avg-secure-search.xml
      File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Search_Results.xml
      File Deleted : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bv4gwmws.default-1370714463796\user.js

      ***** [ Shortcuts ] *****


      ***** [ Registry ] *****

      Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
      Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\BrowserConnection.dll
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
      Key Deleted : HKLM\SOFTWARE\Classes\Applications\ilividsetup.exe
      Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI
      Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.BrowserWndAPI.1
      Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj
      Key Deleted : HKLM\SOFTWARE\Classes\AVG Secure Search.PugiObj.1
      Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard
      Key Deleted : HKLM\SOFTWARE\Classes\iLividIEHelper.DNSGuard.1
      Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
      Key Deleted : HKLM\SOFTWARE\Classes\S
      Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
      Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
      Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
      Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
      Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
      Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
      Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D97A8234-F2A2-4AD4-91D5-FECDB2C553AF}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{94496571-6AC5-4836-82D5-D46260C44B17}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BC9FD17D-30F6-4464-9E53-596A90AFF023}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BF0118D4-63FF-4138-9327-F3028FB1A578}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC5AD34C-6F10-4CB3-B74A-C2DD4D5060A3}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CE4DB5A3-58E6-41F1-8761-47238DF4F468}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
      Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{13ABD093-D46F-40DF-A608-47E162EC799D}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
      Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B78F92C8-DEB3-11E2-9A0A-FB64281D6ADE}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E38FA08E-F56A-4169-ABF5-5C71E3C153A1}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
      Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
      Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
      Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
      Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
      Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
      Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
      Key Deleted : HKCU\Software\APN DTX
      Key Deleted : HKCU\Software\AVG Secure Search
      Key Deleted : HKCU\Software\AVG Security Toolbar
      Key Deleted : HKCU\Software\Conduit
      Key Deleted : HKCU\Software\ilividtoolbarguid
      Key Deleted : HKCU\Software\SmartBar
      Key Deleted : HKCU\Software\YahooPartnerToolbar
      Key Deleted : HKCU\Software\AppDataLow\Software\Freecause
      Key Deleted : HKLM\Software\AVG Secure Search
      Key Deleted : HKLM\Software\AVG Security Toolbar
      Key Deleted : HKLM\Software\Freeze.com
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG Secure Search
      Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividtoolbarguid

      ***** [ Browsers ] *****

      -\\ Internet Explorer v8.0.6001.18702


      -\\ Mozilla Firefox v23.0.1 (en-US)

      [ File : C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\bv4gwmws.default-1370714463796\prefs.js ]

      Line Deleted : user_pref("CT3298566.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
      Line Deleted : user_pref("CT3298566.FirstTime", "true");
      Line Deleted : user_pref("CT3298566.FirstTimeFF3", "true");
      Line Deleted : user_pref("CT3298566.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN12495888882602117&UM=&q=");
      Line Deleted : user_pref("CT3298566.UserID", "UN12495888882602117");
      Line Deleted : user_pref("CT3298566.addressBarTakeOverEnabledInHidden", "true");
      Line Deleted : user_pref("CT3298566.browser.search.defaultthis.engineName", true);
      Line Deleted : user_pref("CT3298566.countryCode", "US");
      Line Deleted : user_pref("CT3298566.defaultSearch", "true");
      Line Deleted : user_pref("CT3298566.enableAlerts", "true");
      Line Deleted : user_pref("CT3298566.enableSearchFromAddressBar", "true");
      Line Deleted : user_pref("CT3298566.enlargeSearchBox", "{\"enabled\":true,\"maxWidth\":1000,\"minWidth\":250,\"width\":500}");
      Line Deleted : user_pref("CT3298566.firstTimeDialogOpened", "true");
      Line Deleted : user_pref("CT3298566.fixPageNotFoundError", "true");
      Line Deleted : user_pref("CT3298566.fixPageNotFoundErrorByUser", "true");
      Line Deleted : user_pref("CT3298566.fixPageNotFoundErrorInHidden", "true");
      Line Deleted : user_pref("CT3298566.fullUserID", "UN12495888882602117.IN.20130830105352");
      Line Deleted : user_pref("CT3298566.homepageuserchanged", true);
      Line Deleted : user_pref("CT3298566.installId", "cid111");
      Line Deleted : user_pref("CT3298566.installType", "conduitnsisintegration");
      Line Deleted : user_pref("CT3298566.isCheckedStartAsHidden", true);
      Line Deleted : user_pref("CT3298566.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
      Line Deleted : user_pref("CT3298566.isFirstTimeToolbarLoading", "false");
      Line Deleted : user_pref("CT3298566.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
      Line Deleted : user_pref("CT3298566.keyword", true);
      Line Deleted : user_pref("CT3298566.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3298566&octid=CT3298566&SearchSource=15&CUI=UN12495888882602117&SSPV=&Lay=1&UM=\"}");
      Line Deleted : user_pref("CT3298566.lastVersion", "10.19.2.505");
      Line Deleted : user_pref("CT3298566.mam_gk_installer_preapproved.enc", "ZmFsc2U=");
      Line Deleted : user_pref("CT3298566.navigationAliasesJson", "{\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.nucia.eu%2Fforum%2Fthreads%2F70847-Pop-ups-banners-en-veranderde-startpagina%3Fp%3D684408%23post684408\",\"EB_MA
      Line Deleted : user_pref("CT3298566.openThankYouPage", "false");
      Line Deleted : user_pref("CT3298566.openUninstallPage", "true");
      Line Deleted : user_pref("CT3298566.originalHomepage", "www.google.com");
      Line Deleted : user_pref("CT3298566.originalSearchAddressUrl", false);
      Line Deleted : user_pref("CT3298566.originalSearchEngine", "Google");
      Line Deleted : user_pref("CT3298566.originalSearchEngineName", "Google");
      Line Deleted : user_pref("CT3298566.revertSettingsEnabled", "false");
      Line Deleted : user_pref("CT3298566.searchFromAddressBarEnabledByUser", "true");
      Line Deleted : user_pref("CT3298566.searchInNewTabEnabledByUser", "true");
      Line Deleted : user_pref("CT3298566.searchInNewTabEnabledInHidden", "true");
      Line Deleted : user_pref("CT3298566.searchSuggestEnabledByUser", "true");
      Line Deleted : user_pref("CT3298566.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3298566\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://MixiDJV30.OurToolbar.com//xpi\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"MixiDJ V30 \"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_Configuration_lastUpdate", "1378616023625");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_login_10.19.2.505_lastUpdate", "1378649677633");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_searchAPI_lastUpdate", "1378616023577");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_serviceMap_lastUpdate", "1378616023193");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_toolbarSettings_lastUpdate", "1378649678410");
      Line Deleted : user_pref("CT3298566.serviceLayer_services_translation_lastUpdate", "1378616025124");
      Line Deleted : user_pref("CT3298566.settingsINI", true);
      Line Deleted : user_pref("CT3298566.shouldFirstTimeDialog", "false");
      Line Deleted : user_pref("CT3298566.showToolbarPermission", "false");
      Line Deleted : user_pref("CT3298566.smartbar.CTID", "CT3298566");
      Line Deleted : user_pref("CT3298566.smartbar.Uninstall", "0");
      Line Deleted : user_pref("CT3298566.smartbar.homepage", true);
      Line Deleted : user_pref("CT3298566.smartbar.isHidden", true);
      Line Deleted : user_pref("CT3298566.smartbar.toolbarName", "MixiDJ V30 ");
      Line Deleted : user_pref("CT3298566.startPage", "true");
      Line Deleted : user_pref("CT3298566.toolbarBornServerTime", "3-9-2013");
      Line Deleted : user_pref("CT3298566.toolbarCurrentServerTime", "8-9-2013");
      Line Deleted : user_pref("CT3298566.toolbarLoginClientTime", "Tue Sep 03 2013 05:24:04 GMT-0400 (Eastern Standard Time)");
      Line Deleted : user_pref("CT3298566_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1378670724379,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
      Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
      Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "MixiDJ V30 Customized Web Search");
      Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN12495888882602117&UM=&q=");
      Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3298566");
      Line Deleted : user_pref("browser.search.defaultenginename", "MixiDJ V30 Customized Web Search");
      Line Deleted : user_pref("browser.search.selectedEngine", "MixiDJ V30 Customized Web Search");
      Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN12495888882602117&UM=&q=");
      Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3298566");
      Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3298566&SearchSource=13&CUI=UN12495888882602117");
      Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3298566&SearchSource=2&CUI=UN12495888882602117&UM=&q=");
      Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3298566");
      Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3298566");
      Line Deleted : user_pref("smartbar.machineId", "+DBO5KP9HTM6NUFE0B7WOU2CTF798XJAXLBZXELDDLDXJNPOZ8WN/KC0MQTYADXIQ2SUB2TOHRPZA+Z0AD3OEQ");

      *************************

      AdwCleaner[R0].txt - [17397 octets] - [08/09/2013 16:11:55]
      AdwCleaner[S0].txt - [17566 octets] - [08/09/2013 16:14:03]

      ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [17627 octets] ##########


      DDS:
      DDS (Ver_2012-11-20.01) - NTFS_x86
      Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
      Run by Owner at 17:00:08 on 2013-09-08
      Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.447.209 [GMT -4:00]
      .
      AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {17DDD097-36FF-435F-9E1B-52D74245D6BF}
      .
      ============== Running Processes ================
      .
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
      C:\windows\system\hpsysdrv.exe
      C:\WINDOWS\Downlo~1\MyWebEx\319\atnthost.exe
      C:\WINDOWS\Downlo~1\MyWebEx\319\RAAGTAPP.EXE
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\WINDOWS\System32\hphmon05.exe
      C:\HP\KBD\KBD.EXE
      C:\WINDOWS\system32\VTTimer.exe
      C:\WINDOWS\AGRSMMSG.exe
      C:\WINDOWS\ALCXMNTR.EXE
      C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe
      C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPMon32.exe
      C:\Program Files\VERIZONDM\bin\sprtcmd.exe
      C:\Program Files\DivX\DivX Update\DivXUpdate.exe
      C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
      C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
      C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\PCShowServerPMWrapper.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\NDSPCShowServer.exe
      C:\Program Files\Freemake\CaptureLib\CaptureLibService.exe
      C:\WINDOWS\Downloaded Program Files\MyWebEx\319\raagtx.exe
      C:\Program Files\privoxy\privoxy.exe
      C:\WINDOWS\System32\gearsec.exe
      C:\Program Files\Java\jre7\bin\jqs.exe
      C:\Program Files\VERIZONDM\bin\sprtsvc.exe
      C:\Program Files\VERIZONDM\bin\tgsrvc.exe
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
      C:\WINDOWS\System32\alg.exe
      C:\Program Files\Microsoft\BingBar\7.2.241.0\SeaPort.exe
      C:\WINDOWS\System32\msiexec.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\system32\svchost.exe -k DcomLaunch
      C:\WINDOWS\system32\svchost.exe -k rpcss
      C:\WINDOWS\System32\svchost.exe -k netsvcs
      C:\WINDOWS\System32\svchost.exe -k NetworkService
      C:\WINDOWS\system32\svchost.exe -k LocalService
      C:\WINDOWS\System32\svchost.exe -k imgsvc
      C:\WINDOWS\system32\svchost.exe -k netsvcs
      C:\WINDOWS\System32\svchost.exe -k HTTPFilter
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://www.google.com/
      uWindow Title = Microsoft Internet Explorer customized for Verizon Online
      uSearch Page = hxxp://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
      uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
      uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
      mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
      uProxyServer = hxxp=127.0.0.1:8118
      uProxyOverride = localhost
      dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
      BHO: Bing Bar Helper: {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
      BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
      BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
      BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
      BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
      TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
      TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
      TB: <No Name>: - LocalServer32 - <no file>
      TB: Bing Bar: {eec0f710-38b5-4aba-99bf-ec87564a4e13} - c:\program files\microsoft\bingbar\7.2.241.0\BingExt.dll
      EB: hp view: {8F4902B6-6C04-4ade-8052-AA58578A21BD} - c:\windows\system32\shdocvw.dll
      uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
      uRun: [BackupNotify] c:\program files\hp\digital imaging\bin\backupnotify.exe
      uRun: [PCShowServer] "c:\documents and settings\owner\local settings\application data\directv player\PCShowServerPMWrapper.exe"
      uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
      mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
      mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
      mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
      mRun: [KBD] c:\hp\kbd\KBD.EXE
      mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
      mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
      mRun: [VTTimer] VTTimer.exe
      mRun: [AGRSMMSG] AGRSMMSG.exe
      mRun: [PS2] c:\windows\system32\ps2.exe
      mRun: [AlcxMonitor] ALCXMNTR.EXE
      mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
      mRun: [IPInSightLAN 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPClient.exe" -l
      mRun: [IPInSightMonitor 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPMon32.exe"
      mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
      mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
      mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
      mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
      mRun: [SunJavaUpdateSched] c:\program files\java\jre7\bin\jusched.exe
      mRun: [Privoxy] c:\program files\privoxy\starthelp.exe
      StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\quickb~1.lnk - c:\windows\downloaded program files\mywebex\319\raagtx.exe
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
      uPolicies-Explorer: NoDriveAutoRun = dword:67108863
      mPolicies-Explorer: NoDriveAutoRun = dword:67108863
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
      mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
      mPolicies-Explorer: NoDriveAutoRun = dword:67108863
      IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
      IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBC} - <orphaned>
      IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
      IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
      IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
      DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
      DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
      TCP: NameServer = 192.168.1.1 192.168.1.1
      TCP: Interfaces\{FE5F6EAE-0EB3-4243-BE98-4214490819E7} : DHCPNameServer = 192.168.1.1 192.168.1.1
      Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
      Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
      Notify: igfxcui - igfxsrvc.dll
      SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
      SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\
      FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
      FF - plugin: c:\documents and settings\owner\local settings\application data\directv player\npPlayerPlugin.dll
      FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
      FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
      FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
      FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
      FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
      FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
      FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
      FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
      FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
      FF - plugin: c:\windows\system32\npdeployJava1.dll
      FF - plugin: c:\windows\system32\npptools.dll
      FF - ExtSQL: 2013-08-30 00:00; [email protected]; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\[email protected]
      FF - ExtSQL: 2013-08-30 10:55; {03452453-8D4D-4075-B885-FA5FF997737A}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{03452453-8D4D-4075-B885-FA5FF997737A}
      .
      ============= SERVICES / DRIVERS ===============
      .
      R0 AVGIDSHX;AVGIDSHX;c:\windows\system32\drivers\avgidshx.sys [2012-4-19 60216]
      R0 Avglogx;AVG Logging Driver;c:\windows\system32\drivers\avglogx.sys [2012-8-9 246072]
      R0 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2010-9-7 96568]
      R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2010-9-7 39224]
      R1 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\avgidsdriverx.sys [2011-12-23 208184]
      R1 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\avgidsshimx.sys [2011-12-23 22328]
      R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2010-9-7 171320]
      R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2010-9-7 182072]
      R1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2012-9-28 37664]
      R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2008-12-4 12880]
      R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2008-12-4 67664]
      R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-7-1 116608]
      R2 atnthost;WebEx Remote Access Agent;c:\windows\downlo~1\mywebex\319\atnthost.exe [2012-7-19 18592]
      R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg2013\avgidsagent.exe [2013-7-4 4939312]
      R2 avgwd;AVG WatchDog;c:\program files\avg\avg2013\avgwdsvc.exe [2013-7-23 283136]
      R2 FreemakeVideoCapture;FreemakeVideoCapture;c:\program files\freemake\capturelib\CaptureLibService.exe [2013-6-30 9216]
      R2 npf;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2011-2-11 35088]
      R2 sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm);c:\program files\verizondm\bin\sprtsvc.exe [2011-5-16 206120]
      R2 tgsrvc_verizondm;SupportSoft Repair Service (verizondm);c:\program files\verizondm\bin\tgsrvc.exe [2011-5-16 185640]
      R3 BBUpdate;BBUpdate;c:\program files\microsoft\bingbar\7.2.241.0\SeaPort.EXE [2013-7-23 240288]
      S2 BBSvc;BingBar Service;c:\program files\microsoft\bingbar\7.2.241.0\BBSvc.EXE [2013-7-23 193696]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S2 mrtRate;mrtRate; [x]
      S2 vToolbarUpdater15.5.0;vToolbarUpdater15.5.0;c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\toolbarupdater.exe --> c:\program files\common files\avg secure search\vtoolbarupdater\15.5.0\ToolbarUpdater.exe [?]
      S3 AVG Security Toolbar Service;AVG Security Toolbar Service;c:\program files\avg\avg10\toolbar\ToolbarBroker.exe [2011-4-8 1025352]
      S3 cpuz132;cpuz132;\??\c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys --> c:\docume~1\owner\locals~1\temp\cpuz132\cpuz132_x32.sys [?]
      S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-18 754856]
      .
      =============== File Associations ===============
      .
      ShellExec: FRONTPG.EXE: edit=c:\progra~1\mi1933~1\office\FRONTPG.EXE
      .
      =============== Created Last 30 ================
      .
      .
      ==================== Find3M ====================
      .
      2013-08-30 06:32:55 692104 ----a-w- c:\windows\system32\FlashPlayerApp.exe
      2013-08-30 06:32:51 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
      2013-08-30 05:27:27 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
      2013-08-03 18:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
      2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
      2013-07-26 02:47:13 43520 ------w- c:\windows\system32\licmgr10.dll
      2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
      2013-07-25 15:52:59 385024 ------w- c:\windows\system32\html.iec
      2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
      2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
      2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
      2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
      2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
      2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
      2013-07-04 02:59:11 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
      2013-07-04 02:08:30 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
      2013-06-23 18:24:29 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
      2013-06-23 18:24:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
      2013-06-23 18:24:26 789416 ----a-w- c:\windows\system32\deployJava1.dll
      2013-06-23 18:24:26 144896 ----a-w- c:\windows\system32\javacpl.cpl
      2006-08-04 00:41:23 774144 -c--a-w- c:\program files\RngInterstitial.dll
      2005-01-04 00:40:16 5473872 -c--a-w- c:\program files\msjavx86_3805.exe
      2004-12-29 05:05:52 149504 -c--a-w- c:\program files\cwshredder.exe
      .
      ============= FINISH: 17:01:59.07 ===============


      checkup.txt:
      Results of screen317's Security Check version 0.99.73
      Windows XP Service Pack 3 x86
      Internet Explorer 8
      ``````````````Antivirus/Firewall Check:``````````````
      Windows Firewall Enabled!
      AVG 2013
      `````````Anti-malware/Other Utilities Check:`````````
      Malwarebytes Anti-Malware version 1.75.0.1300
      CCleaner
      Java 7 Update 25
      Adobe Flash Player 11.8.800.94
      Adobe Reader 10.1.7 Adobe Reader out of Date!
      Mozilla Firefox (23.0.1)
      ````````Process Check: objlist.exe by Laurent````````
      AVG avgwdsvc.exe
      AVG avgrsx.exe
      AVG avgnsx.exe
      AVG avgemc.exe
      Verizon Online Dial 4.0 VisualIPInsight IPClient.exe
      Verizon Online Dial 4.0 VisualIPInsight IPMon32.exe
      `````````````````System Health check`````````````````
      Total Fragmentation on Drive C:: 8%
      ````````````````````End of Log``````````````````````

      Comment


      • #4
        Mooi zo

        Download of Update Ccleaner

        Start CCleaner op.
        • Run Ccleaner en klik in de linkse kolom op Opties
        • Selecteer het tabblad Geavanceerd
        • Haal het vinkje weg voor Verwijder alleen bestanden in Windows Temp-systeemmap die ouder zijn dan 24 uur
        • Haal het vinkje weg voor Verwijder alleen bestanden in de Prullenbak die ouder zijn dan 24 uur
        • Selecteer het tabblad Instellingen
        • Haal het vinkje weg bij "Computer automatisch schoonmaken...."
        • Klik in de linkse kolom op Cleaner.
        • Klik dan achtereenvolgens op Analyseer en Schoonmaken.
        • Klik vervolgens in de linkse kolom op Register
        • Klik op Scan naar problemen.
        • Als er fouten gevonden worden klik je op Herstel geselecteerde problemen
        • Hier kan de vraag verschijnen of je je register wil backuppen.Antwoord met Ja en OK

        .
        Herstart je PC.

        Hoe is het nu?
        Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
        E Dev * McAfee verwijderen. * Ccleaner * E-Peek

        Comment


        • #5
          Weinig verbetering helaas... Nog steeds pop-up-schermen, banners en ongevraagde nieuwe websites schermen. Wat is de volgende stap?

          Comment


          • #6
            Download Combofix en plaats het op je bureaublad.

            Extra nota... Zorg ervoor dat je Security software uitschakeld is tijdens het gebruik van Combofix.
            Dit omdat deze scanners bepaalde componenten die Combofix gebruikt, onterecht zien als geïnfecteerd en Combofix zullen blokkeren.


            Kijk hier indien je niet weet hoe je je Antivirus, Firewall en/of Antispywarescanner moet uitschakelen.


            Sluit ALLE vensters, ook je browser en laat Combofix rustig zijn werk doen.
            Open dus geen andere applicaties totdat Combofix de log heeft gepresenteert.

            Als Combofix vraagt om een update, dan staat je dit toe.

            Wanneer ComboFix klaar is met scannen, dit kan eventueel na een reboot zijn, opent er een logfile (combofix.txt).
            Deze kan je vinden als C:\combofix.txt.

            Post het Combofixlogje samen met een nieuw DDS logje in je volgende antwoord.

            * OPMERKING: Indien je één van de onderstaande meldingen krijgt na het gebruik van ComboFix, herstart dan de computer.
            • Er is geprobeerd een ongeldige bewerking uit te voeren op een registersleutel die is gemarkeerd voor verwijdering.
            • Illegal operation attempted on a registry key that has been marked for deletion.
            Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
            E Dev * McAfee verwijderen. * Ccleaner * E-Peek

            Comment


            • #7
              Onderstaand volgt het DDS logje. Ondanks verwoede pogingen is het niet gelukt om Combofix uit te voeren op mijn PC. De PC loopt telkens vast; vanochtend heb ik de PC moeten resetten omdat Combofix na 6 uur wachten nog steeds niet klaar was.
              DDS (Ver_2012-11-20.01) - NTFS_x86
              Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 10.25.2
              Run by Owner at 2:48:59 on 2013-09-11
              .
              ============== Running Processes ================
              .
              \??\C:\Program Files\AVG\AVG2013\avgrsx.exe
              C:\WINDOWS\system32\spoolsv.exe
              C:\WINDOWS\Explorer.EXE
              C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
              C:\windows\system\hpsysdrv.exe
              C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
              C:\WINDOWS\System32\hphmon05.exe
              C:\HP\KBD\KBD.EXE
              C:\WINDOWS\system32\VTTimer.exe
              C:\WINDOWS\AGRSMMSG.exe
              C:\WINDOWS\ALCXMNTR.EXE
              C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPClient.exe
              C:\Program Files\Verizon Online\Dial 4.0\VisualIPInsight\IPMon32.exe
              C:\Program Files\VERIZONDM\bin\sprtcmd.exe
              C:\Program Files\DivX\DivX Update\DivXUpdate.exe
              C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
              C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
              C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\PCShowServerPMWrapper.exe
              C:\WINDOWS\system32\ctfmon.exe
              C:\Documents and Settings\Owner\Local Settings\Application Data\DIRECTV Player\NDSPCShowServer.exe
              C:\Program Files\privoxy\privoxy.exe
              C:\WINDOWS\System32\gearsec.exe
              C:\Program Files\Java\jre7\bin\jqs.exe
              C:\Program Files\VERIZONDM\bin\sprtsvc.exe
              C:\Program Files\VERIZONDM\bin\tgsrvc.exe
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
              C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
              C:\WINDOWS\System32\alg.exe
              C:\WINDOWS\system32\wscntfy.exe
              C:\WINDOWS\system32\wuauclt.exe
              C:\WINDOWS\system32\wbem\wmiprvse.exe
              C:\WINDOWS\system32\svchost.exe -k DcomLaunch
              C:\WINDOWS\system32\svchost.exe -k rpcss
              C:\WINDOWS\System32\svchost.exe -k netsvcs
              C:\WINDOWS\System32\svchost.exe -k NetworkService
              C:\WINDOWS\system32\svchost.exe -k LocalService
              C:\WINDOWS\System32\svchost.exe -k imgsvc
              C:\WINDOWS\system32\svchost.exe -k netsvcs
              .
              ============== Pseudo HJT Report ===============
              .
              uStart Page = hxxp://www.google.com/
              uWindow Title = Microsoft Internet Explorer customized for Verizon Online
              uSearch Page = hxxp://cgi.verizon.net/bookmarks/bmredir.asp?region=east&bw=dialin&cd=4.0&bm=ho_search
              uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
              uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
              mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q304&bd=pavilion&pf=desktop
              uProxyServer = hxxp=127.0.0.1:8118
              uProxyOverride = localhost
              dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
              BHO: DivX Plus Web Player HTML5 <video>: {326E768D-4182-46FD-9C16-1449A49795F4} - c:\program files\divx\divx plus web player\ie\divxhtml5\DivXHTML5.dll
              BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre7\bin\ssv.dll
              BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
              BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre7\bin\jp2ssv.dll
              TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
              TB: HP view: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\hpdtlk02.dll
              TB: <No Name>: - LocalServer32 - <no file>
              EB: hp view: {8F4902B6-6C04-4ade-8052-AA58578A21BD} - c:\windows\system32\shdocvw.dll
              uRun: [SUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
              uRun: [BackupNotify] c:\program files\hp\digital imaging\bin\backupnotify.exe
              uRun: [PCShowServer] "c:\documents and settings\owner\local settings\application data\directv player\PCShowServerPMWrapper.exe"
              uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
              mRun: [hpsysdrv] c:\windows\system\hpsysdrv.exe
              mRun: [HP Component Manager] "c:\program files\hp\hpcoretech\hpcmpmgr.exe"
              mRun: [HPHmon05] c:\windows\system32\hphmon05.exe
              mRun: [KBD] c:\hp\kbd\KBD.EXE
              mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
              mRun: [Recguard] c:\windows\sminst\RECGUARD.EXE
              mRun: [VTTimer] VTTimer.exe
              mRun: [AGRSMMSG] AGRSMMSG.exe
              mRun: [PS2] c:\windows\system32\ps2.exe
              mRun: [AlcxMonitor] ALCXMNTR.EXE
              mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
              mRun: [IPInSightLAN 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPClient.exe" -l
              mRun: [IPInSightMonitor 01] "c:\program files\verizon online\dial 4.0\visualipinsight\IPMon32.exe"
              mRun: [VERIZONDM] "c:\program files\verizondm\bin\sprtcmd.exe" /P VERIZONDM
              mRun: [DivXUpdate] "c:\program files\divx\divx update\DivXUpdate.exe" /CHECKNOW
              mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
              mRun: [AVG_UI] "c:\program files\avg\avg2013\avgui.exe" /TRAYONLY
              mRun: [Privoxy] c:\program files\privoxy\starthelp.exe
              uPolicies-Explorer: NoDriveTypeAutoRun = dword:323
              uPolicies-Explorer: NoDriveAutoRun = dword:67108863
              mPolicies-Explorer: NoDriveAutoRun = dword:67108863
              mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
              mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1
              mPolicies-Explorer: NoDriveTypeAutoRun = dword:323
              mPolicies-Explorer: NoDriveAutoRun = dword:67108863
              IE: E&xport to Microsoft Excel - c:\progra~1\mi1933~1\office11\EXCEL.EXE/3000
              IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBC} - <orphaned>
              IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
              IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
              IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
              DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
              DPF: {CAFEEFAC-0017-0000-0025-ABCDEFFEDCBA} - hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
              TCP: NameServer = 192.168.1.1 192.168.1.1
              TCP: Interfaces\{FE5F6EAE-0EB3-4243-BE98-4214490819E7} : DHCPNameServer = 192.168.1.1 192.168.1.1
              Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
              Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
              Notify: igfxcui - igfxsrvc.dll
              SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
              SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
              .
              ================= FIREFOX ===================
              .
              FF - ProfilePath - c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\
              FF - prefs.js: browser.startup.homepage - www.google.com
              FF - prefs.js: keyword.URL - hxxp://www.basicserve.com/?prt=bscsrvlink5&sp=google&keywords=
              FF - plugin: c:\documents and settings\owner\local settings\application data\directv player\npPlayerPlugin.dll
              FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
              FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
              FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
              FF - plugin: c:\program files\java\jre7\bin\plugin2\npjp2.dll
              FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
              FF - plugin: c:\program files\real\realone player\netscape6\nppl3260.dll
              FF - plugin: c:\program files\real\realone player\netscape6\nprjplug.dll
              FF - plugin: c:\program files\real\realone player\netscape6\nprpjplug.dll
              FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_168.dll
              FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_8_800_94.dll
              FF - plugin: c:\windows\system32\npdeployJava1.dll
              FF - plugin: c:\windows\system32\npptools.dll
              FF - ExtSQL: 2013-08-30 00:00; [email protected]; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\[email protected]
              FF - ExtSQL: 2013-08-30 10:55; {03452453-8D4D-4075-B885-FA5FF997737A}; c:\documents and settings\owner\application data\mozilla\firefox\profiles\bv4gwmws.default-1370714463796\extensions\{03452453-8D4D-4075-B885-FA5FF997737A}
              .
              ============= SERVICES / DRIVERS ===============
              .
              R? AVG Security Toolbar Service;AVG Security Toolbar Service
              R? clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86
              R? cpuz132;cpuz132
              R? FreemakeVideoCapture;FreemakeVideoCapture
              R? mrtRate;mrtRate
              R? WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0
              S? !SASCORE;SAS Core Service
              S? AVGIDSAgent;AVGIDSAgent
              S? AVGIDSDriver;AVGIDSDriver
              S? AVGIDSHX;AVGIDSHX
              S? AVGIDSShim;AVGIDSShim
              S? Avgldx86;AVG AVI Loader Driver
              S? Avglogx;AVG Logging Driver
              S? Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield
              S? Avgrkx86;AVG Anti-Rootkit Driver
              S? Avgtdix;AVG TDI Driver
              S? avgtp;avgtp
              S? avgwd;AVG WatchDog
              S? npf;NetGroup Packet Filter Driver
              S? SASDIFSV;SASDIFSV
              S? SASKUTIL;SASKUTIL
              S? sprtsvc_verizondm;SupportSoft Sprocket Service (verizondm)
              S? tgsrvc_verizondm;SupportSoft Repair Service (verizondm)
              .
              =============== File Associations ===============
              .
              ShellExec: FRONTPG.EXE: edit=c:\progra~1\mi1933~1\office\FRONTPG.EXE
              .
              =============== Created Last 30 ================
              .
              .
              ==================== Find3M ====================
              .
              2013-09-11 05:32:59 692616 ----a-w- c:\windows\system32\FlashPlayerApp.exe
              2013-09-11 05:32:58 71048 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
              2013-08-30 05:27:27 37664 ----a-w- c:\windows\system32\drivers\avgtpx86.sys
              2013-08-03 18:18:38 1543680 ------w- c:\windows\system32\wmvdecod.dll
              2013-07-26 02:47:17 920064 ----a-w- c:\windows\system32\wininet.dll
              2013-07-26 02:47:13 43520 ------w- c:\windows\system32\licmgr10.dll
              2013-07-26 02:47:12 1469440 ------w- c:\windows\system32\inetcpl.cpl
              2013-07-25 15:52:59 385024 ------w- c:\windows\system32\html.iec
              2013-07-20 05:51:00 246072 ----a-w- c:\windows\system32\drivers\avglogx.sys
              2013-07-20 05:50:56 60216 ----a-w- c:\windows\system32\drivers\avgidshx.sys
              2013-07-20 05:50:56 208184 ----a-w- c:\windows\system32\drivers\avgidsdriverx.sys
              2013-07-20 05:50:50 171320 ----a-w- c:\windows\system32\drivers\avgldx86.sys
              2013-07-10 10:37:53 406016 ----a-w- c:\windows\system32\usp10.dll
              2013-07-10 05:32:40 39224 ----a-w- c:\windows\system32\drivers\avgrkx86.sys
              2013-07-04 02:59:11 2193536 ----a-w- c:\windows\system32\ntoskrnl.exe
              2013-07-04 02:08:30 2070144 ----a-w- c:\windows\system32\ntkrnlpa.exe
              2013-06-23 18:24:29 94632 ----a-w- c:\windows\system32\WindowsAccessBridge.dll
              2013-06-23 18:24:26 867240 ----a-w- c:\windows\system32\npdeployJava1.dll
              2013-06-23 18:24:26 789416 ----a-w- c:\windows\system32\deployJava1.dll
              2013-06-23 18:24:26 144896 ----a-w- c:\windows\system32\javacpl.cpl
              2006-08-04 00:41:23 774144 -c--a-w- c:\program files\RngInterstitial.dll
              2005-01-04 00:40:16 5473872 -c--a-w- c:\program files\msjavx86_3805.exe
              2004-12-29 05:05:52 149504 -c--a-w- c:\program files\cwshredder.exe
              .
              ============= FINISH: 2:53:15.48 ===============

              Comment


              • #8
                Hier kan ik niets mee .
                Zelfs de DDS is niet volledig.

                Als het echt zo slecht gesteld is, dan is het beste advies dat ik je kan geven: herintstalleer je systeem

                Download Delfix by Xplode naar het bureaublad.

                Dubbelklik op Delfix.exe om de tool te starten.
                Vink de volgende items aan:
                • Activate UAC
                • Remove disinfection tools
                • Create registry backup
                • Purge System Restore
                • Reset system settings

                Klik op "Run" en wacht geduldig tot de tool gereed is.
                Wanneer de tool gereed is wordt er een logbestand aangemaakt.
                Deze moet je niet plaatsen..


                1) Je mag alle losse bestanden en tools die we hebben gebruikt verwijderen.

                2) Om herbesmetting te vermijden, kan je deze tips eens nalezen:

                Het voorkomen van spyware-infecties en browserhijacking en Hoe voorkom ik een nieuwe infectie?

                3) Om je PC een snelle onderhoudbeurt te geven, kan je deze tips eens lezen: Handleiding voor een schone PC

                4) Allerlei tips en hints kan je hier raadplegen.


                Ik zet het topic op opgelost.

                Indien er niet meer gereageerd wordt, zal binnen een 3-tal dagen deze thread automatisch verplaatst worden
                naar de sectie Opgeloste hijackthislogs en is een reactie niet meer mogelijk
                Dit is gedaan om het forum netjes en overzichtelijk te houden.

                Blijkt dat er toch nog problemen zijn, en je wil weer reageren in dit topic, dan stuur je me een privé bericht met verzoek om heropening.



                Hebben we je goed geholpen? Overweeg eens een (vrijblijvende) donatie aan Nucia

                Emphyrio
                Malware Research [email protected] (MBAM) ..... ASAP & Unite Member
                E Dev * McAfee verwijderen. * Ccleaner * E-Peek

                Comment

                Sorry, you are not authorized to view this page
                Working...
                X